ask.fm Open in urlscan Pro
193.138.77.142 Public Scan

URL:
https://ask.fm/zipperdragon8103
Submission: On May 25 via manual (May 25th 2021, 4:34:01 am UTC) from CA

Summary HTTP 324 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 81 IPs in 12 countries across 61 domains to perform 324 HTTP transactions. The main IP is 193.138.77.142, located in Latvia and belongs to ASK-FM, US. The main domain is ask.fm.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on July 30th 2020. Valid for: a year.

This is the only time ask.fm was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	193.138.77.142 193.138.77.142	395754 (ASK-FM) (ASK-FM)
8	2600:9000:21f... 2600:9000:21f3:8800:11:3771:2e40:21	16509 (AMAZON-02) (AMAZON-02)
6 24	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2	2600:9000:20e... 2600:9000:20eb:d600:7:6e4f:6cc0:21	16509 (AMAZON-02) (AMAZON-02)
1	2.16.186.113 2.16.186.113	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
4 14	185.33.220.241 185.33.220.241	29990 (ASN-APPNEX) (ASN-APPNEX)
3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	185.86.138.16 185.86.138.16	201081 (SMARTADSE...) (SMARTADSERVER)
3	2.21.111.28 2.21.111.28	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	46.249.52.249 46.249.52.249	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
2 6	185.86.139.58 185.86.139.58	201081 (SMARTADSE...) (SMARTADSERVER)
2	2a03:2880:f03... 2a03:2880:f030:13:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:da00:6:b871:4f00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:21f... 2600:9000:21f3:4800:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
4	23.111.211.20 23.111.211.20	7979 (SERVERS-COM) (SERVERS-COM)
4	85.215.2.53 85.215.2.53	6724 (STRATO ST...) (STRATO STRATO AG)
1	2a03:2880:f13... 2a03:2880:f130:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	23.111.115.172 23.111.115.172	7979 (SERVERS-COM) (SERVERS-COM)
18	23.111.115.244 23.111.115.244	7979 (SERVERS-COM) (SERVERS-COM)
1	2a02:6ea0:c70... 2a02:6ea0:c700::1	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
2	23.111.115.236 23.111.115.236	7979 (SERVERS-COM) (SERVERS-COM)
2	176.99.5.169 176.99.5.169	49352 (LOGOL-AS) (LOGOL-AS)
1 5	195.209.108.35 195.209.108.35	52007 (ADRIVER-AS) (ADRIVER-AS)
48	35.186.238.232 35.186.238.232	15169 (GOOGLE) (GOOGLE)
11	92.38.138.105 92.38.138.105	199524 (GCORE) (GCORE)
1 2	185.15.175.134 185.15.175.134	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 3	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	144.76.120.254 144.76.120.254	24940 (HETZNER-AS) (HETZNER-AS)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
3	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
3	2606:4700:10:... 2606:4700:10::6816:37ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	136.144.59.88 136.144.59.88	54825 (PACKET) (PACKET)
2 11	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
13 15	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
3 4	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
1 4	72.21.206.140 72.21.206.140	16509 (AMAZON-02) (AMAZON-02)
1 1	2a02:fa8:8806... 2a02:fa8:8806:20::2040	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	52.57.110.162 52.57.110.162	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1 2	35.170.231.210 35.170.231.210	14618 (AMAZON-AES) (AMAZON-AES)
4	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba28	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
1	168.119.149.178 168.119.149.178	24940 (HETZNER-AS) (HETZNER-AS)
2	2a04:4e42::729 2a04:4e42::729	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
4	2a04:4e42:200... 2a04:4e42:200::621	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
5 12	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
2	52.58.124.95 52.58.124.95	16509 (AMAZON-02) (AMAZON-02)
1	92.223.103.37 92.223.103.37	199524 (GCORE) (GCORE)
2	92.223.103.250 92.223.103.250	199524 (GCORE) (GCORE)
1	92.38.138.123 92.38.138.123	199524 (GCORE) (GCORE)
2	168.119.138.39 168.119.138.39	24940 (HETZNER-AS) (HETZNER-AS)
2	185.94.180.124 185.94.180.124	35220 (SPOTX-AMS) (SPOTX-AMS)
2	92.223.106.16 92.223.106.16	199524 (GCORE) (GCORE)
3	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	77.109.110.134 77.109.110.134	9031 (EDPNET) (EDPNET)
2	2a00:1148:db0... 2a00:1148:db00::28	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba1a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	185.33.220.145 185.33.220.145	29990 (ASN-APPNEX) (ASN-APPNEX)
2 4	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
12	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
6 9	37.157.6.242 37.157.6.242	198622 (ADFORM) (ADFORM)
2	213.155.156.183 213.155.156.183	1299 (TELIANET ...) (TELIANET Telia Carrier)
2	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 4	185.29.135.190 185.29.135.190	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
6	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER)
6	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
2	185.64.190.75 185.64.190.75	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	51.222.80.231 51.222.80.231	16276 (OVH) (OVH)
2 2	18.198.126.47 18.198.126.47	16509 (AMAZON-02) (AMAZON-02)
324	81

5 193.138.77.142 (Latvia)

ASN395754 (ASK-FM, US)

ask.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:21f3:8800:11:3771:2e40:21 (United States)

ASN16509 (AMAZON-02, US)

d3r6ceqp4shltl.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a02:6b8::1:119 (Moscow, Russian Federation) 6 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:d600:7:6e4f:6cc0:21 (United States)

ASN16509 (AMAZON-02, US)

d2f6o1s2veeoj7.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.113 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-113.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:3::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 185.33.220.241 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

askfm-usd-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
viralize-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.16 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.21.111.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-111-28.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.249.52.249 (Netherlands) 2 redirects

ASN50673 (SERVERIUS-AS, NL)

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.console.adtarget.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.86.139.58 (France) 2 redirects

ASN201081 (SMARTADSERVER, FR)

www8.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f030:13:face:b00c:0:3 (France)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:da00:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:4800:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.111.211.20 (Russian Federation)

ASN7979 (SERVERS-COM, US)

viadata.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pl.viadata.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 85.215.2.53 (Germany)

ASN6724 (STRATO STRATO AG, DE)

askfm.adspirit.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f130:83:face:b00c:0:25de (France)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.111.115.172 (Russian Federation)

ASN7979 (SERVERS-COM, US)

cdn.viadata.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 23.111.115.244 (Russian Federation)

ASN7979 (SERVERS-COM, US)

logs.viadata.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::1 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)

cdn.adspirit.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.115.236 (Russian Federation)

ASN7979 (SERVERS-COM, US)

rtb-msk-2.viadata.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 176.99.5.169 (Russian Federation)

ASN49352 (LOGOL-AS, RU)

vtg1.rktch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 195.209.108.35 (Russian Federation) 1 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 35.186.238.232 (Kansas City, United States)

ASN15169 (GOOGLE, US)

ads.viralize.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 92.38.138.105 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)

moevideo.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.134 (Russian Federation) 1 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 144.76.120.254 (Germany)

ASN24940 (HETZNER-AS, DE)

serving.stat-rock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:37ce (United States)

ASN13335 (CLOUDFLARENET, US)

i.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-eu.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.144.59.88 (Secaucus, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.185.194 (United States) 13 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.248.242.197 (United States) 3 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 72.21.206.140 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: 206-140.amazon.com

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2040 (United States) 1 redirects

ASN41041 (VCLK-EU-SE, US)

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.110.162 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-110-162.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:f916:5049:f87f:108e (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.170.231.210 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-231-210.compute-1.amazonaws.com

um2.eqads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00::210:ba28 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

static.viralize.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::90 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.149.178 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.178.149.119.168.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)

cdn.ravenjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:200::621 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2.18.234.233 (Frankfurt am Main, Germany) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.124.95 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.223.103.37 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)

playreplay.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.223.103.250 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)

thesame.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
playreplay.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.38.138.123 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)

cs-0.moevideo.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 168.119.138.39 (Germany)

ASN24940 (HETZNER-AS, DE)

s.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.124 (United States)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.223.106.16 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)

moe.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.109.110.134 (Brussels, Belgium)

ASN9031 (EDPNET, BE)

content.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1148:db00::28 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

r.mradx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba1a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

creatives.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.145 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.64.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

viralize-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

vpaid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aktrack.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.157.6.242 (Denmark) 6 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.183 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.29.135.190 (United Kingdom) 4 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.75 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

vid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.222.80.231 (Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: ns574734.ip-51-222-80.net

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.126.47 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	viralize.tv ads.viralize.tv static.viralize.tv	408 KB
30	pubmatic.com vpaid.pubmatic.com ads.pubmatic.com image6.pubmatic.com image4.pubmatic.com image2.pubmatic.com simage2.pubmatic.com vid.pubmatic.com aktrack.pubmatic.com Failed	154 KB
28	viadata.store viadata.store cdn.viadata.store logs.viadata.store pl.viadata.store rtb-msk-2.viadata.store emea.viadata.store Failed	185 KB
21	yandex.com 4 redirects mc.yandex.com	5 KB
17	adnxs.com 4 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	35 KB
15	stickyadstv.com 5 redirects ads.stickyadstv.com cdn.stickyadstv.com	258 KB
15	doubleclick.net 13 redirects cm.g.doubleclick.net	2 KB
14	adform.net 6 redirects adx.adform.net c1.adform.net	7 KB
12	moevideo.biz moevideo.biz cs-0.moevideo.biz	389 KB
12	casalemedia.com 2 redirects htlb.casalemedia.com ssum-sec.casalemedia.com dsum-sec.casalemedia.com dsum.casalemedia.com	10 KB
10	cloudfront.net d3r6ceqp4shltl.cloudfront.net d2f6o1s2veeoj7.cloudfront.net	844 KB
8	mail.ru ad.mail.ru	3 KB
8	criteo.com 1 redirects bidder.criteo.com gum.criteo.com mug.criteo.com dis.criteo.com	2 KB
8	smartadserver.com 2 redirects prg.smartadserver.com www8.smartadserver.com	6 KB
7	adriver.ru 1 redirects ad.adriver.ru content.adriver.ru	34 KB
7	openx.net 2 redirects askfm-usd-d.openx.net viralize-d.openx.net	2 KB
7	yandex.ru 2 redirects mc.yandex.ru an.yandex.ru	145 KB
6	stat-rock.com serving.stat-rock.com	96 KB
5	adspirit.de askfm.adspirit.de cdn.adspirit.de	39 KB
5	ask.fm ask.fm	24 KB
4	mathtag.com 4 redirects sync.mathtag.com	2 KB
4	polyfill.io polyfill.io	958 B
4	googleapis.com ajax.googleapis.com imasdk.googleapis.com	296 KB
4	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	2 KB
4	adsrvr.org 3 redirects match.adsrvr.org	2 KB
4	e-planning.net 2 redirects ads.us.e-planning.net	3 KB
3	yastatic.net yastatic.net	135 KB
3	richaudience.com sync.richaudience.com s.richaudience.com	1 KB
3	connectad.io i.connectad.io cdn.connectad.io sync-eu.connectad.io	1 KB
3	onetag-sys.com onetag-sys.com	1 KB
3	optad360.io cmp.optad360.io get.optad360.io	532 KB
3	jsdelivr.net cdn.jsdelivr.net	3 KB
3	sascdn.com ced.sascdn.com creatives.sascdn.com	12 KB
2	exelator.com 2 redirects loada.exelator.com	2 KB
2	onaudience.com 1 redirects pixel.onaudience.com	736 B
2	yahoo.com pr-bh.ybp.yahoo.com	677 B
2	simpli.fi um.simpli.fi	1 KB
2	de17a.com d5p.de17a.com	268 B
2	mradx.net r.mradx.net	78 KB
2	google-analytics.com www.google-analytics.com	38 KB
2	moe.video moe.video	14 KB
2	spotxchange.com search.spotxchange.com	2 KB
2	360yield.com ice.360yield.com	672 B
2	ravenjs.com cdn.ravenjs.com	19 KB
2	eqads.com 1 redirects um2.eqads.com	563 B
2	w55c.net 2 redirects pm.w55c.net	1 KB
2	indexww.com js-sec.indexww.com	2 KB
2	criteo.net static.criteo.net	53 KB
2	digitaltarget.ru 1 redirects dmg.digitaltarget.ru	1 KB
2	rktch.com vtg1.rktch.com	834 B
2	facebook.net connect.facebook.net	66 KB
2	adtarget.com.tr ghb.console.adtarget.com.tr	2 KB
1	playreplay.net playreplay.net	332 B
1	thesame.tv thesame.tv	332 B
1	playreplay.me playreplay.me	332 B
1	quantserve.com 1 redirects pixel.quantserve.com	511 B
1	dotomi.com 1 redirects casale-match.dotomi.com	186 B
1	a-mo.net prebid.a-mo.net	359 B
1	facebook.com www.facebook.com	297 B
1	googletagmanager.com www.googletagmanager.com	32 KB
0	everesttech.net Failed sync-tm.everesttech.net Failed
324	61

	Domain	Requested by
48	ads.viralize.tv	ask.fm static.viralize.tv cdn.ravenjs.com
21	mc.yandex.com	4 redirects ask.fm mc.yandex.ru
18	logs.viadata.store
15	cm.g.doubleclick.net	13 redirects
14	ib.adnxs.com	4 redirects d2f6o1s2veeoj7.cloudfront.net get.optad360.io acdn.adnxs.com
12	ads.stickyadstv.com	5 redirects cdn.ravenjs.com cdn.stickyadstv.com
11	moevideo.biz	ask.fm moevideo.biz
9	c1.adform.net	6 redirects ads.pubmatic.com
8	ad.mail.ru	d2f6o1s2veeoj7.cloudfront.net moevideo.biz r.mradx.net
8	d3r6ceqp4shltl.cloudfront.net	ask.fm d3r6ceqp4shltl.cloudfront.net
6	simage2.pubmatic.com	ads.pubmatic.com
6	image2.pubmatic.com	ads.pubmatic.com
6	ads.pubmatic.com	vpaid.pubmatic.com ads.pubmatic.com
6	serving.stat-rock.com	get.optad360.io
6	www8.smartadserver.com	2 redirects ced.sascdn.com ask.fm
5	viralize-d.openx.net	2 redirects cdn.ravenjs.com
5	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com um2.eqads.com
5	adx.adform.net	get.optad360.io cdn.ravenjs.com
5	ad.adriver.ru	1 redirects ask.fm content.adriver.ru
5	ask.fm	d3r6ceqp4shltl.cloudfront.net serving.stat-rock.com
4	sync.mathtag.com	4 redirects
4	vpaid.pubmatic.com	cdn.ravenjs.com static.viralize.tv
4	polyfill.io	static.viralize.tv ask.fm
4	an.yandex.ru	ask.fm an.yandex.ru
4	static.viralize.tv	ask.fm static.viralize.tv
4	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
4	match.adsrvr.org	3 redirects ssum-sec.casalemedia.com ads.pubmatic.com
4	cdn.viadata.store	ask.fm cdn.viadata.store
4	askfm.adspirit.de	ask.fm
4	ads.us.e-planning.net	2 redirects ask.fm
3	cdn.stickyadstv.com	static.viralize.tv cdn.stickyadstv.com
3	yastatic.net	an.yandex.ru
3	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com ssum-sec.casalemedia.com
3	onetag-sys.com	get.optad360.io
3	gum.criteo.com	1 redirects static.criteo.net
3	htlb.casalemedia.com	d2f6o1s2veeoj7.cloudfront.net get.optad360.io
3	cdn.jsdelivr.net	d2f6o1s2veeoj7.cloudfront.net get.optad360.io
3	mc.yandex.ru	2 redirects d3r6ceqp4shltl.cloudfront.net
2	loada.exelator.com	2 redirects
2	pixel.onaudience.com	1 redirects ads.pubmatic.com
2	aktrack.pubmatic.com
2	vid.pubmatic.com	vpaid.pubmatic.com
2	pr-bh.ybp.yahoo.com	ads.pubmatic.com
2	um.simpli.fi	ads.pubmatic.com
2	image4.pubmatic.com	ads.pubmatic.com
2	dis.criteo.com	ads.pubmatic.com
2	d5p.de17a.com	ads.pubmatic.com
2	image6.pubmatic.com	ads.pubmatic.com
2	secure.adnxs.com	cdn.ravenjs.com
2	creatives.sascdn.com
2	r.mradx.net	ad.mail.ru
2	content.adriver.ru	moevideo.biz
2	www.google-analytics.com	moevideo.biz
2	moe.video	moevideo.biz
2	search.spotxchange.com	cdn.ravenjs.com
2	s.richaudience.com	cdn.ravenjs.com
2	ice.360yield.com	cdn.ravenjs.com
2	imasdk.googleapis.com	static.viralize.tv
2	ajax.googleapis.com	static.viralize.tv
2	cdn.ravenjs.com	static.viralize.tv
2	um2.eqads.com	1 redirects ssum-sec.casalemedia.com
2	pm.w55c.net	2 redirects
2	js-sec.indexww.com	get.optad360.io ssum-sec.casalemedia.com
2	mug.criteo.com
2	static.criteo.net	d2f6o1s2veeoj7.cloudfront.net static.criteo.net
2	dmg.digitaltarget.ru	1 redirects
2	vtg1.rktch.com	ask.fm
2	rtb-msk-2.viadata.store	ask.fm
2	pl.viadata.store	ask.fm
2	viadata.store	d3r6ceqp4shltl.cloudfront.net ask.fm
2	get.optad360.io	d3r6ceqp4shltl.cloudfront.net get.optad360.io
2	connect.facebook.net	d3r6ceqp4shltl.cloudfront.net connect.facebook.net
2	ghb.console.adtarget.com.tr	d2f6o1s2veeoj7.cloudfront.net
2	prg.smartadserver.com	d2f6o1s2veeoj7.cloudfront.net
2	askfm-usd-d.openx.net	d2f6o1s2veeoj7.cloudfront.net
2	d2f6o1s2veeoj7.cloudfront.net	d3r6ceqp4shltl.cloudfront.net
1	playreplay.net	moevideo.biz
1	cs-0.moevideo.biz	moevideo.biz
1	thesame.tv	moevideo.biz
1	playreplay.me	moevideo.biz
1	sync.richaudience.com	ask.fm
1	pixel.quantserve.com	1 redirects
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	casale-match.dotomi.com	1 redirects
1	sync-eu.connectad.io	cdn.connectad.io
1	acdn.adnxs.com	get.optad360.io
1	cdn.connectad.io	get.optad360.io
1	prebid.a-mo.net	get.optad360.io
1	i.connectad.io	get.optad360.io
1	cdn.adspirit.de	askfm.adspirit.de
1	www.facebook.com
1	cmp.optad360.io	d3r6ceqp4shltl.cloudfront.net
1	www.googletagmanager.com	d3r6ceqp4shltl.cloudfront.net
1	bidder.criteo.com	d2f6o1s2veeoj7.cloudfront.net
1	ced.sascdn.com	d3r6ceqp4shltl.cloudfront.net
0	sync-tm.everesttech.net Failed
0	emea.viadata.store Failed	ask.fm
324	97

This site contains links to these domains. Also see Links.

Domain
about.ask.fm
lap78.ask.fm
safety.ask.fm
support.ask.fm
www.facebook.com
instagram.com
twitter.com
vk.com

Subject Issuer	Validity	Valid
*.ask.fm AlphaSSL CA - SHA256 - G2	`2020-07-30` - `2021-09-27`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
*.sascdn.com DigiCert Secure Site ECC CA-1	`2020-10-14` - `2021-11-11`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-05-18` - `2022-03-26`	10 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
ads.us.e-planning.net R3	`2021-05-24` - `2021-08-22`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2020-11-13` - `2021-11-17`	a year	crt.sh
ghb.console.adtarget.com.tr ZeroSSL ECC Domain Secure Site CA	`2021-05-17` - `2021-08-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.optad360.io Amazon	`2020-12-17` - `2022-01-15`	a year	crt.sh
*.viadata.store Sectigo RSA Domain Validation Secure Server CA	`2020-11-17` - `2021-11-27`	a year	crt.sh
*.adspirit.de Sectigo RSA Organization Validation Secure Server CA	`2019-03-12` - `2021-06-09`	2 years	crt.sh
vtg1.rktch.com R3	`2021-05-20` - `2021-08-18`	3 months	crt.sh
*.adriver.ru RapidSSL RSA CA 2018	`2020-04-03` - `2022-04-24`	2 years	crt.sh
*.viralize.tv Sectigo RSA Domain Validation Secure Server CA	`2019-10-21` - `2021-11-18`	2 years	crt.sh
*.moevideo.biz AlphaSSL CA - SHA256 - G2	`2021-04-27` - `2022-05-29`	a year	crt.sh
dmg.digitaltarget.ru R3	`2021-03-24` - `2021-06-22`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
serving.stat-rock.com R3	`2021-04-18` - `2021-07-17`	3 months	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
onetag-sys.com R3	`2021-05-02` - `2021-07-31`	3 months	crt.sh
connectad.io Cloudflare Inc ECC CA-3	`2021-05-16` - `2022-05-15`	a year	crt.sh
*.a-mo.net R3	`2021-05-11` - `2021-08-09`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
um3.eqads.com Amazon	`2020-07-24` - `2021-08-24`	a year	crt.sh
cdn.viralize.tv R3	`2021-03-24` - `2021-06-22`	3 months	crt.sh
bs.yandex.ru Yandex CA	`2020-12-17` - `2021-06-17`	6 months	crt.sh
*.richaudience.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-17` - `2022-03-16`	a year	crt.sh
cdn.ravenjs.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-02-22` - `2022-03-26`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-11-17`	a year	crt.sh
*.yastatic.net Yandex CA	`2021-03-03` - `2021-09-01`	6 months	crt.sh
*.360yield.com Amazon	`2020-08-26` - `2021-09-26`	a year	crt.sh
*.playreplay.me AlphaSSL CA - SHA256 - G2	`2021-02-11` - `2022-03-15`	a year	crt.sh
*.thesame.tv AlphaSSL CA - SHA256 - G2	`2020-07-02` - `2021-07-03`	a year	crt.sh
*.playreplay.net AlphaSSL CA - SHA256 - G2	`2020-10-01` - `2021-11-02`	a year	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2021-03-10` - `2022-03-29`	a year	crt.sh
*.moe.video AlphaSSL CA - SHA256 - G2	`2021-01-15` - `2022-02-16`	a year	crt.sh
*.stickyadstv.com DigiCert SHA2 High Assurance Server CA	`2019-11-25` - `2022-02-18`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.mradx.net GeoTrust RSA CA 2018	`2019-07-17` - `2021-08-15`	2 years	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.de17a.com Sectigo ECC Domain Validation Secure Server CA	`2020-11-25` - `2021-12-25`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.onaudience.com Certyfikat SSL	`2020-05-28` - `2021-05-28`	a year	crt.sh

This page contains 35 frames:

Primary Page: https://ask.fm/zipperdragon8103
Frame ID: B56F5D36ACCFF7BCEF92650CD100A562
Requests: 86 HTTP requests in this frame

Frame: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js
Frame ID: 822812DF698DF50F5327C1E99B04FCDD
Requests: 16 HTTP requests in this frame

Frame: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js
Frame ID: ECA0E25CE9F925FF36FB4F7588A2DD92
Requests: 11 HTTP requests in this frame

Frame: https://askfm.adspirit.de/adscript.php?pid=24
Frame ID: FE6CF220262E651A41106261E8C73D2D
Requests: 5 HTTP requests in this frame

Frame: https://cdn.viadata.store/js/player/210323.js
Frame ID: 4EE47BD5207815435D53D3B1C11C1739
Requests: 32 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ask.fm
Frame ID: 73A754B85ADEB9AB9471D2801E401A61
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 3CC73A577AF01AD41192AFE712831BAD
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 392C25AD663FD9779A96D95685FBEF92
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1621917224181
Frame ID: F2B9CF6C7C409847BEABF5CE461A76B3
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 13C6DB1390493C2392B565C3E2E0DDB9
Requests: 3 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1
Frame ID: D1F09E40546B5AFF8F1EC161B90835D7
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 44969A40591775E003C750F4B9FDD41B
Requests: 9 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 60332FF2F3777B93F7C8191EB8031349
Requests: 2 HTTP requests in this frame

Frame: https://static.viralize.tv/viralize_vpaid.min.d7315bd0.js?e=ops
Frame ID: 2EBB2B4C841F5589EB5452F9B1A63C0F
Requests: 2 HTTP requests in this frame

Frame: https://moevideo.biz/embed/player/1661/vpaid/vpaid.min.js
Frame ID: 2D9893B631BE2EA865C766C46EFC5066
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ravenjs.com/3.17.0/raven.min.js
Frame ID: 2675791AD7BB56A6A56A22C6E4F8F9ED
Requests: 43 HTTP requests in this frame

Frame: https://moevideo.biz/embed/vpaid?token=MKG0bEY%2BZwN8zH63ODP2UGPHn7Es9siGaze%2BmiO0DpVMchkywVii1mIri62dTGgw&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fzipperdragon8103&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Frame ID: C0A0AD772D9E8252AF7D05BFEEA14DE6
Requests: 17 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: 328E0E6F5D56E06AC90D4E9E77015A46
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 6A6A57231158AE3FB5BB19DD28AEDB80
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=718977&adId=2944653&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917228
Frame ID: 0077FA0283B088C131F66DD362E05BED
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: AFDEC3DD81F31F8B05DAB7C20E17A5D9
Requests: 13 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D04B26AA-CECE-446F-9742-FB18C01113AA
Frame ID: A6B405502233A1AB16EE6D8FE68235DC
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: C74675543661F271A6CEE2B4BC8C1DCE
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 2DC1EADDD4F120A45C67E3E78AD6C2ED
Requests: 1 HTTP requests in this frame

Frame: https://static.viralize.tv/viralize_vpaid.min.d7315bd0.js
Frame ID: 2C1D05215554119A28E75F0BA63C58D3
Requests: 2 HTTP requests in this frame

Frame: https://moevideo.biz/embed/player/1661/vpaid/vpaid.min.js
Frame ID: 380E8243448A36871AB8A51240AE9664
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ravenjs.com/3.17.0/raven.min.js
Frame ID: 8A3ED702A1C6C75E746AD73E4610905F
Requests: 39 HTTP requests in this frame

Frame: https://moevideo.biz/embed/vpaid?token=jeJkSND68%2BRIHXvZtynaYI0f3jDRZqyIOY6Gy8Bp2jlEk%2Bytm6wGtYEaKnysogYs&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fzipperdragon8103&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Frame ID: BD8F9320A005156C337DD3E69E513F17
Requests: 10 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 6EB5F5E26E9A5B26CBE08D0F6C516BCC
Requests: 4 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: 4151B038B523C135F3ED9EF3953374A4
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917231
Frame ID: 4CF3F3DB762FA08DEF118B92EBA33F7D
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: CCDB0CA4B1EE471BAB81FDC5B8415187
Requests: 13 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=324B9BE1-F4D9-4B20-BD92-D681552EAC0B
Frame ID: 7946FE648FCD0300C4A5682E97083004
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: C70A7424FD4B979577D4A859C2258265
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 7D6BA01EC429522C9B6F1067FEC9843C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ruby (Programming Languages) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Page Statistics

324
Requests

98 %
HTTPS

34 %
IPv6

61
Domains

97
Subdomains

81
IPs

12
Countries

3928 kB
Transfer

9627 kB
Size

8
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://about.ask.fm/cookie-policy/?lang=en
Title: Cookies

Search URL Search Domain Scan URL

URL: https://lap78.ask.fm/goto/50aiCfb4fe-ICCd0iH3t-5oooBXM8euF_wv5oOD01yvOOQsyH5EScB7Z4RdtJDhoEgnGId81_A==
Title: https://www.mindsumo.com/user/pilot-diary

Search URL Search Domain Scan URL

URL: https://about.ask.fm/?lang=en
Title: About ASKfm

Search URL Search Domain Scan URL

URL: https://about.ask.fm/terms/?lang=en
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://safety.ask.fm/?lang=en
Title: Safety center

Search URL Search Domain Scan URL

URL: https://about.ask.fm/privacy-policy/?lang=en
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://about.ask.fm/transparency-report/?lang=en
Title: Transparency report

Search URL Search Domain Scan URL

URL: https://support.ask.fm/
Title: Help

Search URL Search Domain Scan URL

URL: https://www.facebook.com/askfmpage

Search URL Search Domain Scan URL

URL: https://instagram.com/askfm

Search URL Search Domain Scan URL

URL: https://twitter.com/askfm

Search URL Search Domain Scan URL

URL: https://vk.com/askfm

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9283.yBUgiu_fcTnRdlL0_UFbdD_I4_OCgQQzWsjNEp4QmxYmMd4TlUUxYDOoMnAtJVrz.XHKI_6GL8Fmc2oQb_wYWV8XaXvU%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9283.ACKgVxQK-eoMyXe8qOSICcS5JnlKwFwQ5A2oVtclzkxufNfCl95l1dmbMofxuiO2PhDa7lT1gszpZ2QdShuWvw%2C%2C.xsOuRDEr3M37LFbYjOpuSKhAZpk%2C

Request Chain 20

https://ads.us.e-planning.net/hb/1/2d2b8/1/ask.fm/ROS?rnd=0.5411502042078329&e=300x600_0%3A300x600%2C300x250%2C336x280%2C336x228%2C250x250%2C200x200%2C320x568%2C250x360%2C300x300%2C250x600%2C320x320%2C320x250%2C300x150&ur=https%3A%2F%2Fask.fm%2Fzipperdragon8103&r=pbjs&pbv=3.27.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fask.fm%2Fzipperdragon8103&gdpr=0 HTTP 302
https://ads.us.e-planning.net/hb/1/2d2b8/1/ask.fm/ROS?ct=1&rnd=0.5411502042078329&e=300x600_0%3A300x600%2C300x250%2C336x280%2C336x228%2C250x250%2C200x200%2C320x568%2C250x360%2C300x300%2C250x600%2C320x320%2C320x250%2C300x150&ur=https%3A%2F%2Fask.fm%2Fzipperdragon8103&r=pbjs&pbv=3.27.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fask.fm%2Fzipperdragon8103&gdpr=0

Request Chain 33

https://ads.us.e-planning.net/hb/1/2d2b8/1/ask.fm/ROS?rnd=0.9163445112451596&e=300x250_0%3A300x250%2C336x280%2C336x228%2C250x250%2C200x200%2C250x360%2C300x300%2C320x320%2C320x250%2C300x150&ur=https%3A%2F%2Fask.fm%2Fzipperdragon8103&r=pbjs&pbv=3.27.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fask.fm%2Fzipperdragon8103&gdpr=0 HTTP 302
https://ads.us.e-planning.net/hb/1/2d2b8/1/ask.fm/ROS?ct=1&rnd=0.9163445112451596&e=300x250_0%3A300x250%2C336x280%2C336x228%2C250x250%2C200x200%2C250x360%2C300x300%2C320x320%2C320x250%2C300x150&ur=https%3A%2F%2Fask.fm%2Fzipperdragon8103&r=pbjs&pbv=3.27.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fask.fm%2Fzipperdragon8103&gdpr=0

Request Chain 38

https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fzipperdragon8103&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A708%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A523%3Acn%3A1%3Adp%3A0%3Als%3A1612746507229%3Ahid%3A896397683%3Az%3A120%3Ai%3A20210525063340%3Aet%3A1621917221%3Ac%3A1%3Arn%3A256530699%3Au%3A1621917221598797747%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621917219823%3Ads%3A1%2C304%2C195%2C1%2C0%2C0%2C%2C83%2C91%2C%2C%2C%2C587%3Adsn%3A1%2C304%2C195%2C1%2C0%2C0%2C%2C85%2C90%2C%2C%2C%2C587%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621917221%3At%3Amangumphulynch%20(%40zipperdragon8103)%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm HTTP 302
https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fzipperdragon8103&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A708%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A523%3Acn%3A1%3Adp%3A0%3Als%3A1612746507229%3Ahid%3A896397683%3Az%3A120%3Ai%3A20210525063340%3Aet%3A1621917221%3Ac%3A1%3Arn%3A256530699%3Au%3A1621917221598797747%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621917219823%3Ads%3A1%2C304%2C195%2C1%2C0%2C0%2C%2C83%2C91%2C%2C%2C%2C587%3Adsn%3A1%2C304%2C195%2C1%2C0%2C0%2C%2C85%2C90%2C%2C%2C%2C587%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621917221%3At%3Amangumphulynch%20%28%40zipperdragon8103%29%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm

Request Chain 75

https://dmg.digitaltarget.ru/1/7205/i/i?a=945&e=8c22ee2a-ecfb-45a0-ab3c-7d17f787347b&i=1621917221 HTTP 307
https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=8c22ee2a-ecfb-45a0-ab3c-7d17f787347b&i=1621917221

Request Chain 92

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=uq1hUXxNeTY2RUhhTDVqaFVLcFp2NnhLeHBRTy9oS0IrYzVZZlhtMEZBdkJzSGRCbUMrODdaN3p0WGdMRVBqa2haMnpXR0d5Y0wzeEcrYlRQRVhLelc2b3JjL1R0aUtqR3Y4NEovZW1aOVpXRWNuaWhUa0VVaW15VE5GV3c2Z09PK3ZZMXlvK2JaL2tjbkdNb2xRNWZJd09PWi9QcXRGOTBvbjE0QmVlV1Z0TzF4QnU0ZkNxYlMyaVdoMWk4bGIyVmtYNXI2TmVwajJ6ai8vaGNydHBYSWpFZnlDZGFQYVd5dnVObVZsaWxybnArblI4V2EvaDEzUGJmTldxVytqbWdPdHpZfA&cppv=2

Request Chain 117

https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 118

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 119

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YKx.KxrqeTZIH70N0lsBBgAA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YKx.KxrqeTZIH70N0lsBBgAA&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPAXO6U_TOW_fW8JwnT5sVk&google_cver=1&google_hm=2

Request Chain 121

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YKx-KxrqeTZIH70N0lsBBgAABGIAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YKx-KxrqeTZIH70N0lsBBgAABGIAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKvPIUqswTc_nGq2Y2-N0Ps&google_cver=1

Request Chain 122

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YKx-KxrqeTZIH70N0lsBBgAABGIAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YKx-KxrqeTZIH70N0lsBBgAABGIAAAAB&dcc=t

Request Chain 123

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1622003627&gdpr=1

Request Chain 124

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=kSeNkTxF1LLoLh5&gdpr=1

Request Chain 125

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=Q2yIXUI521xYPd0JTWvECkU_21pYbNsGFm4Jbqrc

Request Chain 127

https://um2.eqads.com/um/cs HTTP 302
https://um2.eqads.com/um/cs&eq_cc=1

Request Chain 164

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9283.Vjf8WY1kGEPCkrgXpEPXubJ2sTjqIxDm_8kRhZBRMt_woDzXoVm-9T1HjYZKe93H.kLvN78r1bBea5hpisSPOAqcOHic%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9283.AzaAoT3if6zm3emvO6r31Y4yW3JYM7OyxR_iFIO3PWjzjzV1QgZncfFB453XLOqqbYfPXAi2-0M1FKvJ9gG3NvUKyfkdvRSUXfHZN6DgCQo%2C.SHlVLtL2UcRSNqUZDsjKxMCn1zY%2C

Request Chain 172

https://mc.yandex.com/watch/652294?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fzipperdragon8103&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A523%3Acn%3A2%3Adp%3A1%3Als%3A1200796992745%3Ahid%3A896397683%3Az%3A120%3Ai%3A20210525063349%3Aet%3A1621917229%3Ac%3A1%3Arn%3A435457874%3Au%3A1621917229326682956%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1621917219823%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621917230%3At%3Amangumphulynch%20(%40zipperdragon8103)%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm HTTP 302
https://mc.yandex.com/watch/652294/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fzipperdragon8103&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A523%3Acn%3A2%3Adp%3A1%3Als%3A1200796992745%3Ahid%3A896397683%3Az%3A120%3Ai%3A20210525063349%3Aet%3A1621917229%3Ac%3A1%3Arn%3A435457874%3Au%3A1621917229326682956%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1621917219823%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621917230%3At%3Amangumphulynch%20%28%40zipperdragon8103%29%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm

Request Chain 181

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=feb37fea3efb27c35e45db961af7d253&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=1&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l2757_6966081455374830795 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZmViMzdmZWEzZWZiMjdjMzVlNDVkYjk2MWFmN2QyNTM=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEPmca3iTzyTBB4Va2F3T1Ak&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=b4bb0006-302e-4560-878d-81e532d74be8 HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=8729579150955094641 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/stickyads/feb37fea3efb27c35e45db961af7d253&gdpr=0&gdpr_consent=?gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-NJSyWC5E2oPBa8hdIyXI8wzl3LdPr77rVHsfAlcD~A HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=5dbd60ac-7e2e-4500-8042-fd7a26c618b2&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=kSeNkTxF1LLoLh5&gdpr=0&gdpr_consent= HTTP 302
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAD4XU7BWPwAACx7lWJFxA&gdpr=0 HTTP 302
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&_test=YKx_LgABSMB1QgA4

Request Chain 185

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZmViMzdmZWEzZWZiMjdjMzVlNDVkYjk2MWFmN2QyNTM=&gdpr=0&gdpr_consent=

Request Chain 186

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=feb37fea3efb27c35e45db961af7d253&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 191

https://www8.smartadserver.com/ac?siteid=115779&pgid=1238065&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1621917228&vpw=432&vph=243&pgDomain=ask.fm&gdpr_consent=&gdpr=1&schain=1.0,1!viralize.com,4704,1,,, HTTP 302
https://www8.smartadserver.com/ac?siteid=115779&pgid=1238065&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1621917228&vpw=432&vph=243&pgDomain=ask.fm&gdpr_consent=&gdpr=1&schain=1.0%2C1!viralize.com%2C4704%2C1%2C%2C%2C&cklb=1

Request Chain 201

https://ad.adriver.ru/cgi-bin/json.cgi?sid=1&ad=719473&bt=55&pid=3198680&bid=7189165&bn=7189165&custom=300=0;301=0;302=0;303=unavail;304=0;305=2c9b7ca5ee3973863919;306=;307=;308=0;309=0 HTTP 302
https://ad.adriver.ru/cgi-bin/json.cgi?sid=1&ad=719473&bt=55&pid=3198680&bid=7189165&bn=7189165&custom=300=0;301=0;302=0;303=unavail;304=0;305=2c9b7ca5ee3973863919;306=;307=;308=0;309=0&tuid=-6362066255

Request Chain 202

https://viralize-d.openx.net/v/1.0/av?auid=543860669&url=ask.fm&cb=1621917228&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,, HTTP 302
https://viralize-d.openx.net/v/1.0/av?cc=1&auid=543860669&url=ask.fm&cb=1621917228&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,, HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

Request Chain 206

https://viralize-d.openx.net/v/1.0/av?auid=543860669&url=ask.fm&cb=1621917228&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,, HTTP 302
https://viralize-d.openx.net/v/1.0/av?cc=1&auid=543860669&url=ask.fm&cb=1621917228&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,

Request Chain 207

https://viralize-d.openx.net/v/1.0/av?auid=543860669&url=ask.fm&cb=1621917228&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,, HTTP 302
https://viralize-d.openx.net/v/1.0/av?cc=1&auid=543860669&url=ask.fm&cb=1621917228&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,

Request Chain 221

https://c1.adform.net/serving/cookie/match?party=14&cid=D04B26AA-CECE-446F-9742-FB18C01113AA HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D04B26AA-CECE-446F-9742-FB18C01113AA

Request Chain 224

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0Esmqs7ORG-XQvsYwBETqg%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 225

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=5dbd60ac-7e2e-4500-8042-fd7a26c618b2

Request Chain 226

https://pixel.onaudience.com/?partner=214&mapped=D04B26AA-CECE-446F-9742-FB18C01113AA HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1

Request Chain 227

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDA0QjI2QUEtQ0VDRS00NDZGLTk3NDItRkIxOEMwMTExM0FB&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 228

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEN9TJy4kEwV6UnFdTzj6iDY&google_cver=1

Request Chain 230

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:5dbd60ac-7e2e-4500-8042-fd7a26c618b2&gdpr=0&gdpr_consent=

Request Chain 231

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2233530701112908820

Request Chain 232

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b4bb0006-302e-4560-878d-81e532d74be8

Request Chain 233

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8729579150955094641&gdpr=0&gdpr_consent=

Request Chain 281

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null HTTP 302
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=1&gdpr_consent=null

Request Chain 287

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=feb37fea3efb27c35e45db961af7d253&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 288

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZmViMzdmZWEzZWZiMjdjMzVlNDVkYjk2MWFmN2QyNTM=&gdpr=0&gdpr_consent=

Request Chain 289

https://www8.smartadserver.com/ac?siteid=115779&pgid=1343569&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1621917231&vpw=432&vph=243&pgDomain=ask.fm&gdpr_consent=&gdpr=1&schain=1.0,1!viralize.com,4704,1,,, HTTP 302
https://www8.smartadserver.com/ac?siteid=115779&pgid=1343569&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1621917231&vpw=432&vph=243&pgDomain=ask.fm&gdpr_consent=&gdpr=1&schain=1.0%2C1!viralize.com%2C4704%2C1%2C%2C%2C&cklb=1

Request Chain 317

https://c1.adform.net/serving/cookie/match?party=14&cid=324B9BE1-F4D9-4B20-BD92-D681552EAC0B HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=324B9BE1-F4D9-4B20-BD92-D681552EAC0B

Request Chain 320

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Mkub4fTZSyC9ktaBVS6sCw%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Mkub4fTZSyC9ktaBVS6sCw%3D%3D&google_tc= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 321

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=675660ac-7e30-4800-b317-079148502665

Request Chain 322

https://pixel.onaudience.com/?partner=214&mapped=324B9BE1-F4D9-4B20-BD92-D681552EAC0B HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=5d0a239f21a77b2d120f00835e92c9af

Request Chain 323

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzI0QjlCRTEtRjREOS00QjIwLUJEOTItRDY4MTU1MkVBQzBC&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzI0QjlCRTEtRjREOS00QjIwLUJEOTItRDY4MTU1MkVBQzBC&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 324

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAWKF7ieKwmQz45j17MmnK0&google_cver=1

Request Chain 326

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:985060ac-7e30-4400-8126-0c353cadadcc&gdpr=0&gdpr_consent=

Request Chain 327

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=542602002293952765

Request Chain 328

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9fb0b7b2-9768-4cf5-9eee-3a55c2683594

Request Chain 329

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7722511024432319832&gdpr=0&gdpr_consent=

324 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set zipperdragon8103 Show response
ask.fm/ 16 KB
6 KB 501ms
195ms Document
text/html 193.138.77.142
ASK-FM

General

Check archive.org

Show headers Download Go to

Full URL

https://ask.fm/zipperdragon8103

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.138.77.142 , Latvia, ASN395754 (ASK-FM, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

91da8490ecdf435c9366a76e79458778c942770460b5ce102fe5bb82f1b96a7a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: ask.fm
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Status: 200 OK
Cache-Control: max-age=0, private, must-revalidate
ETag: W/"fa70722aa04ad2a66a680086841e4a79"
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Date: Tue, 25 May 2021 04:33:40 GMT
Set-Cookie: locale=en; path=/; expires=Wed, 25 May 2022 10:33:40 -0000 uuid=d82b8aae-4965-4f96-98bc-16687116dbce; path=/; expires=Wed, 25 May 2022 10:33:40 -0000; secure; HttpOnly country=FR; path=/; expires=Wed, 25 May 2022 10:33:40 -0000 traffic_source=organic; path=/; expires=Thu, 27 May 2021 04:33:40 -0000 _m_ask_fm_session=eW81d25yYzJVT2NWQkRkOURlb1dwa01YNzBUK21RQmdueXlEYU9pY3k1cG94SlFwRmtTbWZMQ1cydHVyNEpwclhjd0FkRjhIYXdzZC9NYittZC9iZUFrby84UWNJSlhNV2c1Zkt5eUpmcGpqT1FVbHdJMzZzRkExcTV2dkRrUFhNVkszMTE4L1dlMmtpRjk5b1hESlRRV3dSWlNudm04RGFMK0dKT2pBc1ZoQkVCK0h0NVNta0dzZ1libnkxQkhkTWV5YVFDK0hzWkI0YkUyeHJ2amlLdFpOSjlRTExmZ29VWTEyVWNNdUJ2cVRTRlc1UWYrSUhNLzR2ZzJTZGhNWC0tblRweWZCemNjSW1oUHA5S05jOTdMdz09--42cfe8e832910a9a53e63be7ee954cd4e245e871; path=/; expires=Fri, 28 May 2021 04:33:40 -0000; secure; HttpOnly
Server: Ask.FM Web Service
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security: max-age=63072000

GET
H2 200 application_ltr-5e741ad5d513642f03d801fd3b9b6f1e0b160a8caa532481a4b3726d2c31b638.css
d3r6ceqp4shltl.cloudfront.net/assets/ 186 KB
40 KB 43ms
7ms Stylesheet
text/css 2600:9000:21f3:8800:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-5e741ad5d513642f03d801fd3b9b6f1e0b160a8caa532481a4b3726d2c31b638.css

Requested by

Host: ask.fm
URL: https://ask.fm/zipperdragon8103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8800:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

13be9605e71b444b62fa3d78780ea07b8d585696cb3afa8196adb89d17ee26fc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 07:03:24 GMT
content-encoding: gzip
age: 2237416
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 40564
access-control-allow-origin: https://ask.fm
last-modified: Thu, 29 Apr 2021 05:41:49 GMT
server: Ask.FM Web Service
etag: "608a471d-9e74"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET
content-type: text/css
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 6I1qLPet-ELLe27FdBObpwoJYMiSMOkYnMgJoIHIbZ724b7whfUhYw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 application-25cdb27fab782e5ee837664296143f732b96d09cad09968e25ca99f1b163ae9d.js Show response
d3r6ceqp4shltl.cloudfront.net/assets/ 218 KB
68 KB 43ms
8ms Script
application/javascript 2600:9000:21f3:8800:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/application-25cdb27fab782e5ee837664296143f732b96d09cad09968e25ca99f1b163ae9d.js

Requested by

Host: ask.fm
URL: https://ask.fm/zipperdragon8103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8800:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

25cdb27fab782e5ee837664296143f732b96d09cad09968e25ca99f1b163ae9d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 07:03:23 GMT
content-encoding: gzip
age: 2237417
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 69351
access-control-allow-origin: https://ask.fm
last-modified: Thu, 29 Apr 2021 05:41:49 GMT
server: Ask.FM Web Service
etag: "608a471d-10ee7"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: VfPdpksvIn-emAhAmnss2kEzXXBBXAWFINYlPVEf2K4P4Myp4DlGdA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 profile-bg-853324ad1cb1a0bbc62244f1854403cfe21ddb5bd45fd2595d018734c80daac7.png
d3r6ceqp4shltl.cloudfront.net/assets/ 24 KB
24 KB 8ms
7ms Image
image/png 2600:9000:21f3:8800:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/profile-bg-853324ad1cb1a0bbc62244f1854403cfe21ddb5bd45fd2595d018734c80daac7.png

Requested by

Host: ask.fm
URL: https://ask.fm/zipperdragon8103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8800:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

853324ad1cb1a0bbc62244f1854403cfe21ddb5bd45fd2595d018734c80daac7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 11:14:48 GMT
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
age: 7665532
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 24239
last-modified: Wed, 27 Sep 2017 12:11:28 GMT
server: Ask.FM Web Service
etag: "59cb9570-5eaf"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: https://ask.fm
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: MIU-0o14oHpSc-V6JBVKTPraZAgm8jUnSLm26s1jXDE-fbpDF6k4bg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 house_banner_support_center-85ea197689891192f6f5ea6ceb68ad0ac922bde59f45262a122d44cbe00fd78f.png
d3r6ceqp4shltl.cloudfront.net/assets/ 26 KB
26 KB 7ms
6ms Image
image/png 2600:9000:21f3:8800:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/house_banner_support_center-85ea197689891192f6f5ea6ceb68ad0ac922bde59f45262a122d44cbe00fd78f.png

Requested by

Host: ask.fm
URL: https://ask.fm/zipperdragon8103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8800:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

85ea197689891192f6f5ea6ceb68ad0ac922bde59f45262a122d44cbe00fd78f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 11:14:42 GMT
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
age: 7665538
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 26285
last-modified: Wed, 25 Oct 2017 13:07:33 GMT
server: Ask.FM Web Service
etag: "59f08c95-66ad"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: https://ask.fm
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: LH3SNL6xy0vQcxMgA2Gdqm_3wFXlZNWEo0hR2-zBLHDuImgPWI0iiw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 216 KB
68 KB 49ms
49ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-25cdb27fab782e5ee837664296143f732b96d09cad09968e25ca99f1b163ae9d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

28004652367fd33d35145be63351633bc125d7ab4f49a527e625187091db6b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:40 GMT
content-encoding: br
last-modified: Mon, 24 May 2021 17:15:41 GMT
etag: "60ab69bd-110fd"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 69885
expires: Tue, 25 May 2021 05:33:40 GMT

GET
H2 200 noAvatar-c233d6098087425dfeea8f690fd936de6b3cb2dc9fda991b0a5051169d334399.png
d3r6ceqp4shltl.cloudfront.net/assets/ 956 B
1 KB 8ms
7ms Image
image/png 2600:9000:21f3:8800:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/noAvatar-c233d6098087425dfeea8f690fd936de6b3cb2dc9fda991b0a5051169d334399.png

Requested by

Host: ask.fm
URL: https://ask.fm/zipperdragon8103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8800:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

c233d6098087425dfeea8f690fd936de6b3cb2dc9fda991b0a5051169d334399

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 11:15:13 GMT
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
age: 7665507
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 956
last-modified: Wed, 06 Sep 2017 12:36:34 GMT
server: Ask.FM Web Service
etag: "59afebd2-3bc"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: https://ask.fm
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: -8J27tNkDAaQpnKy519ADyhmZsPbg-Fd0bQHPDbu4acEnSYb_xeaQg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fontello-4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316.woff2
d3r6ceqp4shltl.cloudfront.net/assets/ 17 KB
18 KB 25ms
8ms Font
application/font-woff2 2600:9000:21f3:8800:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/fontello-4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316.woff2

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-5e741ad5d513642f03d801fd3b9b6f1e0b160a8caa532481a4b3726d2c31b638.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8800:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Origin: https://ask.fm
Referer: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-5e741ad5d513642f03d801fd3b9b6f1e0b160a8caa532481a4b3726d2c31b638.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 07:03:25 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff9.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin
age: 2237415
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000
content-length: 17880
last-modified: Thu, 29 Apr 2021 05:41:49 GMT
server: Ask.FM Web Service
etag: "608a471d-45d8"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: https://ask.fm
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: 4YCdowPCC5iCnGjniIJDLLJKHahnuAZ6iOeyK_roDPGHodDtjSUB_Q==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 proximanova-semibold-41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401.woff2
d3r6ceqp4shltl.cloudfront.net/assets/ 25 KB
25 KB 26ms
9ms Font
application/font-woff2 2600:9000:21f3:8800:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/proximanova-semibold-41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401.woff2

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-5e741ad5d513642f03d801fd3b9b6f1e0b160a8caa532481a4b3726d2c31b638.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8800:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Origin: https://ask.fm
Referer: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-5e741ad5d513642f03d801fd3b9b6f1e0b160a8caa532481a4b3726d2c31b638.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 11:14:43 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff9.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin
age: 7665537
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000
content-length: 25400
last-modified: Wed, 06 Sep 2017 12:36:34 GMT
server: Ask.FM Web Service
etag: "59afebd2-6338"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: https://ask.fm
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: 8GdwLuxd6yWrHo7Z5ZMhSuhsFpFO_0KaFtBIaj8dny9vBEUY2f7aVw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 proximanovareg-98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f.woff2
d3r6ceqp4shltl.cloudfront.net/assets/ 51 KB
52 KB 25ms
8ms Font
application/font-woff2 2600:9000:21f3:8800:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/proximanovareg-98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f.woff2

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-5e741ad5d513642f03d801fd3b9b6f1e0b160a8caa532481a4b3726d2c31b638.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8800:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Origin: https://ask.fm
Referer: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-5e741ad5d513642f03d801fd3b9b6f1e0b160a8caa532481a4b3726d2c31b638.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 07:55:47 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff9.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin
age: 3271073
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000
content-length: 52204
last-modified: Wed, 02 Aug 2017 08:00:22 GMT
server: Ask.FM Web Service
etag: "59818696-cbec"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: https://ask.fm
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: VHT43G04mcR71pEHqiHRf7dD2VNX7gwvNpSoPomFUIXLziDF69wWmA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK Cookie set 304 Show response
ask.fm/ads/ 5 KB
3 KB 118ms
117ms XHR
text/html 193.138.77.142
ASK-FM

General

Check archive.org

Show headers Download Go to

Full URL

https://ask.fm/ads/304?login=zipperdragon8103

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-25cdb27fab782e5ee837664296143f732b96d09cad09968e25ca99f1b163ae9d.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.138.77.142 , Latvia, ASN395754 (ASK-FM, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

f978f9df482aa6d4b9539ed187c72c7eeed009a2c9263e2ff81a555b0a663d54

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: ask.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: locale=en; uuid=d82b8aae-4965-4f96-98bc-16687116dbce; country=FR; traffic_source=organic; _m_ask_fm_session=eW81d25yYzJVT2NWQkRkOURlb1dwa01YNzBUK21RQmdueXlEYU9pY3k1cG94SlFwRmtTbWZMQ1cydHVyNEpwclhjd0FkRjhIYXdzZC9NYittZC9iZUFrby84UWNJSlhNV2c1Zkt5eUpmcGpqT1FVbHdJMzZzRkExcTV2dkRrUFhNVkszMTE4L1dlMmtpRjk5b1hESlRRV3dSWlNudm04RGFMK0dKT2pBc1ZoQkVCK0h0NVNta0dzZ1libnkxQkhkTWV5YVFDK0hzWkI0YkUyeHJ2amlLdFpOSjlRTExmZ29VWTEyVWNNdUJ2cVRTRlc1UWYrSUhNLzR2ZzJTZGhNWC0tblRweWZCemNjSW1oUHA5S05jOTdMdz09--42cfe8e832910a9a53e63be7ee954cd4e245e871
Connection: keep-alive
Referer: https://ask.fm/zipperdragon8103
Accept: */*
Referer: https://ask.fm/zipperdragon8103
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Ask.FM Web Service
ETag: W/"c1da49f7c78d7cd2b6ac03c87965aa32"
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Status: 200 OK
Set-Cookie: locale=en; path=/; expires=Wed, 25 May 2022 10:33:40 -0000 _m_ask_fm_session=dktTWTdaNEhDYWJEQmFZUS9odkVBSFR1UW9FbFFXdkkxd0JKdWxOdFhNelBGRkgyajJhb0JPcS9kbmF1YXVYeTdQZUJkcWlBaDNMMERPa3Z0b3FXMnAzWmZ5QkFsaG5rb3QyQWVSb1djQkI0eDJBV2QrMXZ0d2lmOVNweFpCS0xPT2dQT2Zlc1lkNDJ1TVF4T2IxOGRia0pSWnFpU1Y5dUFhMWpUYUVmenRzMzI0WDhDQjhkWjhscHRnSktydnpSTm51clRDL0pjZVZoT1Aza1JYK1hxYnF6L3B4ZEZldmlISlk4VEdFUUk0Um9Sb0xUUVFqNUQ2NTRtcTZZYjhtYS0tdGd3ajhBV2NNNjRONm82eGpqaGxzdz09--447e80faf2ef8c3a0e4a7f950b0e2ffcde973262; path=/; expires=Fri, 28 May 2021 04:33:40 -0000; secure; HttpOnly
Cache-Control: max-age=0, private, must-revalidate
Transfer-Encoding: chunked
Content-Security-Policy: frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security: max-age=63072000
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set 404 Show response
ask.fm/ads/ 5 KB
3 KB 239ms
120ms XHR
text/html 193.138.77.142
ASK-FM

General

Check archive.org

Show headers Download Go to

Full URL

https://ask.fm/ads/404?login=zipperdragon8103

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-25cdb27fab782e5ee837664296143f732b96d09cad09968e25ca99f1b163ae9d.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.138.77.142 , Latvia, ASN395754 (ASK-FM, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

42f60763bfa21d0c1d5fb1ddfb7befe4cc5056c2935c1a046fbf8e476848dd9c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: ask.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: locale=en; uuid=d82b8aae-4965-4f96-98bc-16687116dbce; country=FR; traffic_source=organic; _m_ask_fm_session=eW81d25yYzJVT2NWQkRkOURlb1dwa01YNzBUK21RQmdueXlEYU9pY3k1cG94SlFwRmtTbWZMQ1cydHVyNEpwclhjd0FkRjhIYXdzZC9NYittZC9iZUFrby84UWNJSlhNV2c1Zkt5eUpmcGpqT1FVbHdJMzZzRkExcTV2dkRrUFhNVkszMTE4L1dlMmtpRjk5b1hESlRRV3dSWlNudm04RGFMK0dKT2pBc1ZoQkVCK0h0NVNta0dzZ1libnkxQkhkTWV5YVFDK0hzWkI0YkUyeHJ2amlLdFpOSjlRTExmZ29VWTEyVWNNdUJ2cVRTRlc1UWYrSUhNLzR2ZzJTZGhNWC0tblRweWZCemNjSW1oUHA5S05jOTdMdz09--42cfe8e832910a9a53e63be7ee954cd4e245e871
Connection: keep-alive
Referer: https://ask.fm/zipperdragon8103
Accept: */*
Referer: https://ask.fm/zipperdragon8103
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Ask.FM Web Service
ETag: W/"ec19f7d60e9a06a514b64e56157e129e"
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Status: 200 OK
Set-Cookie: locale=en; path=/; expires=Wed, 25 May 2022 10:33:40 -0000 _m_ask_fm_session=U3F0TnN4WHZFZlY2WXZmRHFHTVdPRmgvQjN6V0ZBbVFBWXpDbVVmV0s0OC9FdlBDTk1OampiQjRnSlk0ZjhGMGQvR1p6L29STkhhbDZLRTN1TWM3SEVXTUpqeXZhb21ERUFobmh2bkU5cXZnakRGejdhUVBrTy9hSjEwVnRMK3RMcFZBbjlmSms4b0xGZk96c1pSVnYrZDRhQ2g3VWRhNGtnMmovYkFySzJBQzNYQVpPWGpNQnMreU5aM3ZsOVdKeG45UWtRdE02TllZc3ZFVnlWdVUwTHhqVGVsM3NVQ2lQbkswaTdoNjBic1VBdDRhNGRFMEpsMjJUSXpVbkhmbS0tZWdUcUIwN2xncWhqVmVlY2RadHNNUT09--046de8fceb2f1ad8b5b6382e9636610c27bc7cfc; path=/; expires=Fri, 28 May 2021 04:33:40 -0000; secure; HttpOnly
Cache-Control: max-age=0, private, must-revalidate
Transfer-Encoding: chunked
Content-Security-Policy: frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security: max-age=63072000
X-XSS-Protection: 1; mode=block

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9283.yBUgiu_fcTnRdlL0_UFbdD_I4_OCgQQzWsjNEp4QmxYmMd4TlUUxYDOoMnAtJVrz.XHKI_6GL8Fmc2oQb_wYWV8XaXvU%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9283.ACKgVxQK-eoMyXe8qOSICcS5JnlKwFwQ5A2oVtclzkxufNfCl95l1dmbMofxuiO2PhDa7lT1gszpZ2QdShuWvw%2C%2C.xsOuRDEr3M37LFbYjOpuSKhAZpk%2C

75 B
75 B

55ms
55ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9283.ACKgVxQK-eoMyXe8qOSICcS5JnlKwFwQ5A2oVtclzkxufNfCl95l1dmbMofxuiO2PhDa7lT1gszpZ2QdShuWvw%2C%2C.xsOuRDEr3M37LFbYjOpuSKhAZpk%2C

Requested by

Host: ask.fm
URL: https://ask.fm/zipperdragon8103

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:40 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9283.ACKgVxQK-eoMyXe8qOSICcS5JnlKwFwQ5A2oVtclzkxufNfCl95l1dmbMofxuiO2PhDa7lT1gszpZ2QdShuWvw%2C%2C.xsOuRDEr3M37LFbYjOpuSKhAZpk%2C
date: Tue, 25 May 2021 04:33:40 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 49ms
48ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: ask.fm
URL: https://ask.fm/zipperdragon8103

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:40 GMT
last-modified: Mon, 24 May 2021 17:15:41 GMT
etag: "60ab69bd-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 25 May 2021 05:33:40 GMT

GET
H2 200 prebid_v3.27.0_adtarget.js Show response
d2f6o1s2veeoj7.cloudfront.net/ Frame 8228 294 KB
294 KB 49ms
22ms Script
application/javascript 2600:9000:20eb:d600:7:6e4f:6cc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js
Requested by: Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-25cdb27fab782e5ee837664296143f732b96d09cad09968e25ca99f1b163ae9d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:d600:7:6e4f:6cc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cee03da6372aac6087621b63d577c941c783700c781be1443a42b24626021c34

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 03:52:09 GMT
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
last-modified: Wed, 20 Jan 2021 09:04:14 GMT
server: AmazonS3
age: 2511
etag: "43bed5597e2a691c101f2b9601b16c87"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 300872
x-amz-cf-id: gc0nNwGSY5NnOHsC45YYRcnyC1eo5boTltzotFyFfjC0yasuXCQHsw==

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/2527/ Frame 8228 32 KB
11 KB 101ms
31ms Script
application/javascript 2.16.186.113
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/2527/smart.js
Requested by: Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-25cdb27fab782e5ee837664296143f732b96d09cad09968e25ca99f1b163ae9d.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.113 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-113.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 679642add99b52d0e70450bf716f963f1defaed601e3c472108a3e27129c07ab

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:40 GMT
Content-Encoding: gzip
Cache-Control: public, max-age=1
Content-Length: 11375
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 8228 2 KB
1 KB 6ms
6ms XHR
application/json 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210525

Requested by

Host: d2f6o1s2veeoj7.cloudfront.net
URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6aef7c004e8d9551468e7ba3afa304f8fef2e0a71c6ef432542b90081a9bb051

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 40361
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 946
etag: W/"699-0CJm9egSPltQj3ljZWJXWc27UBs"
x-served-by: cache-fra19166-FRA
date: Tue, 25 May 2021 04:33:40 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 8228 61 B
753 B 88ms
30ms XHR
application/json 185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: d2f6o1s2veeoj7.cloudfront.net
URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

efeab73559fcc6d5b9a958ecba36f1b35213cc443c218b0cdebd66fc906f3f78

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:40 GMT
X-Proxy-Origin: 185.104.185.164; 185.104.185.164; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.178:80
AN-X-Request-Uuid: 4a84d57f-351f-4d4e-a149-4c867b5bf6cc
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 61
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
askfm-usd-d.openx.net/w/1.0/ Frame 8228 173 B
361 B 170ms
113ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://askfm-usd-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fask.fm%2Fzipperdragon8103&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=dfc7ed36-00ac-4193-8742-eeaf95abf9f8&nocache=1621917220716&gdpr=0&x_gdpr_f=1&aus=300x600%2C300x250%2C336x280%2C336x228%2C250x250%2C200x200%2C320x568%2C250x360%2C300x300%2C250x600%2C320x320%2C320x250%2C300x150&divIds=desktop_300x600&auid=540567299
Requested by: Host: d2f6o1s2veeoj7.cloudfront.net
URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: ae3c4c495e3e54f94163b061e738eb97bac631f2f98f32007907eb71d26dc98a

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:40 GMT
content-encoding: gzip
server: OXGW/16.207.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://ask.fm
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 8228 938 B
2 KB 142ms
77ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: d2f6o1s2veeoj7.cloudfront.net
URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 65985dcfcaab798738d165704f6c42c10fab4386a03aeb105ea3704bdef06f72

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:40 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 4%3b23%3b78
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://ask.fm
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame 8228 24 B
368 B 178ms
110ms XHR
application/json 2.21.111.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=388708&v=7.2&r=%7B%22id%22%3A%2272d3abbbfabf57%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2284e9f9b30a9f46%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2284e9f9b30a9f46%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2284e9f9b30a9f46%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2284e9f9b30a9f46%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22336x228%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A228%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2284e9f9b30a9f46%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22250x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A250%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2284e9f9b30a9f46%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22200x200%22%7D%2C%22banner%22%3A%7B%22w%22%3A200%2C%22h%22%3A200%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2284e9f9b30a9f46%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22320x568%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A568%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2284e9f9b30a9f46%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22250x360%22%7D%2C%22banner%22%3A%7B%22w%22%3A250%2C%22h%22%3A360%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2284e9f9b30a9f46%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22300x300%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A300%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2284e9f9b30a9f46%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22250x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A250%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2284e9f9b30a9f46%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22320x320%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A320%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2284e9f9b30a9f46%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22320x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2284e9f9b30a9f46%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22300x150%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A150%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fask.fm%2Fzipperdragon8103%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1
Requested by: Host: d2f6o1s2veeoj7.cloudfront.net
URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-111-28.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ae5130815a4778efc660602ed651239c9de825f1922316af8c0e3b9adf88bd81

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:40 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[FR], RC:[IDF], CN:[EU], CIP:[185.104.185.164], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ask.fm
x-cs-client-geo: 28
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 44
x-ak-client-geo: 28
expires: Tue, 25 May 2021 04:33:40 GMT

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/2d2b8/1/ask.fm/ Frame 8228
Redirect Chain

https://ads.us.e-planning.net/hb/1/2d2b8/1/ask.fm/ROS?rnd=0.5411502042078329&e=300x600_0%3A300x600%2C300x250%2C336x280%2C336x228%2C250x250%2C200x200%2C320x568%2C250x360%2C300x300%2C250x600%2C320x32...
https://ads.us.e-planning.net/hb/1/2d2b8/1/ask.fm/ROS?ct=1&rnd=0.5411502042078329&e=300x600_0%3A300x600%2C300x250%2C336x280%2C336x228%2C250x250%2C200x200%2C320x568%2C250x360%2C300x300%2C250x600%2C3...

522 B
931 B

35ms
35ms

XHR
application/json

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2d2b8/1/ask.fm/ROS?ct=1&rnd=0.5411502042078329&e=300x600_0%3A300x600%2C300x250%2C336x280%2C336x228%2C250x250%2C200x200%2C320x568%2C250x360%2C300x300%2C250x600%2C320x320%2C320x250%2C300x150&ur=https%3A%2F%2Fask.fm%2Fzipperdragon8103&r=pbjs&pbv=3.27.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fask.fm%2Fzipperdragon8103&gdpr=0
Requested by: Host: ask.fm
URL: https://ask.fm/zipperdragon8103
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: dd8be889b25965837eb139dbeae4e895faa347a18f0379eadb02dbffce4371ce

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:40 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://ask.fm
expires: Tue, 25 May 2021 04:33:40 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 522
x-sid: AMS-742

Redirect headers

date: Tue, 25 May 2021 04:33:40 GMT
server: openresty
access-control-allow-origin: https://ask.fm
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2d2b8/1/ask.fm/ROS?ct=1&rnd=0.5411502042078329&e=300x600_0%3A300x600%2C300x250%2C336x280%2C336x228%2C250x250%2C200x200%2C320x568%2C250x360%2C300x300%2C250x600%2C320x320%2C320x250%2C300x150&ur=https%3A%2F%2Fask.fm%2Fzipperdragon8103&r=pbjs&pbv=3.27.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fask.fm%2Fzipperdragon8103&gdpr=0
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-742

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 8228 0
136 B 96ms
30ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=3.27.0&cb=83519847099
Requested by: Host: d2f6o1s2veeoj7.cloudfront.net
URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ask.fm
date: Tue, 25 May 2021 04:33:40 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 8228 145 B
1 KB 151ms
92ms XHR
application/json 185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: d2f6o1s2veeoj7.cloudfront.net
URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

55a3395bc0127d2f33ac74342f9ba5183c566edb06590b2791c7581ff89e0ada

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:40 GMT
X-Proxy-Origin: 185.104.185.164; 185.104.185.164; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.71:80
AN-X-Request-Uuid: 6a3aff84-b254-475d-9129-ebc1db11ef9c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 8228 145 B
1 KB 106ms
48ms XHR
application/json 185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: d2f6o1s2veeoj7.cloudfront.net
URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4580dd5d9195a1484f6887d41c289f019eb6f64cfaa55f455de06934e1878439

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:40 GMT
X-Proxy-Origin: 185.104.185.164; 185.104.185.164; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.59:80
AN-X-Request-Uuid: e280e8b8-8b26-483b-901a-43400fbf89e8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK / Show response
ad.mail.ru/hbid_prebid/ Frame 8228 84 B
379 B 135ms
49ms XHR
application/json 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/hbid_prebid/
Requested by: Host: d2f6o1s2veeoj7.cloudfront.net
URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 240776fce2938601113fe610b9cd8a1205c325df8f3ebc0cbb1ed5b5d7aa2b05

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 25 May 2021 04:33:40 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H/1.1 200
OK / Show response
ghb.console.adtarget.com.tr/v2/auction/ Frame 8228 1 KB
791 B 172ms
107ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.console.adtarget.com.tr/v2/auction/
Requested by: Host: d2f6o1s2veeoj7.cloudfront.net
URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 8c3bd0206604cd99cfabccb30a4217884e646db7bb714a85f772b336323a7d51

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 25 May 2021 04:33:39 GMT
Content-Encoding: gzip
Server: VertaMedia 1.0
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://ask.fm
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 510

GET
H/1.1 200
OK ac Show response
www8.smartadserver.com/ Frame 8228 22 B
350 B 143ms
80ms Script
application/javascript 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www8.smartadserver.com/ac?nwid=2527&siteid=165769&pgid=830631&fmtid=96831&async=1&visit=m&tmstp=4847750294&tag=sas_96831&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fask.fm%2Fzipperdragon8103&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/2527/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 08d2503bb471680472543885cfb3912a1d77c0de71645d837aac8d131bb18a1d

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:40 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 6%3b25%3b118
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H2 200 prebid_v3.27.0_adtarget.js Show response
d2f6o1s2veeoj7.cloudfront.net/ Frame ECA0 294 KB
294 KB 7ms
6ms Script
application/javascript 2600:9000:20eb:d600:7:6e4f:6cc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js
Requested by: Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-25cdb27fab782e5ee837664296143f732b96d09cad09968e25ca99f1b163ae9d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:d600:7:6e4f:6cc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cee03da6372aac6087621b63d577c941c783700c781be1443a42b24626021c34

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 03:52:09 GMT
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
last-modified: Wed, 20 Jan 2021 09:04:14 GMT
server: AmazonS3
age: 2511
etag: "43bed5597e2a691c101f2b9601b16c87"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 300872
x-amz-cf-id: znURJkwcWoSFKRuVaDP0w2Zb4DkEe1m-uNDmpOLJMBwVDHf_dVwt8g==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame ECA0 2 KB
987 B 19ms
19ms XHR
application/json 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210525

Requested by

Host: d2f6o1s2veeoj7.cloudfront.net
URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6aef7c004e8d9551468e7ba3afa304f8fef2e0a71c6ef432542b90081a9bb051

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 40361
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 946
etag: W/"699-0CJm9egSPltQj3ljZWJXWc27UBs"
x-served-by: cache-fra19166-FRA
date: Tue, 25 May 2021 04:33:40 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame ECA0 1 KB
2 KB 104ms
64ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: d2f6o1s2veeoj7.cloudfront.net
URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 429702afcd7aa19634ee6b6b3b52dc5864ca29c57dc7d50a4e80afc16915ec61

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:40 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 4%3b6%3b65
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://ask.fm
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

GET
H2 200 arj Show response
askfm-usd-d.openx.net/w/1.0/ Frame ECA0 172 B
553 B 38ms
33ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://askfm-usd-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fask.fm%2Fzipperdragon8103&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=1e5d3681-7575-4300-b4e8-fbbeb8c3abcc&nocache=1621917220767&gdpr=0&x_gdpr_f=1&aus=300x250%2C336x280%2C336x228%2C250x250%2C200x200%2C250x360%2C300x300%2C320x320%2C320x250%2C300x150&divIds=infeed_desktop_4&auid=540567300
Requested by: Host: d2f6o1s2veeoj7.cloudfront.net
URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 583956f94324a10b02c7a1cf495af04a4a53e689f3a9fb6cfb132f8dea5ec244

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:40 GMT
content-encoding: gzip
server: OXGW/16.207.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://ask.fm
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK / Show response
ad.mail.ru/hbid_prebid/ Frame ECA0 84 B
379 B 131ms
47ms XHR
application/json 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/hbid_prebid/
Requested by: Host: d2f6o1s2veeoj7.cloudfront.net
URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 395731bbf5905424910bac88159528e4ef02fa713082bbd0036d8d17624ec95b

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 25 May 2021 04:33:40 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame ECA0 61 B
753 B 65ms
29ms XHR
application/json 185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: d2f6o1s2veeoj7.cloudfront.net
URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

efeab73559fcc6d5b9a958ecba36f1b35213cc443c218b0cdebd66fc906f3f78

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:40 GMT
X-Proxy-Origin: 185.104.185.164; 185.104.185.164; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.133:80
AN-X-Request-Uuid: 99a1ce07-e394-42be-b66a-6b4f012dfa2b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 61
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/2d2b8/1/ask.fm/ Frame ECA0
Redirect Chain

https://ads.us.e-planning.net/hb/1/2d2b8/1/ask.fm/ROS?rnd=0.9163445112451596&e=300x250_0%3A300x250%2C336x280%2C336x228%2C250x250%2C200x200%2C250x360%2C300x300%2C320x320%2C320x250%2C300x150&ur=https...
https://ads.us.e-planning.net/hb/1/2d2b8/1/ask.fm/ROS?ct=1&rnd=0.9163445112451596&e=300x250_0%3A300x250%2C336x280%2C336x228%2C250x250%2C200x200%2C250x360%2C300x300%2C320x320%2C320x250%2C300x150&ur=...

510 B
919 B

35ms
35ms

XHR
application/json

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/2d2b8/1/ask.fm/ROS?ct=1&rnd=0.9163445112451596&e=300x250_0%3A300x250%2C336x280%2C336x228%2C250x250%2C200x200%2C250x360%2C300x300%2C320x320%2C320x250%2C300x150&ur=https%3A%2F%2Fask.fm%2Fzipperdragon8103&r=pbjs&pbv=3.27.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fask.fm%2Fzipperdragon8103&gdpr=0
Requested by: Host: ask.fm
URL: https://ask.fm/zipperdragon8103
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: c0c8fab52bd23faf85d55360f9ee47fe6537f1fb63befc9f19bddda64534e160

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:40 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://ask.fm
expires: Tue, 25 May 2021 04:33:40 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 510
x-sid: AMS-742

Redirect headers

date: Tue, 25 May 2021 04:33:40 GMT
server: openresty
access-control-allow-origin: https://ask.fm
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2d2b8/1/ask.fm/ROS?ct=1&rnd=0.9163445112451596&e=300x250_0%3A300x250%2C336x280%2C336x228%2C250x250%2C200x200%2C250x360%2C300x300%2C320x320%2C320x250%2C300x150&ur=https%3A%2F%2Fask.fm%2Fzipperdragon8103&r=pbjs&pbv=3.27.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fask.fm%2Fzipperdragon8103&gdpr=0
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-742

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame ECA0 145 B
1 KB 105ms
49ms XHR
application/json 185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: d2f6o1s2veeoj7.cloudfront.net
URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

332af2c064777fd78548e8e11e409f891204b2965d2c1f9b40982d548a46a9fa

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:40 GMT
X-Proxy-Origin: 185.104.185.164; 185.104.185.164; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.48:80
AN-X-Request-Uuid: f95ab404-1d0d-4db8-a5e1-d347cc1ca06c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame ECA0 25 B
369 B 200ms
186ms XHR
application/json 2.21.111.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=388708&v=7.2&r=%7B%22id%22%3A%2213462e64e452d98%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2214660cc65866782%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2214660cc65866782%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2214660cc65866782%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22336x228%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A228%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2214660cc65866782%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22250x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A250%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2214660cc65866782%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22200x200%22%7D%2C%22banner%22%3A%7B%22w%22%3A200%2C%22h%22%3A200%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2214660cc65866782%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22250x360%22%7D%2C%22banner%22%3A%7B%22w%22%3A250%2C%22h%22%3A360%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2214660cc65866782%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22300x300%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A300%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2214660cc65866782%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22320x320%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A320%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2214660cc65866782%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22320x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2214660cc65866782%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22300x150%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A150%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fask.fm%2Fzipperdragon8103%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1
Requested by: Host: d2f6o1s2veeoj7.cloudfront.net
URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-111-28.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43a6a06d1407a59d762a7a17f5c2c139f6eab37c605dac9f35c3e4400f0563c9

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:40 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[FR], RC:[IDF], CN:[EU], CIP:[185.104.185.164], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ask.fm
x-cs-client-geo: 28
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 45
x-ak-client-geo: 28
expires: Tue, 25 May 2021 04:33:40 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame ECA0 145 B
1 KB 131ms
76ms XHR
application/json 185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: d2f6o1s2veeoj7.cloudfront.net
URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

f75c949a2a0cce5cb47dc9ee2afed1393cb89cb36a98b4f14dd77196e756ce39

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:40 GMT
X-Proxy-Origin: 185.104.185.164; 185.104.185.164; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.37:80
AN-X-Request-Uuid: d05904a5-83f7-4bfe-95c4-65088728b9be
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK / Show response
ghb.console.adtarget.com.tr/v2/auction/ Frame ECA0 1 KB
793 B 169ms
123ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.console.adtarget.com.tr/v2/auction/
Requested by: Host: d2f6o1s2veeoj7.cloudfront.net
URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 6abbc225f2a4334c1a2f201302ad8bea148b00be27446c1ff00e28939b7b4034

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 25 May 2021 04:33:39 GMT
Content-Encoding: gzip
Server: VertaMedia 1.0
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://ask.fm
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 512

GET
H2

200

1 Show response
mc.yandex.com/watch/48953915/
Redirect Chain

https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fzipperdragon8103&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A708%3Afu%3A0%3Aen%3Autf-8%...
https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fzipperdragon8103&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A708%3Afu%3A0%3Aen%3Autf-...

236 B
294 B

49ms
48ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fzipperdragon8103&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A708%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A523%3Acn%3A1%3Adp%3A0%3Als%3A1612746507229%3Ahid%3A896397683%3Az%3A120%3Ai%3A20210525063340%3Aet%3A1621917221%3Ac%3A1%3Arn%3A256530699%3Au%3A1621917221598797747%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621917219823%3Ads%3A1%2C304%2C195%2C1%2C0%2C0%2C%2C83%2C91%2C%2C%2C%2C587%3Adsn%3A1%2C304%2C195%2C1%2C0%2C0%2C%2C85%2C90%2C%2C%2C%2C587%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621917221%3At%3Amangumphulynch%20%28%40zipperdragon8103%29%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm

Requested by

Host: ask.fm
URL: https://ask.fm/zipperdragon8103

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

da99152e855fe6ad6e826fb421e8e168df6cf7fc7f425b8c5a4604d364cb2ec3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:40 GMT
x-content-type-options: nosniff
last-modified: Tue, 25-May-2021 04:33:40 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 236
x-xss-protection: 1; mode=block
expires: Tue, 25-May-2021 04:33:40 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:40 GMT
last-modified: Tue, 25-May-2021 04:33:40 GMT
location: /watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fzipperdragon8103&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A708%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A523%3Acn%3A1%3Adp%3A0%3Als%3A1612746507229%3Ahid%3A896397683%3Az%3A120%3Ai%3A20210525063340%3Aet%3A1621917221%3Ac%3A1%3Arn%3A256530699%3Au%3A1621917221598797747%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621917219823%3Ads%3A1%2C304%2C195%2C1%2C0%2C0%2C%2C83%2C91%2C%2C%2C%2C587%3Adsn%3A1%2C304%2C195%2C1%2C0%2C0%2C%2C85%2C90%2C%2C%2C%2C587%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621917221%3At%3Amangumphulynch%20%28%40zipperdragon8103%29%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm
strict-transport-security: max-age=31536000
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 25-May-2021 04:33:40 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 48ms
16ms Script
application/x-javascript 2a03:2880:f030:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-25cdb27fab782e5ee837664296143f732b96d09cad09968e25ca99f1b163ae9d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

41f7c607aa0ae83dc735e3445740d9fbe19130ff98914feb887ca5458602c2eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: iYC8Nfb7aPC6Zykoyhs9Ew==
cross-origin-resource-policy: cross-origin
expires: Tue, 25 May 2021 04:52:11 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1780
x-fb-rlafr: 0
x-fb-debug: ko4DOIjdW+7Qj7c3fazRdBHYGLHB9LicowEWWzdBkxlYynA+huBGdmWVlYAByzRIaUOAtWJ1QouahFk0CxGjOw==
x-fb-trip-id: 686109401
x-fb-content-md5: 22b429903a2a8edd4fdfb43c76c46bbe
date: Tue, 25 May 2021 04:33:40 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "960a2aaa8574ce0d2a6fad8bfa628196"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 81 KB
32 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NDJVZHZ

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-25cdb27fab782e5ee837664296143f732b96d09cad09968e25ca99f1b163ae9d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3a2ec2c73d4174ffff6677b1d95a444ba894ddc7f4dc5cc1e561736add95de92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32367
x-xss-protection: 0
last-modified: Tue, 25 May 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 25 May 2021 04:33:40 GMT

GET
H2 200 3eb3366e-65c3-4a24-90f5-0026136a4131.min.js Show response
cmp.optad360.io/items/ 2 B
357 B 56ms
28ms Script
application/javascript 2600:9000:21f3:da00:6:b871:4f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.optad360.io/items/3eb3366e-65c3-4a24-90f5-0026136a4131.min.js
Requested by: Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-25cdb27fab782e5ee837664296143f732b96d09cad09968e25ca99f1b163ae9d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:da00:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:41 GMT
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
last-modified: Wed, 28 Apr 2021 09:49:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "99914b932bd37a50b983c5e7c90ae93b"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
content-length: 2
x-amz-cf-id: ff8jZWRlkSOiskYSG2qey-TdDWoN84904cP2bMLuv3QTNlu9uv4WKQ==

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/ 255 KB
68 KB 33ms
8ms Script
application/javascript 2600:9000:21f3:4800:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js
Requested by: Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-25cdb27fab782e5ee837664296143f732b96d09cad09968e25ca99f1b163ae9d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:4800:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9e0941532e70d706aef15f35e1432835cd264136dd148bf3802eaff5003d52ea

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:21 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 09:54:50 GMT
server: AmazonS3
age: 20
etag: W/"c33938ad7b4d19b4a1024e88e093eb04"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: uT7dQuXjs3UUeoJoRoFeRl-m2_WppYtVUvFqz5jy0JU2DuVhpFMNWg==

GET
H2 200 html.js Show response
viadata.store/slider/ 8 KB
5 KB 226ms
76ms Script
application/javascript 23.111.211.20
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://viadata.store/slider/html.js?sid=102415
Requested by: Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-25cdb27fab782e5ee837664296143f732b96d09cad09968e25ca99f1b163ae9d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.211.20 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash: 557fad23ed9f127ff974d10134cb33823d5c9c7507bc115ff9583b103cb5211b

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:41 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
server: nginx/1.19.5
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 216 KB
64 KB 33ms
16ms Script
application/x-javascript 2a03:2880:f030:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=bede01210818d15248b805e1d8d938c3&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ffe97ec486ec7774cb9e7f2bb44ade7eebff70b9348d48b065e9d550659b60f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://ask.fm
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: QVFXMCFf+54GMPr2k/qwIg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 65226
x-fb-rlafr: 0
x-fb-debug: RwhxFAQtePKSvNacfwn2ZHMDOAasmWJf7Ivv2gcB93Fl+pZquyCRUkD0+yURGzyZD8VAGQwvjl2FSCRNi+z0EQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 96a77b4e53b3bfcf593b9c0bfcef61c3
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 25 May 2021 04:33:40 GMT
vary: Accept-Encoding
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "590884e16aa1b318a522a3019ba932a0"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 25 May 2022 03:11:24 GMT

GET
H/1.1 200
OK adscript.php Show response
askfm.adspirit.de/ Frame FE6C 3 KB
3 KB 221ms
79ms Script
text/javascript 85.215.2.53
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL

https://askfm.adspirit.de/adscript.php?pid=24

Requested by

Host: ask.fm
URL: https://ask.fm/zipperdragon8103

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.215.2.53 , Germany, ASN6724 (STRATO STRATO AG, DE),

Reverse DNS

Software

Apache /

Resource Hash

3dc23ab307f18ae1767e2150d7d6bd8f0122e8c91dcefb92e03b9df3ac013a4c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:41 GMT
last-modified: Tue, 25 May 2021 04:33:41 GMT
server: Apache
p3p: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript; charset=utf-8
content-length: 3088
x-xss-protection: 0
expires: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 47ms
16ms Image
image/gif 2a03:2880:f130:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=129215213762342&ev=fb_page_view&dl=https%3A%2F%2Fask.fm%2Fzipperdragon8103&rl=&if=false&ts=1621917221033&sw=1600&sh=1200&at=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 25 May 2021 04:33:41 GMT

GET
H2 200 prebid4.28.1.js Show response
get.optad360.io/sf/ 463 KB
464 KB 7ms
7ms Script
application/javascript 2600:9000:21f3:4800:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid4.28.1.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:4800:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b1efea1ea1d5dacd4e53c4d220663ec89ebc5c91f6b99c4d7e8f3a670e901ff4

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 04:09:14 GMT
via: 1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
last-modified: Tue, 02 Mar 2021 09:09:00 GMT
server: AmazonS3
age: 1038268
etag: "584a9977889abad1ce606050f709f6b5"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=360000000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 474184
x-amz-cf-id: dbDuiJOv_u2gjw0hG-l7XpZm1--c5mER0H-JfxY5S6y7CBUaPz8t9w==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1015 B 6ms
5ms XHR
application/json 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210525

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.28.1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6aef7c004e8d9551468e7ba3afa304f8fef2e0a71c6ef432542b90081a9bb051

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 40362
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 946
etag: W/"699-0CJm9egSPltQj3ljZWJXWc27UBs"
x-served-by: cache-fra19166-FRA
date: Tue, 25 May 2021 04:33:41 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 hls.js Show response
cdn.viadata.store/static/js/ 235 KB
71 KB 391ms
124ms Script
application/javascript 23.111.115.172
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viadata.store/static/js/hls.js
Requested by: Host: ask.fm
URL: https://ask.fm/zipperdragon8103
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.115.172 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: edb48f47d769a51a21230739ab84880f5d7b12367a72f636e33cb178b0b3d746

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:41 GMT
content-encoding: gzip
last-modified: Tue, 12 Jan 2021 14:39:05 GMT
server: nginx
etag: W/"5ffdb489-3ab3e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
x-continent: EU
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 code.js Show response
viadata.store/tag/ 30 KB
15 KB 79ms
78ms Script
application/javascript 23.111.211.20
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://viadata.store/tag/code.js
Requested by: Host: ask.fm
URL: https://ask.fm/zipperdragon8103
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.211.20 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash: 9e18d136de6919f81e71cd18adbbd83a8dbbba1e5073b101f3ee35a826b7993a

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:41 GMT
cache-control: public
content-type: application/javascript
server: nginx/1.19.5
content-encoding: br
vary: Accept-Encoding
expires: Wed, 26 May 2021 04:33:41 GMT

GET
H2 200 site
logs.viadata.store/req/ 43 B
297 B 332ms
66ms Image
image/gif 23.111.115.244
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.viadata.store/req/site?sid=102415&cid=0&uid=8c22ee2a-ecfb-45a0-ab3c-7d17f787347b&event=playerLoaded&cb=1621917221152

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 04:33:41 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2 200 210323.js Show response
cdn.viadata.store/js/player/ Frame 4EE4 179 KB
75 KB 366ms
191ms Script
application/javascript 23.111.115.172
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viadata.store/js/player/210323.js
Requested by: Host: ask.fm
URL: https://ask.fm/zipperdragon8103
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.115.172 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: e1523bb7c50aeb3b7c37d26e7bd7e22977e11013b50865832a9db6b8fc19abc6

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:41 GMT
content-encoding: gzip
last-modified: Fri, 14 May 2021 11:26:13 GMT
server: nginx
etag: W/"609e5e55-2cdc4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
x-continent: EU
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1 200
OK adasync.min.js Show response
askfm.adspirit.de/ Frame FE6C 33 KB
33 KB 44ms
44ms Script
application/javascript 85.215.2.53
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://askfm.adspirit.de/adasync.min.js
Requested by: Host: ask.fm
URL: https://ask.fm/zipperdragon8103
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.2.53 , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software: Apache /
Resource Hash: f09091df31ae66d41f2fef3ddcd70fdb7f3f016009c1c617d98a1548612f2cdb

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:41 GMT
last-modified: Fri, 18 Dec 2020 10:58:36 GMT
server: Apache
accept-ranges: bytes
etag: "82fc-5b6bafd748f00"
content-length: 33532
content-type: application/javascript

GET
H/1.1 200
OK adscript.php Show response
askfm.adspirit.de/ Frame FE6C 291 B
760 B 66ms
65ms Script
text/javascript 85.215.2.53
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL

https://askfm.adspirit.de/adscript.php?pid=24&wpcn=asmpvx6368601621917221&&ref=https%3A%2F%2Fask.fm%2Fzipperdragon8103&ptg=1&ptv=1&ptvaskfm_x26=&ptvaskfm_x30=&&gdpr=1&gdpr_consent=

Requested by

Host: ask.fm
URL: https://ask.fm/zipperdragon8103

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.215.2.53 , Germany, ASN6724 (STRATO STRATO AG, DE),

Reverse DNS

Software

Apache /

Resource Hash

ae78f62cfad2e88c5136451482a8a2eba3cfef2b6c23caeb427ca6113c2bf86c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:41 GMT
last-modified: Tue, 25 May 2021 04:33:41 GMT
server: Apache
p3p: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
x-ip: 185.104.185.164
content-type: text/javascript; charset=utf-8
content-length: 291
x-xss-protection: 0
expires: 0

GET
H2 200 asm_pageview.min.js Show response
cdn.adspirit.de/banner/ Frame FE6C 2 KB
1 KB 28ms
6ms Script
application/javascript 2a02:6ea0:c700::1
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adspirit.de/banner/asm_pageview.min.js
Requested by: Host: askfm.adspirit.de
URL: https://askfm.adspirit.de/adscript.php?pid=24&wpcn=asmpvx6368601621917221&&ref=https%3A%2F%2Fask.fm%2Fzipperdragon8103&ptg=1&ptv=1&ptvaskfm_x26=&ptvaskfm_x30=&&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9d33f1621ca6eca3c807b75f23aea2f847f1992d487cab0aeb732332af8fab46

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 25 May 2021 04:33:41 GMT
content-encoding: gzip
x-77-nzt-ray: iehQUPK24OM=
x-77-cache: HIT
x-cache: HIT
x-age: 54240
x-77-nzt: AcO1ryx56dDv4NMAAA==
last-modified: Tue, 11 Jun 2019 08:31:43 GMT
server: CDN77-Turbo
etag: W/"3762381252"
access-control-allow-methods: GET, POST, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-headers: range
expires: Sat, 10 Apr 2021 13:28:53 GMT

GET
H/1.1 200
OK adpageview.php
askfm.adspirit.de/ Frame FE6C 43 B
467 B 60ms
59ms Image
image/gif 85.215.2.53
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://askfm.adspirit.de/adpageview.php?&wsid=1&sid=1&sid2=0&sid3=0&gdpr_consent=&tz=1621917221616

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.215.2.53 , Germany, ASN6724 (STRATO STRATO AG, DE),

Reverse DNS

Software

Apache /

Resource Hash

5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:41 GMT
last-modified: Tue, 25 May 2021 04:33:41 GMT
server: Apache
p3p: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 43
x-xss-protection: 0
expires: 0

GET
H2 200 mov.m3u8 Show response
cdn.viadata.store/media/ 339 B
677 B 214ms
70ms XHR
application/vnd.apple.mpegurl 23.111.115.172
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viadata.store/media/mov.m3u8
Requested by: Host: cdn.viadata.store
URL: https://cdn.viadata.store/static/js/hls.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.115.172 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 23deffedc6282ddb415e452d713ebe11ab459d10443387e33d1f8b1e5d3a1650

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:41 GMT
last-modified: Wed, 13 Jan 2021 10:15:09 GMT
server: nginx
etag: "5ffec82d-153"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-allow-credentials: true
x-continent: EU
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 339

GET
DATA 200
OK truncated
/ 331 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 740 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 384 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 782 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 395 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 449 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 480 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 371 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f32ab7d466ee99b7e292e7b830b4c2ae03c2f959a0555264a01ceb892a15392

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 211 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 756b9209561d2a2a4a54f2198bf8e6ebd9b8982452f3a7607026acc259211c81

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 viads-player-logo-50.png
cdn.viadata.store/static/ 10 KB
10 KB 84ms
84ms Image
image/png 23.111.115.172
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viadata.store/static/viads-player-logo-50.png
Requested by: Host: ask.fm
URL: https://ask.fm/zipperdragon8103
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.115.172 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: c3f11ffbaaba9768b1b5b86613b1dfe237de5257be4ac0a8d477ec497e38a20c

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:41 GMT
last-modified: Wed, 26 Feb 2020 10:23:58 GMT
server: nginx
etag: "5e56473e-26d1"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
x-continent: EU
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 9937

GET
H2 200 tags.php Show response
pl.viadata.store/assets/ Frame 4EE4 5 KB
1 KB 117ms
74ms XHR
application/json 23.111.211.20
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://pl.viadata.store/assets/tags.php?secured=1&language=en&page_url=https%3A%2F%2Fask.fm%2Fzipperdragon8103&pub_sid=102415&pub_sub=0&format=json&tgt=0&VIA_SUBID=&VIA_ABT=&pce=1&npx=1&VIA_DNT=0&page_domain=ask.fm&trackdomain=logs.viadata.store&VIA_DADPOS=3&avtoken=221696&VIA_WIDTH=432&VIA_HEIGHT=243&imp=false&rc=1&cb=1621917221754
Requested by: Host: ask.fm
URL: https://ask.fm/zipperdragon8103
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.211.20 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash: eb7c189c7b381ef66e371579c9a7fc5016e7ac3b0e73b554ba0aa16fa146be55

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ask.fm
date: Tue, 25 May 2021 04:33:41 GMT
content-encoding: br
access-control-allow-credentials: true
server: nginx/1.19.5
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 cs Show response
rtb-msk-2.viadata.store/vast/ Frame 4EE4 71 B
417 B 224ms
74ms XHR
application/xml 23.111.115.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb-msk-2.viadata.store/vast/cs?zone=102415&w=432&h=243&site=https%3A%2F%2Fask.fm%2Fzipperdragon8103&vp=2&cbb=1917221879

Requested by

Host: ask.fm
URL: https://ask.fm/zipperdragon8103

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.111.115.236 , Russian Federation, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
age: 0
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/xml; charset=utf-8
access-control-allow-origin: https://ask.fm
cache-control: no-store
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
access-control-allow-headers: Content-Type, Accept

GET
H/1.1 200
OK v0 Show response
vtg1.rktch.com/ Frame 4EE4 21 B
417 B 219ms
70ms XHR
text/xml 176.99.5.169
LOGOL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vtg1.rktch.com/v0?i=11736&url=https%3A%2F%2Fask.fm%2Fzipperdragon8103&siteid=102415&cbb=1917221881
Requested by: Host: ask.fm
URL: https://ask.fm/zipperdragon8103
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.99.5.169 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 64a76d85490bf923477d715fb998da7a59c66988a645d080e2436f40cb3190f6

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:41 GMT
Server: nginx/1.14.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST
Content-Type: text/xml; charset=UTF-8
Access-Control-Allow-Origin: https://ask.fm
Access-Control-Max-Age: 0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Authorization, x-ad4-*

GET
H/1.1 200
OK rle.cgi Show response
ad.adriver.ru/cgi-bin/ Frame 4EE4 5 KB
6 KB 483ms
359ms XHR
text/xml 195.209.108.35
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adriver.ru/cgi-bin/rle.cgi?sid=222536&bn=1&bt=61&pz=0&w=400&h=220&vp=5&target=top&vmindn=5&vmaxdn=180&vminbtr=30&vmaxbtr=3000&tuid=1&rnd=1917221882&tail256=https%3A%2F%2Fask.fm%2F
Requested by: Host: ask.fm
URL: https://ask.fm/zipperdragon8103
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.108.35 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: eb32ceaf4ddd73a40dcd735f4c8d96926d088850384583a0f4e60938afd72e90

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:42 GMT
Transfer-Encoding: chunked
P3P: policyref="https://adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Access-Control-Allow-Origin: https://ask.fm
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
ads.viralize.tv/vast/ Frame 4EE4 2 KB
2 KB 76ms
30ms XHR
text/xml 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.viralize.tv/vast/?zid=AADPh4dFgdgbKwgH&u=ask.fm&cbb=1917221882
Requested by: Host: ask.fm
URL: https://ask.fm/zipperdragon8103
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: 1a5c8cd0a6a5f20fa20aabbdebfc2c88bb4f2627bfe161293a0060148e40a39e

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:41 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding, Origin
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://ask.fm
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google
expires: 0

GET
H/1.1 200
OK vast Show response
moevideo.biz/ Frame 4EE4 2 KB
1 KB 332ms
166ms XHR
application/xml 92.38.138.105
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moevideo.biz/vast?ref=viads-ask.fm&impressionAfterPaid=1&es=1&vl=1&mvis=1&referrer=https%3A%2F%2Fask.fm%2Fzipperdragon8103&cbb=1917221882
Requested by: Host: ask.fm
URL: https://ask.fm/zipperdragon8103
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.138.105 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx / PHP/5.5.38
Resource Hash: cb5821c7f2229b215fd791ce3e7053cf4edab0a2c0c710bd2f701f5bdd18d4d8

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:42 GMT
Content-Encoding: gzip
X-Mv-Embed-Version: 1352
X-Powered-By: PHP/5.5.38
Transfer-Encoding: chunked
Connection: keep-alive
X-My-Reqtime: 0.083
Pragma: no-cache
Last-Modified: Tue, 25 May 2021 04:33:42 GMT
Server: nginx
X-My-Name: s39
Access-Control-Allow-Methods: GET, POST
Content-Type: application/xml
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
X-Mv-TryCache: 0
X-My-App-Time: 0.001
Access-Control-Allow-Headers: Content-Type, Accept
Expires: Thu, 19 Feb 1998 13:24:18 GMT

GET vast.php
emea.viadata.store/dynadmic/ Frame 4EE4 0
0

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/7205/i/ Frame 4EE4
Redirect Chain

https://dmg.digitaltarget.ru/1/7205/i/i?a=945&e=8c22ee2a-ecfb-45a0-ab3c-7d17f787347b&i=1621917221
https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=8c22ee2a-ecfb-45a0-ab3c-7d17f787347b&i=1621917221

49 B
602 B

91ms
91ms

Image
image/gif

185.15.175.134
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=8c22ee2a-ecfb-45a0-ab3c-7d17f787347b&i=1621917221

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.15.175.134 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 9
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Tue, 25 May 2021 04:33:42 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=8c22ee2a-ecfb-45a0-ab3c-7d17f787347b&i=1621917221
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H2 200 dsp
logs.viadata.store/event/ Frame 4EE4 43 B
296 B 71ms
65ms Image
image/gif 23.111.115.244
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.viadata.store/event/dsp?sid=102415&event=rtb&event2=request&cb=1621917221875&tid=2110

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 04:33:41 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2 200 dsp
logs.viadata.store/event/ Frame 4EE4 43 B
296 B 73ms
66ms Image
image/gif 23.111.115.244
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.viadata.store/event/dsp?sid=102415&event=rtb&event2=request&cb=1621917221879&tid=2106

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 04:33:41 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2 200 dsp
logs.viadata.store/event/ Frame 4EE4 43 B
296 B 73ms
66ms Image
image/gif 23.111.115.244
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.viadata.store/event/dsp?sid=102415&event=rtb&event2=request&cb=1621917221880&tid=2552

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 04:33:41 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2 200 dsp
logs.viadata.store/event/ Frame 4EE4 43 B
296 B 73ms
67ms Image
image/gif 23.111.115.244
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.viadata.store/event/dsp?sid=102415&event=rtb&event2=request&cb=1621917221881&tid=2108

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 04:33:41 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2 200 dsp
logs.viadata.store/event/ Frame 4EE4 43 B
296 B 73ms
66ms Image
image/gif 23.111.115.244
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.viadata.store/event/dsp?sid=102415&event=rtb&event2=request&cb=1621917221881&tid=4760

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 04:33:41 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2 200 dsp
logs.viadata.store/event/ Frame 4EE4 43 B
296 B 73ms
67ms Image
image/gif 23.111.115.244
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.viadata.store/event/dsp?sid=102415&event=rtb&event2=request&cb=1621917221882&tid=2111

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 04:33:41 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2 200 dsp
logs.viadata.store/event/ Frame 4EE4 43 B
296 B 73ms
67ms Image
image/gif 23.111.115.244
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.viadata.store/event/dsp?sid=102415&event=rtb&event2=request&cb=1621917221882&tid=2555

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 04:33:41 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2 200 dsp
logs.viadata.store/event/ Frame 4EE4 43 B
296 B 73ms
68ms Image
image/gif 23.111.115.244
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.viadata.store/event/dsp?sid=102415&event=rtb&event2=request&cb=1621917221882&tid=2109

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 04:33:41 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2 200 dsp
logs.viadata.store/event/ Frame 4EE4 43 B
296 B 73ms
68ms Image
image/gif 23.111.115.244
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.viadata.store/event/dsp?sid=102415&event=rtb&event2=request&cb=1621917221883&tid=601

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 04:33:41 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

POST
H2 200 48953915 Show response
mc.yandex.com/webvisor/ 43 B
73 B 193ms
98ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=896397683&page-url=https%3A%2F%2Fask.fm%2Fzipperdragon8103&rn=92758328&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1621917223%3Aw%3A1600x1200%3Av%3A523%3Az%3A120%3Ai%3A20210525063342%3Au%3A1621917221598797747%3Avf%3A5gv0p5rfujionf9a%3Awe%3A1%3Ati%3A2%3Ast%3A1621917223

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:43 GMT
last-modified: Tue, 25-May-2021 04:33:43 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 25-May-2021 04:33:43 GMT

POST
H2 200 48953915 Show response
mc.yandex.com/webvisor/ 43 B
145 B 142ms
49ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=896397683&page-url=https%3A%2F%2Fask.fm%2Fzipperdragon8103&rn=178379412&wv-type=5&browser-info=gdpr%3A14%3Aet%3A1621917223%3Aw%3A1600x1200%3Av%3A523%3Az%3A120%3Ai%3A20210525063342%3Au%3A1621917221598797747%3Avf%3A5gv0p5rfujionf9a%3Awe%3A1%3Ati%3A2%3Ast%3A1621917223

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:43 GMT
last-modified: Tue, 25-May-2021 04:33:43 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 25-May-2021 04:33:43 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 8228 83 KB
27 KB 41ms
15ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: d2f6o1s2veeoj7.cloudfront.net
URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:43 GMT
content-encoding: gzip
last-modified: Thu, 20 May 2021 06:12:34 GMT
server: nginx
etag: W/"60a5fdd2-14a5d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 May 2021 04:33:43 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 73A7 0
326 B 41ms
14ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ask.fm

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=ask.fm
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ask.fm/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ask.fm/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1906
set-cookie: uid=6805d33b-09ea-47aa-94a4-ec68290563db; expires=Wed, 25 May 2022 04:33:43 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Tue, 25 May 2021 04:33:43 GMT
content-length: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 8228 83 KB
27 KB 40ms
14ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:43 GMT
content-encoding: gzip
last-modified: Thu, 20 May 2021 06:12:34 GMT
server: nginx
etag: W/"60a5fdd2-14a5d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 May 2021 04:33:43 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 38ms
13ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1

Protocol

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://ask.fm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://ask.fm
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1482
date: Tue, 25 May 2021 04:33:43 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 optad360.js Show response
serving.stat-rock.com/player/ 303 KB
95 KB 138ms
57ms Script
application/javascript 144.76.120.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://serving.stat-rock.com/player/optad360.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.120.254 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 37afcc50aed647983a6e055ccfdcb8ffb5edc9f759d42330a10edb6585f971f7

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:44 GMT
content-encoding: gzip
last-modified: Wed, 12 May 2021 07:13:31 GMT
server: nginx
etag: W/"609b801b-4bbf3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=600

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1
https://mug.criteo.com/sid?cpp=uq1hUXxNeTY2RUhhTDVqaFVLcFp2NnhLeHBRTy9oS0IrYzVZZlhtMEZBdkJzSGRCbUMrODdaN3p0WGdMRVBqa2haMnpXR0d5Y0wzeEcrYlRQRVhLelc2b3JjL1R0aUtqR3Y4NEovZW1aOVpXRWNuaWhUa0VVaW15VE5GV3...

419 B
683 B

61ms
21ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=uq1hUXxNeTY2RUhhTDVqaFVLcFp2NnhLeHBRTy9oS0IrYzVZZlhtMEZBdkJzSGRCbUMrODdaN3p0WGdMRVBqa2haMnpXR0d5Y0wzeEcrYlRQRVhLelc2b3JjL1R0aUtqR3Y4NEovZW1aOVpXRWNuaWhUa0VVaW15VE5GV3c2Z09PK3ZZMXlvK2JaL2tjbkdNb2xRNWZJd09PWi9QcXRGOTBvbjE0QmVlV1Z0TzF4QnU0ZkNxYlMyaVdoMWk4bGIyVmtYNXI2TmVwajJ6ai8vaGNydHBYSWpFZnlDZGFQYVd5dnVObVZsaWxybnArblI4V2EvaDEzUGJmTldxVytqbWdPdHpZfA&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

b3b0ef2b10db3b888a68dfffe70f0e91591e3b06b727d0e7b84f22392265e5c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 25 May 2021 04:33:44 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2087
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 25 May 2021 04:33:43 GMT
location: https://mug.criteo.com/sid?cpp=uq1hUXxNeTY2RUhhTDVqaFVLcFp2NnhLeHBRTy9oS0IrYzVZZlhtMEZBdkJzSGRCbUMrODdaN3p0WGdMRVBqa2haMnpXR0d5Y0wzeEcrYlRQRVhLelc2b3JjL1R0aUtqR3Y4NEovZW1aOVpXRWNuaWhUa0VVaW15VE5GV3c2Z09PK3ZZMXlvK2JaL2tjbkdNb2xRNWZJd09PWi9QcXRGOTBvbjE0QmVlV1Z0TzF4QnU0ZkNxYlMyaVdoMWk4bGIyVmtYNXI2TmVwajJ6ai8vaGNydHBYSWpFZnlDZGFQYVd5dnVObVZsaWxybnArblI4V2EvaDEzUGJmTldxVytqbWdPdHpZfA&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ask.fm
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1803
content-length: 509
expires: 0

GET
H2 200 / Show response
adx.adform.net/adx/ 10 B
449 B 228ms
133ms XHR
application/json 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTg2NTI1MyZ0cmFuc2FjdGlvbklkPTFmZDAxMjI2LTcyYjMtNGJjOS04YjhmLWEzNDNlZjQ3MmM0YyZyY3VyPVBMTg%3D%3D&bWlkPTgwMjYyMCZ0cmFuc2FjdGlvbklkPTk1OGUyZGY3LWQ1MjUtNDQ5Ny05NmUwLWE2MDQyYzViMjBhYyZyY3VyPVBMTg%3D%3D&pt=gross&stid=696421a0-6de5-4195-b888-b3c6b645dd69&gdpr=0&gdpr_consent=undefined&fd=1

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.28.1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:44 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ask.fm
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 10
expires: -1

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
358 B 88ms
29ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.28.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://ask.fm
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 260 B
1 KB 46ms
45ms XHR
application/json 185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.28.1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

77cf9c1612dcbfc5626f271d1fbcd09f940ce329f2ecad4964bf22bb3b8f210c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:44 GMT
X-Proxy-Origin: 185.104.185.164; 185.104.185.164; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.77:80
AN-X-Request-Uuid: 924d67ef-1e95-40b8-b7fa-11a39f459a41
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 260
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v2 Show response
i.connectad.io/api/ 0
377 B 56ms
41ms XHR
text/plain 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.28.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 May 2021 04:33:44 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://ask.fm
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 654c0c1aa9b43237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a4365e4a7000032377e9b1000000001

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 25 B
369 B 44ms
44ms XHR
application/json 2.21.111.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=425272&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221155a0614574caa%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fask.fm%2Fzipperdragon8103%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.28.0%22%2C%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22122b7dc306e3708%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22122b7dc306e3708%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22750x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A750%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22122b7dc306e3708%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.28.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-111-28.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 955cde192ca67fbfa7b2b09e43f72b171f7a0870d6f98a5b545eb549465e94a7

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:44 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[FR], RC:[IDF], CN:[EU], CIP:[185.104.185.164], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ask.fm
x-cs-client-geo: 28
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 45
x-ak-client-geo: 28
expires: Tue, 25 May 2021 04:33:44 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
359 B 312ms
104ms XHR
text/plain 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.28.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ask.fm
date: Tue, 25 May 2021 04:33:44 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 1
vary: origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 260 B
1 KB 102ms
102ms XHR
application/json 185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.28.1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

40b784aed91e0f7d6d756bd7af24b82055d3f0a98480eaa6829d41cc295d16ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:44 GMT
X-Proxy-Origin: 185.104.185.164; 185.104.185.164; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.248:80
AN-X-Request-Uuid: 9325597a-df88-4d43-b978-6b3497c9af19
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 260
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 72ms
21ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1217
date: Tue, 25 May 2021 04:33:43 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 630 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK Cookie set zipperdragon8103 Show response
ask.fm/ 16 KB
6 KB 163ms
163ms XHR
text/html 193.138.77.142
ASK-FM

General

Check archive.org

Show headers Download Go to

Full URL

https://ask.fm/zipperdragon8103

Requested by

Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/optad360.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.138.77.142 , Latvia, ASN395754 (ASK-FM, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

f1c670c430666ae5141b335260e90338873051526ead9ad670e06c14f611debf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: ask.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://ask.fm/zipperdragon8103
Cookie: locale=en; uuid=d82b8aae-4965-4f96-98bc-16687116dbce; country=FR; traffic_source=organic; _ym_uid=1621917221598797747; _ym_d=1621917221; _ym_isad=2; _m_ask_fm_session=U3F0TnN4WHZFZlY2WXZmRHFHTVdPRmgvQjN6V0ZBbVFBWXpDbVVmV0s0OC9FdlBDTk1OampiQjRnSlk0ZjhGMGQvR1p6L29STkhhbDZLRTN1TWM3SEVXTUpqeXZhb21ERUFobmh2bkU5cXZnakRGejdhUVBrTy9hSjEwVnRMK3RMcFZBbjlmSms4b0xGZk96c1pSVnYrZDRhQ2g3VWRhNGtnMmovYkFySzJBQzNYQVpPWGpNQnMreU5aM3ZsOVdKeG45UWtRdE02TllZc3ZFVnlWdVUwTHhqVGVsM3NVQ2lQbkswaTdoNjBic1VBdDRhNGRFMEpsMjJUSXpVbkhmbS0tZWdUcUIwN2xncWhqVmVlY2RadHNNUT09--046de8fceb2f1ad8b5b6382e9636610c27bc7cfc; _ym_visorc=w; _pbjs_userid_consent_data=6683316680106290; cto_bidid=L67GVF9WQUhITGhGODFPUHRMMG16bFllZGtYU0xUVDZEZDE0YUUwWGxHRTAyc01RdXYzM0N0OXlCaWl4S0FyOFFvUjNybnhIeCUyRkdlcnM1MENIQWRveWs1MDFQR2oxQ01QV2hBMkNoWVRDVDhLRSUyQjAlM0Q; cto_bundle=dY6ca19yWlFacEE0TzlPTDczTGwlMkJ5VHNKMW1ZN0YxS2pSVFlLJTJCaWg1RmdrVnhsNmMlMkZhQmxwMjZ6YiUyRkZCazdPNDRRN2glMkZDeUtHVFR6SjM1TEJYUEw0Q3VodmNuTXNhakMlMkJPUm5tS285V0d3SDJaaHA3SmZyRDY0eGoxUDNBMXRlU2lxJTJCelJxaWhRSnVHek5Wck9RSUpGRnolMkJBJTNEJTNE
Connection: keep-alive
Referer: https://ask.fm/zipperdragon8103
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Ask.FM Web Service
ETag: W/"9ffe3156517ac3a39edeb617a5e0992b"
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Status: 200 OK
Set-Cookie: locale=en; path=/; expires=Wed, 25 May 2022 10:33:44 -0000 _m_ask_fm_session=c3hPTGdaUlMzbWluc2QvbnFkQTVxencrd0k5TUMvZlczVGZhWnMvUjR0bGFJbkl2L1lydFRUODQ1bzhzRUQxdXhyNDhBTHZjL0RXb0JxbFJpeVZlUWE4eDF5UXBFZkxtSVl3aUNGQU1NQ1FnalUvQlh5SVdMQnJGU2pUdGwvTWxjRHZiZmNaUUxRd0t5OFdNSDBQUzdxRzAvRkdUWHNWUTEvTFZpdU5Yd2RONGhYVHhVdjdjek9xWEQ0YjhDOHA5T3RWZkNSS05SelYxSmhHS2VQTXFUZ3E0aVNoU2pqRDBJTlpEd2RmL1daRjVscUljRjhSNEUydU9FNUxwSUJrOC0tM1FNQ0hHaVp3dnd6NEVHMVlSRTRvQT09--4de0dd394406b09b427b779bb436eca48228f93c; path=/; expires=Fri, 28 May 2021 04:33:44 -0000; secure; HttpOnly
Cache-Control: max-age=0, private, must-revalidate
Transfer-Encoding: chunked
Content-Security-Policy: frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security: max-age=63072000
X-XSS-Protection: 1; mode=block

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
163 B 115ms
37ms Image
image/gif 144.76.120.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?id=1621917224697.5498&type=INIT&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fzipperdragon8103&t=460&v=88&width=528&z=p%3Adf%3Bv%3AinView%3B&r=0.5767844660504431
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.120.254 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: https://ask.fm
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ask.fm
date: Tue, 25 May 2021 04:33:44 GMT
srvf: 144.76.120.254
server: nginx
srvb: 127.0.0.1:8082
content-length: 35
content-type: image/gif

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
162 B 116ms
38ms Image
image/gif 144.76.120.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?id=1621917224697.5498&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fzipperdragon8103&t=469&v=88&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.7914210359115563
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.120.254 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: https://ask.fm
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ask.fm
date: Tue, 25 May 2021 04:33:44 GMT
srvf: 144.76.120.254
server: nginx
srvb: 127.0.0.1:8082
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK Cookie set zipperdragon8103 Show response
ask.fm/ 16 KB
6 KB 167ms
166ms XHR
text/html 193.138.77.142
ASK-FM

General

Check archive.org

Show headers Download Go to

Full URL

https://ask.fm/zipperdragon8103

Requested by

Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/optad360.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.138.77.142 , Latvia, ASN395754 (ASK-FM, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

7368fe1368d514d2438ec6bb0b6663634e627e61a760c4eb5a8af574ae0e3ccc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: ask.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://ask.fm/zipperdragon8103
Cookie: locale=en; uuid=d82b8aae-4965-4f96-98bc-16687116dbce; country=FR; traffic_source=organic; _ym_uid=1621917221598797747; _ym_d=1621917221; _ym_isad=2; _ym_visorc=w; _pbjs_userid_consent_data=6683316680106290; cto_bidid=L67GVF9WQUhITGhGODFPUHRMMG16bFllZGtYU0xUVDZEZDE0YUUwWGxHRTAyc01RdXYzM0N0OXlCaWl4S0FyOFFvUjNybnhIeCUyRkdlcnM1MENIQWRveWs1MDFQR2oxQ01QV2hBMkNoWVRDVDhLRSUyQjAlM0Q; cto_bundle=dY6ca19yWlFacEE0TzlPTDczTGwlMkJ5VHNKMW1ZN0YxS2pSVFlLJTJCaWg1RmdrVnhsNmMlMkZhQmxwMjZ6YiUyRkZCazdPNDRRN2glMkZDeUtHVFR6SjM1TEJYUEw0Q3VodmNuTXNhakMlMkJPUm5tS285V0d3SDJaaHA3SmZyRDY0eGoxUDNBMXRlU2lxJTJCelJxaWhRSnVHek5Wck9RSUpGRnolMkJBJTNEJTNE; _m_ask_fm_session=c3hPTGdaUlMzbWluc2QvbnFkQTVxencrd0k5TUMvZlczVGZhWnMvUjR0bGFJbkl2L1lydFRUODQ1bzhzRUQxdXhyNDhBTHZjL0RXb0JxbFJpeVZlUWE4eDF5UXBFZkxtSVl3aUNGQU1NQ1FnalUvQlh5SVdMQnJGU2pUdGwvTWxjRHZiZmNaUUxRd0t5OFdNSDBQUzdxRzAvRkdUWHNWUTEvTFZpdU5Yd2RONGhYVHhVdjdjek9xWEQ0YjhDOHA5T3RWZkNSS05SelYxSmhHS2VQTXFUZ3E0aVNoU2pqRDBJTlpEd2RmL1daRjVscUljRjhSNEUydU9FNUxwSUJrOC0tM1FNQ0hHaVp3dnd6NEVHMVlSRTRvQT09--4de0dd394406b09b427b779bb436eca48228f93c
Connection: keep-alive
Referer: https://ask.fm/zipperdragon8103
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Ask.FM Web Service
ETag: W/"d67d2ccdc4becbf9bfa821a0595b4c78"
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Status: 200 OK
Set-Cookie: locale=en; path=/; expires=Wed, 25 May 2022 10:33:44 -0000 _m_ask_fm_session=VUwwT1A5RHdYN3FqRGpxMVY3KzVublp1Y2ZhRHRpY3dZUkJYc2dpdWZwN0srMGZBYStXeFBIWEZsc3Z0VnlpYkhjN0tKR1RMSmpYWHpISEN5bks3a3ZENSt1Zll0U0dzcVdOREg1VUs3RWZPR1ZmNmxZY2dSeWpyTkRSakpvalBBMGVRWUNoemVvS0ZHcUhnYnNvRzQxTkJrY1dLdlk5VW1OR0RIYm1Bdm82ZElNTDU2aDhVaDQ1bjVMRUwwcWpKRzBGZ3g3V2VoQlIrblBwNVQ3UE9LVkhRUXk5bHJvcHF6bStleXVZZ0hYRW5vSzJRTUJ5dkpoU0RWZnc3NVNaYS0teFVkNmxGQWFKSFRtc3dXS3VVQWxYUT09--62f1fc4bd671ae83721be85cac8b4da7554a4d19; path=/; expires=Fri, 28 May 2021 04:33:45 -0000; secure; HttpOnly
Cache-Control: max-age=0, private, must-revalidate
Transfer-Encoding: chunked
Content-Security-Policy: frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security: max-age=63072000
X-XSS-Protection: 1; mode=block

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
162 B 38ms
37ms Image
image/gif 144.76.120.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?d=1&id=1621917224697.5498&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fzipperdragon8103&t=638&v=88&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.3405511698242003
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.120.254 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: https://ask.fm
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ask.fm
date: Tue, 25 May 2021 04:33:44 GMT
srvf: 144.76.120.254
server: nginx
srvb: 127.0.0.1:8082
content-length: 35
content-type: image/gif

POST
H2 200 48953915 Show response
mc.yandex.com/webvisor/ 43 B
145 B 147ms
52ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=2&wv-hit=896397683&page-url=https%3A%2F%2Fask.fm%2Fzipperdragon8103&rn=847333629&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1621917225%3Aw%3A1600x1200%3Av%3A523%3Az%3A120%3Ai%3A20210525063344%3Au%3A1621917221598797747%3Avf%3A5gv0p5rfujionf9a%3Awe%3A1%3Ati%3A2%3Ast%3A1621917225

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:45 GMT
last-modified: Tue, 25-May-2021 04:33:45 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 25-May-2021 04:33:45 GMT

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
162 B 38ms
38ms Image
image/gif 144.76.120.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?id=1621917224697.5498&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fzipperdragon8103&t=808&v=88&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.24376686071025655
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.120.254 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: https://ask.fm
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ask.fm
date: Tue, 25 May 2021 04:33:45 GMT
srvf: 144.76.120.254
server: nginx
srvb: 127.0.0.1:8082
content-length: 35
content-type: image/gif

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
162 B 38ms
38ms Image
image/gif 144.76.120.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?d=1&id=1621917224697.5498&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fzipperdragon8103&t=808&v=88&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.037123679129247744
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.120.254 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: https://ask.fm
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ask.fm
date: Tue, 25 May 2021 04:33:45 GMT
srvf: 144.76.120.254
server: nginx
srvb: 127.0.0.1:8082
content-length: 35
content-type: image/gif

POST
H2 200 48953915 Show response
mc.yandex.com/webvisor/ 43 B
145 B 52ms
52ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=3&wv-hit=896397683&page-url=https%3A%2F%2Fask.fm%2Fzipperdragon8103&rn=48230175&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1621917227%3Aw%3A1600x1200%3Av%3A523%3Az%3A120%3Ai%3A20210525063346%3Au%3A1621917221598797747%3Avf%3A5gv0p5rfujionf9a%3Awe%3A1%3Ati%3A2%3Ast%3A1621917227

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:46 GMT
last-modified: Tue, 25-May-2021 04:33:46 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 25-May-2021 04:33:46 GMT

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame 3CC7 1 KB
774 B 25ms
24ms Document
text/html 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.28.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

:method: GET
:authority: cdn.connectad.io
:scheme: https
:path: /connectmyusers.php?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ask.fm/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ask.fm/

Response headers

date: Tue, 25 May 2021 04:33:47 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
cf-request-id: 0a4365f19400003237b3264000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 654c0c2f5df23237-FRA
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 392C 2 KB
1 KB 100ms
33ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.28.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ask.fm/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ask.fm/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Tue, 25 May 2021 04:33:47 GMT
Connection: keep-alive

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame F2B9 2 KB
818 B 29ms
29ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1621917224181

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.28.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?cb=1621917224181
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ask.fm/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ask.fm/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 13C6 52 KB
17 KB 104ms
37ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.28.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ask.fm/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ask.fm/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Wed, 26 May 2021 04:33:49 GMT
Date: Tue, 25 May 2021 04:33:47 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ 0
55 B 29ms
29ms Image
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform
content-length: 0

GET
H2 204 1
sync-eu.connectad.io/syncer/ Frame D1F0 0
0 19ms
17ms Document
text/plain 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-eu.connectad.io/syncer/1
Requested by: Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: sync-eu.connectad.io
:scheme: https
:path: /syncer/1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.connectad.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: cadsync
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cdn.connectad.io/

Response headers

date: Tue, 25 May 2021 04:33:47 GMT
set-cookie: id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control: no-cache, private
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 0a4365f1b500003237b2930000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 654c0c2f8e2b3237-FRA

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 4496
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

39ms
38ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 18e9f121a9bc0d87790b6868e7590deace3d556cb5ed36694a4eadbdb9211165

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YKx.KxrqeTZIH70N0lsBBgAA; CMPS=1219
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 45|39|230|241|65|40|47|81
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1793
Expires: Tue, 25 May 2021 04:33:47 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 25 May 2021 04:33:47 GMT
Connection: keep-alive
Set-Cookie: CMID=YKx.KxrqeTZIH70N0lsBBgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 25 May 2022 04:33:47 GMT CMPS=1219;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 23 Aug 2021 04:33:47 GMT CMPRO=1122;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 23 Aug 2021 04:33:47 GMT CMST=YKx+K2CsfisA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 26 May 2021 04:33:47 GMT CMRUM3=2760ac7e2b0b40&4160ac7e2b05a0&2d60ac7e2b05a0&f160ac7e2b05a0&5160ac7e2b05a0&2860ac7e2b05a00&2f60ac7e2b05a0&e660ac7e2b2760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 25 May 2022 04:33:47 GMT

Redirect headers

Server: Apache
Content-Length: 329
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Tue, 25 May 2021 04:33:47 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 25 May 2021 04:33:47 GMT
Connection: keep-alive
Set-Cookie: CMID=YKx.KxrqeTZIH70N0lsBBgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 25 May 2022 04:33:47 GMT CMPS=1219;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 23 Aug 2021 04:33:47 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 13C6
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
826 B

29ms
28ms

Script
text/html

185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:47 GMT
X-Proxy-Origin: 185.104.185.164; 185.104.185.164; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.249:80
AN-X-Request-Uuid: 54f354c4-ed1b-4f5a-bac9-9a47ed29eeb2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:47 GMT
X-Proxy-Origin: 185.104.185.164; 185.104.185.164; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.101:80
AN-X-Request-Uuid: 18403c88-26dc-4c23-9070-556f8b455ceb
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 4496
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YKx.KxrqeTZIH70N0lsBBgAA
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YKx.KxrqeTZIH70N0lsBBgAA&google_tc=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPAXO6U_TOW_fW8JwnT5sVk&google_cver=1&google_hm=2

43 B
1 KB

34ms
34ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPAXO6U_TOW_fW8JwnT5sVk&google_cver=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:47 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 25 May 2021 04:33:47 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPAXO6U_TOW_fW8JwnT5sVk&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 330
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 4496 70 B
265 B 113ms
37ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YKx.KxrqeTZIH70N0lsBBgAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:47 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 4496
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YKx-KxrqeTZIH70N0lsBBgAABGIAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YKx-KxrqeTZIH70N0lsBBgAABGIAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKvPIUqswTc_nGq2Y2-N0Ps&google_cver=1

43 B
315 B

30ms
30ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKvPIUqswTc_nGq2Y2-N0Ps&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:47 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 25 May 2021 04:33:47 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKvPIUqswTc_nGq2Y2-N0Ps&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 4496
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YKx-KxrqeTZIH70N0lsBBgAABGIAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YKx-KxrqeTZIH70N0lsBBgAABGIAAAAB&dcc=t

43 B
433 B

100ms
99ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YKx-KxrqeTZIH70N0lsBBgAABGIAAAAB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:47 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:47 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YKx-KxrqeTZIH70N0lsBBgAABGIAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame 4496
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1622003627&gdpr=1

43 B
315 B

104ms
36ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1622003627&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:47 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 25 May 2021 04:33:47 GMT

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1622003627&gdpr=1
pragma: no-cache
date: Tue, 25 May 2021 04:33:47 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 4496
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=kSeNkTxF1LLoLh5&gdpr=1

43 B
1 KB

38ms
38ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=kSeNkTxF1LLoLh5&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:47 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 25 May 2021 04:33:47 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:47 GMT
Server: PingMatch/v2.0.30-649-g03fe1b8#rel-ec2-master i-04527eea692282deb@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=kSeNkTxF1LLoLh5&gdpr=1
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4496
Redirect Chain

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=Q2yIXUI521xYPd0JTWvECkU_21pYbNsGFm4Jbqrc

43 B
1013 B

104ms
37ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=Q2yIXUI521xYPd0JTWvECkU_21pYbNsGFm4Jbqrc
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:47 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 25 May 2021 04:33:47 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:47 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=Q2yIXUI521xYPd0JTWvECkU_21pYbNsGFm4Jbqrc
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 4496 43 B
425 B 33ms
32ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YKx.KxrqeTZIH70N0lsBBgAA%261122
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:47 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "da1f1d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=2667
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 25 May 2021 05:18:14 GMT

GET
H2

200

cs&eq_cc=1 Show response
um2.eqads.com/um/ Frame 6033
Redirect Chain

https://um2.eqads.com/um/cs
https://um2.eqads.com/um/cs&eq_cc=1

186 B
370 B

99ms
98ms

Document
text/html

35.170.231.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://um2.eqads.com/um/cs&eq_cc=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.231.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-231-210.compute-1.amazonaws.com
Software: /
Resource Hash: d22aab528f8ff6e3f1a6640a048a11335ac5995890767a9bdda952e2178f0e28

Request headers

:method: GET
:authority: um2.eqads.com
:scheme: https
:path: /um/cs&eq_cc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ssum-sec.casalemedia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: EQUser=UID=b51c532c-8072-46ef-9fc8-652652978e91
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ssum-sec.casalemedia.com/

Response headers

date: Tue, 25 May 2021 04:33:48 GMT
content-type: text/html; charset=utf-8
content-length: 186
cache-control: no-cache, must-revalidate
expires: Sat, 6 May 1995 12:00:00 GMT
last-modified: Tue, 25 May 2021 04:33:48 GMT
pragma: no-cache

Redirect headers

date: Tue, 25 May 2021 04:33:47 GMT
content-type: text/html; charset=utf-8
content-length: 41
location: /um/cs&eq_cc=1
set-cookie: EQUser=UID=b51c532c-8072-46ef-9fc8-652652978e91; Path=/; Domain=eqads.com; Expires=Wed, 25 Aug 2021 04:33:47 GMT; Secure; SameSite=None

GET
H/1.1 200
OK crum
dsum-sec.casalemedia.com/ Frame 6033 43 B
1 KB 33ms
33ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=b51c532c-8072-46ef-9fc8-652652978e91&expiration=1629866028
Requested by: Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://um2.eqads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:48 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 25 May 2021 04:33:48 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 13C6 0
754 B 30ms
30ms Script
text/html 185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:48 GMT
X-Proxy-Origin: 185.104.185.164; 185.104.185.164; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.182:80
AN-X-Request-Uuid: 93dc74c3-128f-4948-b263-860d8894ff00
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 viralize_vpaid.min.d7315bd0.js Show response
static.viralize.tv/ Frame 2EBB 60 KB
18 KB 27ms
6ms Script
application/javascript 2a02:26f0:6c00::210:ba28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.viralize.tv/viralize_vpaid.min.d7315bd0.js?e=ops
Requested by: Host: ask.fm
URL: https://ask.fm/zipperdragon8103
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 86034ce77b3a6b40a35a983344766af5d5f5321ef04e81ec86cb2332d8676d66

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:48 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-UyxHxuxGZDgkzbQKsyqv9ajuEjm7T9MrbV8s9MKaJ3LA6_yYHidPWtOtK_po3yE6K713RoO6LTBtZfgBYSieEuI8ugKxg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 18173
last-modified: Mon, 17 May 2021 13:15:57 GMT
server: UploadServer
etag: "d7315bd0cad47e1de22db2bcee62a5da"
vary: Accept-Encoding
x-goog-hash: crc32c=LNcUbg==, md5=1zFb0MrUfh3iLbK87mKl2g==
x-goog-generation: 1621257357658649
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-goog-stored-content-length: 61774
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 24 Jun 2021 04:33:48 GMT

GET
H/1.1 200
OK vpaid.min.js Show response
moevideo.biz/embed/player/1661/vpaid/ Frame 2D98 7 KB
3 KB 80ms
79ms Script
application/x-javascript 92.38.138.105
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moevideo.biz/embed/player/1661/vpaid/vpaid.min.js
Requested by: Host: ask.fm
URL: https://ask.fm/zipperdragon8103
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.138.105 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: e3cedeedecd228caa058b365fd4dd4a40f1995c71bc979fe79827bb752bbe2b8

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:48 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Apr 2021 12:17:35 GMT
Server: nginx
X-My-Name: s3
ETag: W/"60758bdf-1c64"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Connection: keep-alive
X-My-Reqtime: 0.000

GET
H2 200 context.js Show response
an.yandex.ru/system/ 136 KB
38 KB 147ms
58ms Script
text/javascript 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/context.js

Requested by

Host: ask.fm
URL: https://ask.fm/zipperdragon8103

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

914364ce3cc110a5c057fb8fbac24d6a11a6810c15bf059c59378a12cd4b6f02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
strict-transport-security: max-age=31536000
content-encoding: br
etag: 2059866192
x-yandex-req-id: 1621917229031973-1144748020136888749000197-production-app-host-vla-pcode-52
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 25 May 2021 05:33:49 GMT

GET
H2 200 / Show response
sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/js/ 2 KB
825 B 135ms
41ms Script
text/javascript 168.119.149.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/js/?r=81771089902
Requested by: Host: ask.fm
URL: https://ask.fm/zipperdragon8103
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.119.149.178 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.178.149.119.168.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: c81d385094258a16ed73e19cfef6b5ddd91ffcd692474281cc7b73b95f71a545

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:49 GMT
content-encoding: gzip
server: nginx/1.10.3
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK ac Show response
www8.smartadserver.com/ 16 B
405 B 31ms
31ms Script
application/javascript 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www8.smartadserver.com/ac?pgid=692816&insid=5733718&tmstp=6868230192&out=js
Requested by: Host: ask.fm
URL: https://ask.fm/zipperdragon8103
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: efded6408c7e64cd48c00b10bdd63b79539c5bb13a396b9f3773f71fe2d5a606

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:48 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://ask.fm
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/javascript; charset=UTF-8
transfer-encoding: chunked

GET
H2 200 / Show response
ads.viralize.tv/player/ Frame 2EBB 7 KB
3 KB 39ms
39ms XHR
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.viralize.tv/player/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fask.fm&cbb=1917221882&sid=01ebbd12623138f2dc673946445a1231&experiment=ops.&ahd=1&enable_branding=0&player_session=%7B%22page_id%22%3A%220179a1ccdf8dc1430483c7f9607c70f0%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1356%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A432%2C%22height%22%3A243%7D%2C%22pub_platform%22%3A%22%22%7D&dd=ask.fm&sc=1&gdpr=1&cs=&cmp=unavailable
Requested by: Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.d7315bd0.js?e=ops
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: 3fa21b93719b27fbbac717aa68f4f8a113cc0850a548aa5f001716dcd31ea33c

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:48 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ask.fm
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 raven.min.js Show response
cdn.ravenjs.com/3.17.0/ Frame 2675 25 KB
10 KB 46ms
14ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Requested by: Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.d7315bd0.js?e=ops
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Fastly /
Resource Hash: 570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:48 GMT
content-encoding: gzip
last-modified: Thu, 13 Jul 2017 16:58:06 GMT
server: Fastly
age: 1841
etag: "51d6eff0ea5151f41fa0e2f3310fc7c7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 9634

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.1/ Frame 2675 95 KB
33 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.1/jquery.min.js

Requested by

Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.d7315bd0.js?e=ops

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 21:19:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 285234
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34056
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 May 2022 21:19:54 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ Frame 2675 72 B
558 B 42ms
13ms Script
text/javascript 2a04:4e42:200::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated

Requested by

Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.d7315bd0.js?e=ops

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 7692183
detected-user-agent: Chrome Mobile/89.0.4389
server-timing: HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length: 74
referrer-policy: origin-when-cross-origin
last-modified: Wed, 24 Feb 2021 10:10:21 GMT
date: Tue, 25 May 2021 04:33:48 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/89.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 2675 334 KB
115 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.d7315bd0.js?e=ops

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f70fee72f4b08b7a97e7740fc8bbc725f9877ce869b60a8e2f233327b52fb020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117244
x-xss-protection: 0
expires: Tue, 25 May 2021 04:33:48 GMT

GET
H2 200 viralize_player.min.fabab513.js Show response
static.viralize.tv/ Frame 2675 620 KB
180 KB 6ms
6ms Script
application/javascript 2a02:26f0:6c00::210:ba28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.viralize.tv/viralize_player.min.fabab513.js?e=ops
Requested by: Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.d7315bd0.js?e=ops
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 817384cf858af3b24293ea9cdce876477a4ec2e6bd1bd37ff7d0a4012f97f8f8

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:48 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-UzZwiawvFQK0QGKXn3hbnc5nDg9xqsykLslK0I39OuMk8ImlvIoU94w4_QAxV0ZsQa7N617yhc2wPUEf8epnB3H6yuJBw
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 182957
last-modified: Fri, 21 May 2021 11:25:00 GMT
server: UploadServer
etag: "fabab513c32ae27db080ed8283cdc6d5"
vary: Accept-Encoding
x-goog-hash: crc32c=D/dkTg==, md5=+rq1E8Mq4n2wgO2Cg83G1Q==
x-goog-generation: 1621596300129205
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-goog-stored-content-length: 634663
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 24 Jun 2021 04:33:48 GMT

GET
H/1.1 200
OK auto-user-sync
ads.stickyadstv.com/ 43 B
600 B 99ms
40ms Image
image/gif 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:49 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1621917228852041-352
Expires: Tue, 25 May 2021 04:33:49 GMT

POST
H2 200 48953915 Show response
mc.yandex.com/webvisor/ 43 B
145 B 52ms
52ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=4&wv-hit=896397683&page-url=https%3A%2F%2Fask.fm%2Fzipperdragon8103&rn=359928598&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1621917229%3Aw%3A1600x1200%3Av%3A523%3Az%3A120%3Ai%3A20210525063348%3Au%3A1621917221598797747%3Avf%3A5gv0p5rfujionf9a%3Awe%3A1%3Ati%3A2%3Ast%3A1621917229

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:48 GMT
last-modified: Tue, 25-May-2021 04:33:48 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 25-May-2021 04:33:48 GMT

GET
H/1.1 200
OK Cookie set vpaid Show response
moevideo.biz/embed/ Frame C0A0 21 KB
9 KB 242ms
241ms Document
text/html 92.38.138.105
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moevideo.biz/embed/vpaid?token=MKG0bEY%2BZwN8zH63ODP2UGPHn7Es9siGaze%2BmiO0DpVMchkywVii1mIri62dTGgw&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fzipperdragon8103&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1661/vpaid/vpaid.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.138.105 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx / PHP/5.5.38
Resource Hash: 60408b672ba6458703294ab03864575a4d250442c549f63d9c9196ed66447613

Request headers

Host: moevideo.biz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ask.fm/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ask.fm/

Response headers

Server: nginx
Date: Tue, 25 May 2021 04:33:49 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.5.38
Set-Cookie: mvuid=2c9b7ca5ee3973863919;expires=Wed, 25-May-2022 07:33:49 GMT;Max-Age=31536000;path=/;SameSite=None mvsid=79edd8af-c10e-46ea-9def-d9c67e1e48b6;path=/;SameSite=None
X-My-Adv-Time: 0.00173306465149
Expires: Thu, 19 Feb 1998 13:24:18 GMT
Last-Modified: Tue, 25 May 2021 04:33:49 GMT
Cache-Control: max-age=0
Pragma: no-cache
X-Mv-TryCache: 0
X-My-App-Time: 0.008
X-Mv-Embed-Version: 1352
X-My-Name: s28
X-My-Reqtime: 0.108
Content-Encoding: gzip

GET
H2 200 polyfill.min.js
polyfill.io/v3/ Frame 2675 72 B
139 B 13ms
13ms Other
text/javascript 2a04:4e42:200::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated

Requested by

Host: ask.fm
URL: https://ask.fm/zipperdragon8103

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 7692183
detected-user-agent: Chrome Mobile/89.0.4389
server-timing: HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length: 74
referrer-policy: origin-when-cross-origin
last-modified: Wed, 24 Feb 2021 10:10:21 GMT
date: Tue, 25 May 2021 04:33:49 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/89.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 2675 65 B
642 B 93ms
92ms XHR
text/xml 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=1052170&t=2&url=https%3A%2F%2Fask.fm&gdpr=1&gdpr_consent=&w=432&h=243&t=1&random=1621917228

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:49 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://ask.fm
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 /
ads.viralize.tv/t-bid-opportunity/ Frame 2675 0
96 B 27ms
27ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ebbd12623138f2dc673946445a1231&item=YWRuXzY4NjQCqIY-zq6lUg%3D%3D.1.wp1sc1
Requested by: Host: ask.fm
URL: https://ask.fm/zipperdragon8103
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:49 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 65d7ca89b63ea91cc6f9.js Show response
yastatic.net/partner-code-bundles/14704/ 12 KB
5 KB 42ms
42ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/14704/65d7ca89b63ea91cc6f9.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

83b9ce69a9267aa37d9fdfcbe4539fc9bae9ddafc91f82625c5e2284104203f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://ask.fm
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:49 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4205
last-modified: Thu, 20 May 2021 14:51:44 GMT
server: nginx/1.17.9
etag: "2068d3ea494c55128ab0864d467eea48"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 May 2051 11:07:47 GMT

GET
H2 200 5fd6f7d82a32bf9a115f.js Show response
yastatic.net/partner-code-bundles/14704/ 404 KB
87 KB 42ms
42ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/14704/5fd6f7d82a32bf9a115f.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

16fd695ea13329e84a86bff1ce2b9bc23d807ced7c4106a932521587b1dda33f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://ask.fm
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:49 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 88341
last-modified: Thu, 20 May 2021 14:51:44 GMT
server: nginx/1.17.9
etag: "6dc2a899b3e4fe6ed4b8a1b6201a9692"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 May 2051 11:07:47 GMT

GET
H2 200 c4eafe9fde631edbcfc8.js Show response
yastatic.net/partner-code-bundles/14704/ 252 KB
43 KB 48ms
48ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/14704/c4eafe9fde631edbcfc8.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

acefa93cfdc556413f965eec9bb9602e1f347c7ba5197f2b6e991c99ad65d59d

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://ask.fm
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:49 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 43598
last-modified: Thu, 20 May 2021 14:51:44 GMT
server: nginx/1.17.9
etag: "99ef12c90c09e75ca2d01e8ef75bbbad"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 May 2051 11:08:00 GMT

GET
H2 200 advast Show response
ice.360yield.com/ Frame 2675 27 B
437 B 163ms
90ms XHR
application/xml 52.58.124.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/advast?p=22297298&w=16&h=9&minduration=1&maxduration=60&player_width=432&player_height=243&referrer=https%3A%2F%2Fask.fm&gdpr=&vast_version=3&vpaid_version=2&video_format_type=instream&schain=1.0,1!viralize.com,4704,1,,,
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.124.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ask.fm
date: Tue, 25 May 2021 04:33:49 GMT
access-control-allow-credentials: true
content-type: application/xml; charset=UTF-8
content-length: 27
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 /
ads.viralize.tv/t-bid-opportunity/ Frame 2675 0
82 B 26ms
26ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ebbd12623138f2dc673946445a1231&item=YWRuXzUyMDABVS7K5Q4_fA%3D%3D.2.wp2sc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:49 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 1 Show response
mc.yandex.com/watch/48953915/ 43 B
157 B 52ms
52ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/48953915/1?page-url=https%3A%2F%2Fask.fm%2Fzipperdragon8103&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A523%3Acn%3A1%3Adp%3A1%3Als%3A1612746507229%3Ahid%3A896397683%3Az%3A120%3Ai%3A20210525063349%3Aet%3A1621917229%3Ac%3A1%3Arn%3A797068501%3Au%3A1621917221598797747%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1621917219823%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1053%2C1053%2C2%2C%3Adsn%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1053%2C1053%2C2%2C%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621917229

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:49 GMT
last-modified: Tue, 25-May-2021 04:33:49 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 25-May-2021 04:33:49 GMT

GET
H2 200 652294 Show response
an.yandex.ru/meta/ 141 B
746 B 167ms
167ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/652294?grab=dG1hbmd1bXBodWx5bmNoIChAemlwcGVyZHJhZ29uODEwMykg4oCUIEFzayBtZSBhbnl0aGluZyB8IEFTS2ZtCjFtYW5ndW1waHVseW5jaCAKMkFib3V0IG1hbmd1bXBodWx5bmNoOiAKMm1hbmd1bXBodWx5bmNoIHBob3RvIGdhbGxlcnk6IAoyIEFzayBAemlwcGVyZHJhZ29uODEwMyA6IAoyIEFib3V0IG1hbmd1bXBodWx5bmNoOiAKMiBtYW5ndW1waHVseW5jaCBwaG90byBnYWxsZXJ5OiAK&target-ref=https%3A%2F%2Fask.fm%2Fzipperdragon8103&charset=utf-8&pcode-test-ids=363741%2C0%2C9%3B364539%2C0%2C63%3B356980%2C0%2C43%3B330366%2C0%2C73%3B351579%2C0%2C22&pcode-flags=%7B%22USE_WIDGET_FROM_PCODE%22%3Atrue%2C%22COMBO_HEADER%22%3A%22withoutHeader%22%2C%22SINGLE_CONTEXT_BLACKLIST%22%3A%5B%5D%2C%22USE_SUPERBUNDLE%22%3Atrue%2C%22USE_SMART_SSR%22%3A%221%22%2C%22SINGLE_CONTEXT%22%3Atrue%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22constructor%22%2C%22modernAdaptive%22%5D%2C%22SSR_UNIFORMAT%22%3A%221%22%2C%22SSR_PERCENT_LOGGING%22%3A0.1%2C%22ADAPTIVE_TOWER_VIDEO%22%3A%22exp%22%2C%22DEFAULT_BLACKLIST_PAGES%22%3A%5B%22419507%22%2C%22419506%22%2C%22106253%22%2C%22188382%22%2C%22189903%22%5D%2C%22COMBO_PACKSHOT_EXP%22%3A%22exp%22%2C%22LEADERBOARD_VIDEO%22%3A%22exp%22%2C%22VIDEO_EARS_FLAGS%22%3A%22ctl%22%2C%22RMP_POSTER_2%22%3A%22float%22%7D&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0Aconstructor%0AmodernAdaptive&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=3554589081621917229&imp-id=2&enable-flat-highlight=1&test-tag=202310139510786&ad-session-id=5340601621917229164&target-id=72676036&tga-with-creatives=1&pcode-version=14704&pcodever=14704&flash-ver=0&available-width=432&available-height=243&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A432%2C%22h%22%3A243%2C%22width%22%3A432%2C%22height%22%3A243%2C%22visible%22%3A0%2C%22left%22%3A584%2C%22top%22%3A1356%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&uniformat=true&callback=Ya%5B7260440325699%5D

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

d68344ec2b50888b7070a552a883bb332e1f1f79f27c87a4211db96528c30f1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:49 GMT
content-encoding: gzip
last-modified: Tue, 25 May 2021 04:33:49 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1621917229208023-759715037919359786800106-production-app-host-sas-pcode-130
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 25 May 2021 04:33:49 GMT

GET
H2 204 /
ads.viralize.tv/track/ Frame 2675 0
39 B 26ms
25ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebbd12623138f2dc673946445a1231%3A0%3AYWRuXzY4NjQCqIY-zq6lUg%3D%3D~wp1sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzY4NjQCqIY-zq6lUg%3D%3D~wp1sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:49 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H/1.1 200
OK styles.css
moevideo.biz/embed/player/1661/skins/gray/ Frame C0A0 54 KB
16 KB 89ms
89ms Stylesheet
text/css 92.38.138.105
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moevideo.biz/embed/player/1661/skins/gray/styles.css
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=MKG0bEY%2BZwN8zH63ODP2UGPHn7Es9siGaze%2BmiO0DpVMchkywVii1mIri62dTGgw&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fzipperdragon8103&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.138.105 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 8981b7634262efb2ccddde3aaf691c544eb2e2a9f95fe7f7976d6574a14999e4

Request headers

Referer: https://moevideo.biz/embed/vpaid?token=MKG0bEY%2BZwN8zH63ODP2UGPHn7Es9siGaze%2BmiO0DpVMchkywVii1mIri62dTGgw&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fzipperdragon8103&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Apr 2021 12:16:35 GMT
Server: nginx
X-My-Name: s2
ETag: W/"60758ba3-d99f"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive
X-My-Reqtime: 0.000

GET
H/1.1 200
OK mvplayer.min.js Show response
moevideo.biz/embed/player/1661/ Frame C0A0 574 KB
165 KB 180ms
88ms Script
application/x-javascript 92.38.138.105
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moevideo.biz/embed/player/1661/mvplayer.min.js
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=MKG0bEY%2BZwN8zH63ODP2UGPHn7Es9siGaze%2BmiO0DpVMchkywVii1mIri62dTGgw&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fzipperdragon8103&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.138.105 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 5ac8bf8a7a52ce541b0804f46220ad95e33b718a2e5c3d028bdf1434848d6731

Request headers

Referer: https://moevideo.biz/embed/vpaid?token=MKG0bEY%2BZwN8zH63ODP2UGPHn7Es9siGaze%2BmiO0DpVMchkywVii1mIri62dTGgw&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fzipperdragon8103&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Apr 2021 12:17:46 GMT
Server: nginx
X-My-Name: s1
ETag: W/"60758bea-8f7eb"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Connection: keep-alive
X-My-Reqtime: 0.000

GET
H/1.1 200
OK set Show response
playreplay.me/api/cookie/ Frame C0A0 0
332 B 335ms
168ms Script
text/plain 92.223.103.37
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://playreplay.me/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%222c9b7ca5ee3973863919%22},{%22key%22:%22mvsid%22,%22value%22:%2279edd8af-c10e-46ea-9def-d9c67e1e48b6%22}]
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=MKG0bEY%2BZwN8zH63ODP2UGPHn7Es9siGaze%2BmiO0DpVMchkywVii1mIri62dTGgw&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fzipperdragon8103&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.223.103.37 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:49 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
X-My-Reqtime: 0.089

GET
H/1.1 200
OK set Show response
thesame.tv/api/cookie/ Frame C0A0 0
332 B 287ms
154ms Script
text/plain 92.223.103.250
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://thesame.tv/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%222c9b7ca5ee3973863919%22},{%22key%22:%22mvsid%22,%22value%22:%2279edd8af-c10e-46ea-9def-d9c67e1e48b6%22}]
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=MKG0bEY%2BZwN8zH63ODP2UGPHn7Es9siGaze%2BmiO0DpVMchkywVii1mIri62dTGgw&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fzipperdragon8103&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.223.103.250 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:49 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
X-My-Reqtime: 0.084

GET
H/1.1 200
OK set Show response
moevideo.biz/api/cookie/ Frame C0A0 0
332 B 176ms
175ms Script
text/plain 92.38.138.105
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moevideo.biz/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%222c9b7ca5ee3973863919%22},{%22key%22:%22mvsid%22,%22value%22:%2279edd8af-c10e-46ea-9def-d9c67e1e48b6%22}]
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=MKG0bEY%2BZwN8zH63ODP2UGPHn7Es9siGaze%2BmiO0DpVMchkywVii1mIri62dTGgw&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fzipperdragon8103&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.138.105 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://moevideo.biz/embed/vpaid?token=MKG0bEY%2BZwN8zH63ODP2UGPHn7Es9siGaze%2BmiO0DpVMchkywVii1mIri62dTGgw&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fzipperdragon8103&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:49 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
X-My-Reqtime: 0.096

GET
H/1.1 200
OK set Show response
cs-0.moevideo.biz/api/cookie/ Frame C0A0 0
332 B 345ms
173ms Script
text/plain 92.38.138.123
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-0.moevideo.biz/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%222c9b7ca5ee3973863919%22},{%22key%22:%22mvsid%22,%22value%22:%2279edd8af-c10e-46ea-9def-d9c67e1e48b6%22}]
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=MKG0bEY%2BZwN8zH63ODP2UGPHn7Es9siGaze%2BmiO0DpVMchkywVii1mIri62dTGgw&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fzipperdragon8103&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.138.123 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:49 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
X-My-Reqtime: 0.093

GET
H/1.1 200
OK set Show response
playreplay.net/api/cookie/ Frame C0A0 0
332 B 340ms
170ms Script
text/plain 92.223.103.250
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://playreplay.net/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%222c9b7ca5ee3973863919%22},{%22key%22:%22mvsid%22,%22value%22:%2279edd8af-c10e-46ea-9def-d9c67e1e48b6%22}]
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=MKG0bEY%2BZwN8zH63ODP2UGPHn7Es9siGaze%2BmiO0DpVMchkywVii1mIri62dTGgw&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fzipperdragon8103&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.223.103.250 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:49 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
X-My-Reqtime: 0.090

GET
H2 200 / Show response
s.richaudience.com/vid/MP_Ua8BIWjxkR/1621917228/ Frame 2675 160 B
340 B 148ms
50ms XHR
text/xml 168.119.138.39
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/vid/MP_Ua8BIWjxkR/1621917228/?hasConsent=1&consentString=&mref=https%3A%2F%2Fask.fm&fp=130
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.138.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 21aa80733a2e64012e3f4f18beb996d922b2cbe4eb24fe383c556ee13baf1fd2

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:49 GMT
content-encoding: gzip
server: nginx/1.10.3
vary: Accept-Encoding
content-type: text/xml;charset=UTF-8
access-control-allow-origin: https://ask.fm
access-control-max-age: 86400
access-control-allow-credentials: true

GET
H2 200 /
ads.viralize.tv/t-bid-opportunity/ Frame 2675 0
82 B 31ms
30ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ebbd12623138f2dc673946445a1231&item=YWRuXzU0MDa7VgRR7a8xUg%3D%3D.3.wp3sc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:49 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9283.Vjf8WY1kGEPCkrgXpEPXubJ2sTjqIxDm_8kRhZBRMt_woDzXoVm-9T1HjYZKe93H.kLvN78r1bBea5hpisSPOAqcOHic%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9283.AzaAoT3if6zm3emvO6r31Y4yW3JYM7OyxR_iFIO3PWjzjzV1QgZncfFB453XLOqqbYfPXAi2-0M1FKvJ9gG3NvUKyfkdvRSUXfHZN6DgCQo%2C.SHlVLtL2UcRSNqUZDsjKxMCn1zY%2C

43 B
333 B

55ms
55ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9283.AzaAoT3if6zm3emvO6r31Y4yW3JYM7OyxR_iFIO3PWjzjzV1QgZncfFB453XLOqqbYfPXAi2-0M1FKvJ9gG3NvUKyfkdvRSUXfHZN6DgCQo%2C.SHlVLtL2UcRSNqUZDsjKxMCn1zY%2C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:49 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9283.AzaAoT3if6zm3emvO6r31Y4yW3JYM7OyxR_iFIO3PWjzjzV1QgZncfFB453XLOqqbYfPXAi2-0M1FKvJ9gG3NvUKyfkdvRSUXfHZN6DgCQo%2C.SHlVLtL2UcRSNqUZDsjKxMCn1zY%2C
date: Tue, 25 May 2021 04:33:49 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 204 /
ads.viralize.tv/track/ Frame 2675 0
39 B 26ms
25ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebbd12623138f2dc673946445a1231%3A0%3AYWRuXzUyMDABVS7K5Q4_fA%3D%3D~wp2sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzUyMDABVS7K5Q4_fA%3D%3D~wp2sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:49 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H2 200 652294 Show response
an.yandex.ru/meta/ 141 B
224 B 198ms
197ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/652294?grab=dG1hbmd1bXBodWx5bmNoIChAemlwcGVyZHJhZ29uODEwMykg4oCUIEFzayBtZSBhbnl0aGluZyB8IEFTS2ZtCjFtYW5ndW1waHVseW5jaCAKMkFib3V0IG1hbmd1bXBodWx5bmNoOiAKMm1hbmd1bXBodWx5bmNoIHBob3RvIGdhbGxlcnk6IAoyIEFzayBAemlwcGVyZHJhZ29uODEwMyA6IAoyIEFib3V0IG1hbmd1bXBodWx5bmNoOiAKMiBtYW5ndW1waHVseW5jaCBwaG90byBnYWxsZXJ5OiAK&target-ref=https%3A%2F%2Fask.fm%2Fzipperdragon8103&charset=utf-8&pcode-test-ids=363741%2C0%2C9%3B364539%2C0%2C63%3B356980%2C0%2C43%3B330366%2C0%2C73%3B351579%2C0%2C22&pcode-flags=%7B%22USE_WIDGET_FROM_PCODE%22%3Atrue%2C%22COMBO_HEADER%22%3A%22withoutHeader%22%2C%22SINGLE_CONTEXT_BLACKLIST%22%3A%5B%5D%2C%22USE_SUPERBUNDLE%22%3Atrue%2C%22USE_SMART_SSR%22%3A%221%22%2C%22SINGLE_CONTEXT%22%3Atrue%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22constructor%22%2C%22modernAdaptive%22%5D%2C%22SSR_UNIFORMAT%22%3A%221%22%2C%22SSR_PERCENT_LOGGING%22%3A0.1%2C%22ADAPTIVE_TOWER_VIDEO%22%3A%22exp%22%2C%22DEFAULT_BLACKLIST_PAGES%22%3A%5B%22419507%22%2C%22419506%22%2C%22106253%22%2C%22188382%22%2C%22189903%22%5D%2C%22COMBO_PACKSHOT_EXP%22%3A%22exp%22%2C%22LEADERBOARD_VIDEO%22%3A%22exp%22%2C%22VIDEO_EARS_FLAGS%22%3A%22ctl%22%2C%22RMP_POSTER_2%22%3A%22float%22%7D&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0Aconstructor%0AmodernAdaptive&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=3554589081621917229&imp-id=1&enable-flat-highlight=1&test-tag=202310139510786&ad-session-id=5340601621917229164&target-id=91034138&tga-with-creatives=1&pcode-version=14704&pcodever=14704&flash-ver=0&available-width=432&available-height=243&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A432%2C%22h%22%3A243%2C%22width%22%3A432%2C%22height%22%3A243%2C%22visible%22%3A0%2C%22left%22%3A584%2C%22top%22%3A1356%2C%22ad_no%22%3A0%2C%22req_no%22%3A1%7D&uniformat=true&callback=Ya%5B6337555253911%5D

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

afd9e506b65b25f760831ce0da628c8d02427f274e2f436841a80d760913ccfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:49 GMT
content-encoding: gzip
last-modified: Tue, 25 May 2021 04:33:49 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1621917229414030-876850475884620985900106-production-app-host-sas-pcode-6
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 25 May 2021 04:33:49 GMT

GET
H/1.1 200
OK 283466 Show response
search.spotxchange.com/vast/2.0/ Frame 2675 67 B
1 KB 156ms
49ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/283466?VPAID=JS&content_page_url=https%3A%2F%2Fask.fm&cb=1621917228&player_width=432&player_height=243&gdpr=1&gdpr_consent=&custom[format]=instream&schain=1.0,1!viralize.com,4704,1,,,
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:49 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000307
X-SpotX-Timing-SpotMarket: 0.008704
X-SpotX-Timing-Page-Mux: 0.000265
X-SpotX-Timing-Page-Require: 0.000425
X-fe: 010
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000036
Content-Length: 77
X-SpotX-Timing-Page: 0.013688
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000453
Last-Modified: Tue, 25 May 2021 04:33:49 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.008704
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://ask.fm
X-SpotX-Timing-Page-Misc: 0.003488
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000010
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
ads.viralize.tv/t-bid-opportunity/ Frame 2675 0
82 B 28ms
27ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ebbd12623138f2dc673946445a1231&item=YWRuXzQ4MzEGWf9diB_rxQ%3D%3D.4.wp4sc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:49 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 204 /
ads.viralize.tv/track/ Frame 2675 0
39 B 25ms
25ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebbd12623138f2dc673946445a1231%3A0%3AYWRuXzU0MDa7VgRR7a8xUg%3D%3D~wp3sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzU0MDa7VgRR7a8xUg%3D%3D~wp3sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:49 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H/1.1 200
OK storage.html Show response
moe.video/ Frame 328E 18 KB
7 KB 340ms
211ms Document
text/html 92.223.106.16
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moe.video/storage.html?v=08
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1661/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.223.106.16 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Host: moe.video
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://moevideo.biz/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://moevideo.biz/

Response headers

Server: nginx
Date: Tue, 25 May 2021 04:33:49 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 07 May 2021 20:13:21 GMT
ETag: W/"60959f61-4783"
X-My-Name: s1
X-My-Reqtime: 0.094
X-B-Name: f40
Content-Encoding: gzip

GET
DATA 200
OK truncated
/ Frame C0A0 313 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6add357eb64adef558f956767816927de0b8be69dd7a8f50953a0f79ee20daee

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

1 Show response
mc.yandex.com/watch/652294/
Redirect Chain

https://mc.yandex.com/watch/652294?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fzipperdragon8103&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afu%3A0%3Aen%3...
https://mc.yandex.com/watch/652294/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fzipperdragon8103&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afu%3A0%3Aen...

148 B
522 B

49ms
49ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/652294/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fzipperdragon8103&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A523%3Acn%3A2%3Adp%3A1%3Als%3A1200796992745%3Ahid%3A896397683%3Az%3A120%3Ai%3A20210525063349%3Aet%3A1621917229%3Ac%3A1%3Arn%3A435457874%3Au%3A1621917229326682956%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1621917219823%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621917230%3At%3Amangumphulynch%20%28%40zipperdragon8103%29%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

176e4029787198a3a9f1a28252d1caaad487fa0ecc0b81c85647f243eb205c42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 25-May-2021 04:33:49 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 148
x-xss-protection: 1; mode=block
expires: Tue, 25-May-2021 04:33:49 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:49 GMT
last-modified: Tue, 25-May-2021 04:33:49 GMT
location: /watch/652294/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fzipperdragon8103&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A523%3Acn%3A2%3Adp%3A1%3Als%3A1200796992745%3Ahid%3A896397683%3Az%3A120%3Ai%3A20210525063349%3Aet%3A1621917229%3Ac%3A1%3Arn%3A435457874%3Au%3A1621917229326682956%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1621917219823%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621917230%3At%3Amangumphulynch%20%28%40zipperdragon8103%29%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm
strict-transport-security: max-age=31536000
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 25-May-2021 04:33:49 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 2675 1 KB
2 KB 38ms
38ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=11644081&domain=ask.fm&loc=ask.fm&_fw_gdpr=1&_fw_gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f700108987c0de070499495c0331d07411ba2c78320c66476b666e93734922bc

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:49 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1304
x-sticky-va: 1
x-sticky-vk: 1621917229431060-359
Expires: Tue, 25 May 2021 04:33:49 GMT

GET
H2 200 /
ads.viralize.tv/t-bid-opportunity/ Frame 2675 0
82 B 26ms
26ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ebbd12623138f2dc673946445a1231&item=YWRuXzUwODiQS2KJhCtM5Q%3D%3D.5.wp5sc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:49 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 /
ads.viralize.tv/t-bid-done/ Frame 2675 0
82 B 28ms
28ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-done/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&item=YWRuXzUwODiQS2KJhCtM5Q%3D%3D&sc=wp5sc1&l=vpaid&as=stickyADStv&ct=application%2Fjavascript&sid=01ebbd12623138f2dc673946445a1231
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:49 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 6A6A 328 KB
111 KB 34ms
6ms Script
application/x-javascript 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_player.min.fabab513.js?e=ops
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: de516f330c0084178fc78cd5e6d49cba306d8380428386b088b6805c512a1561

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:49 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Mar 2021 03:29:54 GMT
ETag: "1616556594"
X-HW: 1621917229.dop165.fr8.t,1621917229.cds240.fr8.shn,1621917229.cds240.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 113077

GET
H2 204 /
ads.viralize.tv/track/ Frame 2675 0
39 B 26ms
26ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebbd12623138f2dc673946445a1231%3A0%3AYWRuXzQ4MzEGWf9diB_rxQ%3D%3D~wp4sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzQ4MzEGWf9diB_rxQ%3D%3D~wp4sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_done%22%2C%22session_id%22%3A%2201ebbd12623138f2dc673946445a1231%3A0%3AYWRuXzUwODiQS2KJhCtM5Q%3D%3D~wp5sc1%3A0%22%2C%22bid_done_id%22%3A%220%22%2C%22label%22%3A%22bid_selected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:49 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

POST
H2 200 1 Show response
mc.yandex.com/watch/652294/ 43 B
73 B 56ms
56ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/652294/1?page-url=https%3A%2F%2Fask.fm%2Fzipperdragon8103&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A708%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A523%3Acn%3A2%3Adp%3A1%3Als%3A1200796992745%3Ahid%3A896397683%3Az%3A120%3Ai%3A20210525063349%3Aet%3A1621917230%3Ac%3A1%3Arn%3A933238538%3Au%3A1621917229326682956%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1621917219823%3Ads%3A1%2C304%2C195%2C1%2C0%2C0%2C%2C83%2C91%2C1053%2C1053%2C2%2C587%3Adsn%3A1%2C304%2C195%2C1%2C0%2C0%2C%2C85%2C90%2C1053%2C1053%2C2%2C587%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621917230

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:49 GMT
last-modified: Tue, 25-May-2021 04:33:49 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 25-May-2021 04:33:49 GMT

GET
H2 200 sync_cookie_image_check
mc.yandex.com/ 43 B
67 B 64ms
64ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_check

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:49 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 6A6A 25 KB
25 KB 30ms
7ms XHR
application/octet-stream 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1621917229738
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:49 GMT
Last-Modified: Wed, 24 Mar 2021 03:29:54 GMT
ETag: "1616556594"
X-HW: 1621917229.dop165.fr8.t,1621917229.cds005.fr8.shn,1621917229.cds005.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET

wGbQAlJJ
sync-tm.everesttech.net/ct/upi/pid/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=feb37fea3efb27c35e45db961af7d253&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l2757_6966081455374830795
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZmViMzdmZWEzZWZiMjdjMzVlNDVkYjk2MWFmN2QyNTM=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEPmca3iTzyTBB4Va2F3T1Ak&google_cver=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=b4bb0006-302e-4560-878d-81e532d74be8
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=8729579150955094641
https://pr-bh.ybp.yahoo.com/sync/stickyads/feb37fea3efb27c35e45db961af7d253&gdpr=0&gdpr_consent=?gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-NJSyWC5E2oPBa8hdIyXI8wzl3LdPr77rVHsfAlcD~A
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=5dbd60ac-7e2e-4500-8042-fd7a26c618b2&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=kSeNkTxF1LLoLh5&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=&_bee_ppp=1
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAD4XU7BWPwAACx7lWJFxA&gdpr=0
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0
https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&_tes...

0
0

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 6A6A 301 B
847 B 67ms
39ms XHR
text/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=11644081&loc=https%3A%2F%2Fask.fm%2Fzipperdragon8103
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:49 GMT
Server: nginx
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1621917229619053-413
Expires: Tue, 25 May 2021 04:33:49 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 6A6A 67 B
711 B 194ms
136ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=11644081&loc=https%3A%2F%2Fask.fm%2Fzipperdragon8103&domain=ask.fm&reqType=AdsSetup&_fw_gdpr=1&protocolVersion=2.0&_fw_gdpr_consent=&schain=1.0%2C1!viralize.com%2C4704%2C1%2C%2C%2C&auction=1&vav=ba86e3a10203892ea6825d0b6843067a&vaviv=3c7756751e8257af13c5cd2403db029c&mustangVersion=1.11.8.1&focus=true&percentViewable=100&componentId=vpaid-adapter&playerSize=0x0&sizeDebug=%7Bw%3D0%2Ch%3D0%2CenvPS%3D%7Bwidth%3D0%2Cheight%3D0%7D%2CcontS%3D%7Bwidth%3D0%2Cheight%3D0%7D%7D&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:49 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1621917229799012-365
Expires: Tue, 25 May 2021 04:33:49 GMT

GET
H2 200 652294 Show response
mc.yandex.com/watch/ 43 B
73 B 49ms
49ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/652294?page-url=https%3A%2F%2Fask.fm%2Fzipperdragon8103&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A523%3Acn%3A2%3Adp%3A1%3Als%3A1200796992745%3Ahid%3A896397683%3Az%3A120%3Ai%3A20210525063349%3Aet%3A1621917230%3Ac%3A1%3Arn%3A113253326%3Au%3A1621917229326682956%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1621917219823%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621917230%3At%3Amangumphulynch%20(%40zipperdragon8103)%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:49 GMT
last-modified: Tue, 25-May-2021 04:33:49 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 25-May-2021 04:33:49 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZmViMzdmZWEzZWZiMjdjMzVlNDVkYjk2MWFmN2QyNTM=&gdpr=0&gdpr_consent=

170 B
188 B

38ms
37ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZmViMzdmZWEzZWZiMjdjMzVlNDVkYjk2MWFmN2QyNTM=&gdpr=0&gdpr_consent=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:49 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZmViMzdmZWEzZWZiMjdjMzVlNDVkYjk2MWFmN2QyNTM=&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1621917229565074-350
Expires: Tue, 25 May 2021 04:33:49 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=feb37fea3efb27c35e45db961af7d253&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
344 B

100ms
100ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?id=feb37fea3efb27c35e45db961af7d253&ex=freewheel.tv&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:49 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:49 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=feb37fea3efb27c35e45db961af7d253&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1621917229654046-370
Expires: Tue, 25 May 2021 04:33:49 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame C0A0 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=MKG0bEY%2BZwN8zH63ODP2UGPHn7Es9siGaze%2BmiO0DpVMchkywVii1mIri62dTGgw&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fzipperdragon8103&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 417
date: Tue, 25 May 2021 04:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Tue, 25 May 2021 06:26:52 GMT

GET
H/1.1 200
OK ads-async.js Show response
ad.mail.ru/static/ Frame C0A0 197 B
489 B 146ms
43ms Script
application/javascript 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/static/ads-async.js
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=MKG0bEY%2BZwN8zH63ODP2UGPHn7Es9siGaze%2BmiO0DpVMchkywVii1mIri62dTGgw&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fzipperdragon8103&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 66d1c7aa064387309678f78ae89291315e156ae7a6247f84b8813cd2a23d9318

Request headers

Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:50 GMT
Server: nginx
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=600
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 197
Expires: Tue, 25 May 2021 04:43:50 GMT

GET
H2 200 AdRiverFPS_MV.js Show response
content.adriver.ru/banners/0007207/0007207973/0/ Frame C0A0 10 KB
10 KB 218ms
71ms Script
application/x-javascript 77.109.110.134
EDPNET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.adriver.ru/banners/0007207/0007207973/0/AdRiverFPS_MV.js?id1=2c9b7ca5ee3973863919
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=MKG0bEY%2BZwN8zH63ODP2UGPHn7Es9siGaze%2BmiO0DpVMchkywVii1mIri62dTGgw&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fzipperdragon8103&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.109.110.134 Brussels, Belgium, ASN9031 (EDPNET, BE),
Reverse DNS
Software: nginx /
Resource Hash: c95123ccc9890a5ac5dba9d9060abc099e1fcb9f7e1043c675188ac12942616f

Request headers

Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:50 GMT
last-modified: Fri, 09 Apr 2021 14:49:31 GMT
server: nginx
etag: "6070697b-26a8"
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 9896
expires: Tue, 25 May 2021 05:33:50 GMT

GET
H/1.1 200
OK 389706 Show response
ad.mail.ru/vast/ Frame C0A0 0
361 B 107ms
42ms XHR
text/xml 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/389706?pr=6415664&sc=2453591051&dl=https%3A%2F%2Fmoevideo.biz%2Fembed%2Fvpaid%3Ftoken%3DMKG0bEY%252BZwN8zH63ODP2UGPHn7Es9siGaze%252BmiO0DpVMchkywVii1mIri62dTGgw%26ref%3Dviads-ask.fm%26title%3D%26duration%3D0%26test%3D0%26proxyVars%255Breferer%255D%3Dhttps%253A%252F%252Fask.fm%252Fzipperdragon8103%26impressionAfterPaid%3D1%26muteVisibleCheck%3D1%26vl%3D1%26es%3D1%26mvver%3D1661
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1661/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:50 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H/1.1

200
OK

ac Show response
www8.smartadserver.com/ Frame 2675
Redirect Chain

https://www8.smartadserver.com/ac?siteid=115779&pgid=1238065&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1621917228&vpw=432&vph=243&pgDomain=ask.fm&gdpr_consent=&gdpr=1&schai...
https://www8.smartadserver.com/ac?siteid=115779&pgid=1238065&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1621917228&vpw=432&vph=243&pgDomain=ask.fm&gdpr_consent=&gdpr=1&schai...

129 B
504 B

87ms
87ms

XHR
text/xml

185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www8.smartadserver.com/ac?siteid=115779&pgid=1238065&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1621917228&vpw=432&vph=243&pgDomain=ask.fm&gdpr_consent=&gdpr=1&schain=1.0%2C1!viralize.com%2C4704%2C1%2C%2C%2C&cklb=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:49 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://ask.fm
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
transfer-encoding: chunked

Redirect headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:50 GMT
location: https://www8.smartadserver.com/ac?siteid=115779&pgid=1238065&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1621917228&vpw=432&vph=243&pgDomain=ask.fm&gdpr_consent=&gdpr=1&schain=1.0%2C1!viralize.com%2C4704%2C1%2C%2C%2C&cklb=1
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://ask.fm
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 /
ads.viralize.tv/t-bid-opportunity/ Frame 2675 0
82 B 31ms
30ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ebbd12623138f2dc673946445a1231&item=YWRuXzUyMzhkfsiTZK5rHQ%3D%3D.6.wp6sc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:50 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H/1.1 200
OK 362146 Show response
ad.mail.ru/vast/ Frame C0A0 60 B
413 B 51ms
51ms XHR
text/xml 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/362146?rand=7337633&sc=2453591051&dl=https%3A%2F%2Fask.fm%2Fzipperdragon8103
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1661/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept: */*
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:50 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H/1.1 200
OK 04C5EF.js Show response
r.mradx.net/img/BD/ Frame C0A0 119 KB
39 KB 174ms
87ms Script
application/javascript 2a00:1148:db00::28
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://r.mradx.net/img/BD/04C5EF.js
Requested by: Host: ad.mail.ru
URL: https://ad.mail.ru/static/ads-async.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a00:1148:db00::28 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: ea28e1aaa70b7a1ef1e0e6d4f64e1104742ced233b3ee7b2d131f033cca66bca

Request headers

Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:50 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 09:46:15 GMT
Server: nginx
ETag: W/"60892ee7-1dc47"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK shim.gif
creatives.sascdn.com/ Frame 2675 43 B
378 B 23ms
6ms Image
image/gif 2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creatives.sascdn.com/shim.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:50 GMT
Last-Modified: Fri, 17 Aug 2018 12:23:00 GMT
Server: Apache
ETag: "221d8352905f2c38b3cb2bd191d630b0:1534508580"
Content-Type: image/gif
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 25 May 2022 04:33:50 GMT

GET
H2 200 / Show response
ads.viralize.tv/d-vast/ Frame 2675 71 B
143 B 33ms
30ms XHR
text/xml 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.viralize.tv/d-vast/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fask.fm&cbb=1917221882&sid=01ebbd12623138f2dc673946445a1231&experiment=ops.&ahd=1&enable_branding=0&player_session=%7B%22page_id%22%3A%220179a1ccdf8dc1430483c7f9607c70f0%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1356%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A432%2C%22height%22%3A243%7D%2C%22pub_platform%22%3A%22%22%7D&dd=ask.fm&sc=1&gdpr=1&cmp=unavailable&wfp=7&rcx=460.17321230.1.12
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: 3419057d4d0ea2416ad392eb797ded2ac1033896fc70df1dadd4eaad31862bf1

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:50 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding, Origin
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://ask.fm
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H/1.1 200
OK ptv Show response
secure.adnxs.com/ Frame 2675 3 KB
2 KB 96ms
37ms XHR
application/xml 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/ptv?member=9986&id=20877756&vplaybackmethod=2&referrer=ask.fm&gdpr=1&gdpr_consent=&cb=1621917228

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e8619b8ec38dde5568e62e07198c1c17af00a7b7592169554e2d9260a16bb233

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:50 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.104.185.164; 185.104.185.164; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.105:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ca4aeafc-c345-4ac0-9687-adab8cc183c8
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/xml; charset=utf-8
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 /
ads.viralize.tv/t-bid-opportunity/ Frame 2675 0
82 B 33ms
32ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ebbd12623138f2dc673946445a1231&item=YWRuXzU5MDfC-Z8OqzxY4Q%3D%3D.8.wp8sc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:50 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 204 /
ads.viralize.tv/track/ Frame 2675 0
39 B 25ms
25ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebbd12623138f2dc673946445a1231%3A0%3AYWRuXzUyMzhkfsiTZK5rHQ%3D%3D~wp6sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzUyMzhkfsiTZK5rHQ%3D%3D~wp6sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:50 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H2 200 / Show response
ads.viralize.tv/vast/ Frame 2675 71 B
308 B 39ms
39ms XHR
text/xml 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.viralize.tv/vast/?zid=AADYxvtdPOT9teZk&u=appnexus.com&lid=AAV8wvo2iptXlPvO
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: 3419057d4d0ea2416ad392eb797ded2ac1033896fc70df1dadd4eaad31862bf1

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:50 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding, Origin
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://ask.fm
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google
expires: 0

GET
H/1.1

200
OK

json.cgi Show response
ad.adriver.ru/cgi-bin/ Frame C0A0
Redirect Chain

https://ad.adriver.ru/cgi-bin/json.cgi?sid=1&ad=719473&bt=55&pid=3198680&bid=7189165&bn=7189165&custom=300=0;301=0;302=0;303=unavail;304=0;305=2c9b7ca5ee3973863919;306=;307=;308=0;309=0
https://ad.adriver.ru/cgi-bin/json.cgi?sid=1&ad=719473&bt=55&pid=3198680&bid=7189165&bn=7189165&custom=300=0;301=0;302=0;303=unavail;304=0;305=2c9b7ca5ee3973863919;306=;307=;308=0;309=0&tuid=-63620...

384 B
1022 B

62ms
61ms

Fetch
application/json

195.209.108.35
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adriver.ru/cgi-bin/json.cgi?sid=1&ad=719473&bt=55&pid=3198680&bid=7189165&bn=7189165&custom=300=0;301=0;302=0;303=unavail;304=0;305=2c9b7ca5ee3973863919;306=;307=;308=0;309=0&tuid=-6362066255
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.108.35 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: ee12cd05fb9abaaf57367f383e0d6a4f8cab62a0061d01a955467d4390a22d95

Request headers

Referer: https://moevideo.biz/embed/vpaid?token=MKG0bEY%2BZwN8zH63ODP2UGPHn7Es9siGaze%2BmiO0DpVMchkywVii1mIri62dTGgw&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fzipperdragon8103&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:50 GMT
Transfer-Encoding: chunked
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Access-Control-Allow-Origin: https://moevideo.biz
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:50 GMT
Location: /cgi-bin/json.cgi?sid=1&ad=719473&bt=55&pid=3198680&bid=7189165&bn=7189165&custom=300=0;301=0;302=0;303=unavail;304=0;305=2c9b7ca5ee3973863919;306=;307=;308=0;309=0&tuid=-6362066255
Transfer-Encoding: chunked
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Access-Control-Allow-Origin: https://moevideo.biz
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET

pixel
cm.g.doubleclick.net/ Frame 2675
Redirect Chain

https://viralize-d.openx.net/v/1.0/av?auid=543860669&url=ask.fm&cb=1621917228&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
https://viralize-d.openx.net/v/1.0/av?cc=1&auid=543860669&url=ask.fm&cb=1621917228&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

0
0

GET
H2 200 /
ads.viralize.tv/t-bid-opportunity/ Frame 2675 0
82 B 32ms
32ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ebbd12623138f2dc673946445a1231&item=YWRuXzU5Mzir0xv2CLSyvg%3D%3D.9.wp9sc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:50 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H/1.1 200
OK / Show response
ad.mail.ru/adq/ Frame C0A0 83 B
450 B 45ms
45ms Script
application/x-javascript 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/adq/?callback=mailru_ad1621917230357&q=199847&_=123750654
Requested by: Host: r.mradx.net
URL: https://r.mradx.net/img/BD/04C5EF.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 789d737942cb6ea5d8c9984d69a8f6b4d47125a088fbfe9d4f908a7ab3185bb5

Request headers

Referer: https://moevideo.biz/embed/vpaid?token=MKG0bEY%2BZwN8zH63ODP2UGPHn7Es9siGaze%2BmiO0DpVMchkywVii1mIri62dTGgw&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fzipperdragon8103&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:50 GMT
Content-Encoding: gzip
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: private, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *

GET
H2 204 /
ads.viralize.tv/track/ Frame 2675 0
39 B 25ms
25ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebbd12623138f2dc673946445a1231%3A0%3AYWRuXzU5MDfC-Z8OqzxY4Q%3D%3D~wp8sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzU5MDfC-Z8OqzxY4Q%3D%3D~wp8sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:50 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H2

200

av Show response
viralize-d.openx.net/v/1.0/ Frame 2675
Redirect Chain

https://viralize-d.openx.net/v/1.0/av?auid=543860669&url=ask.fm&cb=1621917228&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
https://viralize-d.openx.net/v/1.0/av?cc=1&auid=543860669&url=ask.fm&cb=1621917228&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,

48 B
332 B

28ms
28ms

XHR
text/xml

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://viralize-d.openx.net/v/1.0/av?cc=1&auid=543860669&url=ask.fm&cb=1621917228&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:50 GMT
content-encoding: gzip
server: OXGW/16.207.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://ask.fm
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Tue, 25 May 2021 04:33:50 GMT
via: 1.1 google
server: OXGW/16.207.0
location: https://viralize-d.openx.net/v/1.0/av?cc=1&auid=543860669&url=ask.fm&cb=1621917228&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://ask.fm
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2

200

av Show response
viralize-d.openx.net/v/1.0/ Frame 2675
Redirect Chain

https://viralize-d.openx.net/v/1.0/av?auid=543860669&url=ask.fm&cb=1621917228&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
https://viralize-d.openx.net/v/1.0/av?cc=1&auid=543860669&url=ask.fm&cb=1621917228&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,

48 B
248 B

32ms
31ms

XHR
text/xml

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://viralize-d.openx.net/v/1.0/av?cc=1&auid=543860669&url=ask.fm&cb=1621917228&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:50 GMT
content-encoding: gzip
server: OXGW/16.207.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://ask.fm
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Tue, 25 May 2021 04:33:50 GMT
via: 1.1 google
server: OXGW/16.207.0
location: https://viralize-d.openx.net/v/1.0/av?cc=1&auid=543860669&url=ask.fm&cb=1621917228&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://ask.fm
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 2675 65 B
642 B 92ms
91ms XHR
text/xml 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=822825&t=2&url=https%3A%2F%2Fask.fm&gdpr=1&gdpr_consent=&w=432&h=243&t=1&random=1621917228

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:50 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://ask.fm
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 /
ads.viralize.tv/t-bid-opportunity/ Frame 2675 0
82 B 28ms
27ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ebbd12623138f2dc673946445a1231&item=YWRuXzUyMjCCYf75S7R7qQ%3D%3D.10.wp10sc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:50 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 204 /
ads.viralize.tv/track/ Frame 2675 0
39 B 26ms
26ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebbd12623138f2dc673946445a1231%3A0%3AYWRuXzU5Mzir0xv2CLSyvg%3D%3D~wp9sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzU5Mzir0xv2CLSyvg%3D%3D~wp9sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:50 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 2675 965 B
849 B 103ms
34ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156962&siteId=718977&adId=2944653&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917228
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: cc6732e52b7dbea073b479441cba0b6778251ac742ee21db7dad66cbb9b32071

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:50 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5b1869b8fc7b9"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://ask.fm
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 596
expires: Tue, 25 May 2021 04:33:50 GMT

GET
H2 200 /
ads.viralize.tv/t-bid-opportunity/ Frame 2675 0
82 B 27ms
27ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ebbd12623138f2dc673946445a1231&item=YWRuXzUyNzebfS6-gSdVtw%3D%3D.11.wp11sc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:50 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 204 /
ads.viralize.tv/track/ Frame 2675 0
39 B 25ms
25ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebbd12623138f2dc673946445a1231%3A0%3AYWRuXzUyMjCCYf75S7R7qQ%3D%3D~wp10sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzUyMjCCYf75S7R7qQ%3D%3D~wp10sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:50 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H2 200 /
ads.viralize.tv/t-bid-done/ Frame 2675 0
82 B 29ms
28ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-done/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&item=YWRuXzUyNzebfS6-gSdVtw%3D%3D&sc=wp11sc1&l=vpaid&as=PubMatic&ct=application%2Fjavascript&sid=01ebbd12623138f2dc673946445a1231
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:50 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 0077 150 KB
35 KB 42ms
42ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=718977&adId=2944653&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917228
Requested by: Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_player.min.fabab513.js?e=ops
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d88253f5fa17497bfdc4546ccf644a8f954c7f2314e41f09354f70b2282e48ae

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:50 GMT
content-encoding: gzip
last-modified: Tue, 05 Jan 2021 07:24:19 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-257f0-5b82218515d54"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 35684

GET
H2 204 /
ads.viralize.tv/track/ Frame 2675 0
39 B 25ms
25ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_done%22%2C%22session_id%22%3A%2201ebbd12623138f2dc673946445a1231%3A0%3AYWRuXzUyNzebfS6-gSdVtw%3D%3D~wp11sc1%3A0%22%2C%22bid_done_id%22%3A%220%22%2C%22label%22%3A%22bid_selected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:50 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame AFDE 38 KB
14 KB 37ms
35ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=718977&adId=2944653&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917228
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ask.fm/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ask.fm/

Response headers

last-modified: Tue, 11 May 2021 05:24:02 GMT
etag: "13006b6-96ca-5c2071a26cca4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13964
content-type: text/html; charset=UTF-8
cache-control: public, max-age=58499
expires: Tue, 25 May 2021 20:48:49 GMT
date: Tue, 25 May 2021 04:33:50 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 0077 38 KB
14 KB 41ms
39ms Script
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=718977&adId=2944653&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917228
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:50 GMT
content-encoding: gzip
last-modified: Tue, 11 May 2021 05:24:02 GMT
server: Apache/2.2.15 (CentOS)
etag: "13006b6-96ca-5c2071a26cca4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=58499
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13964
expires: Tue, 25 May 2021 20:48:49 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame AFDE 2 KB
3 KB 108ms
34ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=12277729&p=156962&s=718977&a=2944653&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: a4896518cc71d378856d717ee0349957b4bb387a5556b33c090f9dd7849dfa23

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:49 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H2 200 48953915 Show response
mc.yandex.com/webvisor/ 43 B
145 B 52ms
52ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=5&wv-hit=896397683&page-url=https%3A%2F%2Fask.fm%2Fzipperdragon8103&rn=967552594&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1621917231%3Aw%3A1600x1200%3Av%3A523%3Az%3A120%3Ai%3A20210525063350%3Au%3A1621917221598797747%3Avf%3A5gv0p5rfujionf9a%3Awe%3A1%3Ati%3A2%3Ast%3A1621917231

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:50 GMT
last-modified: Tue, 25-May-2021 04:33:50 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 25-May-2021 04:33:50 GMT

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame A6B4
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=D04B26AA-CECE-446F-9742-FB18C01113AA
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D04B26AA-CECE-446F-9742-FB18C01113AA

35 B
468 B

42ms
42ms

Document
image/gif

37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D04B26AA-CECE-446F-9742-FB18C01113AA

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /serving/cookie/match?CC=1&party=14&cid=D04B26AA-CECE-446F-9742-FB18C01113AA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 25 May 2021 04:33:51 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: uid=9061784447386823907; expires=Sat, 24 Jul 2021 04:33:51 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Tue, 25 May 2021 04:33:51 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D04B26AA-CECE-446F-9742-FB18C01113AA
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: C=1; expires=Fri, 25 Jun 2021 04:33:51 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 pubmatic Show response
d5p.de17a.com/getuid/ Frame C746 35 B
134 B 155ms
51ms Document
image/gif 213.155.156.183
TELIANET Telia Ca...

General

Check archive.org

Show headers Download Go to

Full URL: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.155.156.183 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

:method: GET
:authority: d5p.de17a.com
:scheme: https
:path: /getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

content-length: 35
content-type: image/gif
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 2DC1 43 B
304 B 64ms
21ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Tue, 25 May 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1385
date: Tue, 25 May 2021 04:33:50 GMT
content-length: 43

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AFDE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0Esmqs7ORG-XQvsYwBETqg%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

35ms
34ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:51 GMT
content-encoding: gzip
last-modified: Wed, 21 Oct 2020 18:57:29 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-1f78-5b232eb4914bb"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=30288
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 2654
expires: Tue, 25 May 2021 12:58:39 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame AFDE
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=5dbd60ac-7e2e-4500-8042-fd7a26c618b2

0
260 B

113ms
35ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=5dbd60ac-7e2e-4500-8042-fd7a26c618b2
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:49 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Tue, 25 May 2021 04:33:49 GMT
Server: MT3 3736 915c305 master cdg-pixel-x2
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=5dbd60ac-7e2e-4500-8042-fd7a26c618b2
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 25 May 2021 04:33:48 GMT

GET

generic
match.adsrvr.org/track/cmf/ Frame AFDE
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=D04B26AA-CECE-446F-9742-FB18C01113AA
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1

0
0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame AFDE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDA0QjI2QUEtQ0VDRS00NDZGLTk3NDItRkIxOEMwMTExM0FB&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
111 B

78ms
26ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:51 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug009:0:376
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame AFDE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEN9TJy4kEwV6UnFdTzj6iDY&google_cver=1

42 B
290 B

78ms
25ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEN9TJy4kEwV6UnFdTzj6iDY&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:51 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug008:0:357
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEN9TJy4kEwV6UnFdTzj6iDY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame AFDE 43 B
611 B 103ms
29ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:51 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 24 May 2021 04:33:51 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame AFDE
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:5dbd60ac-7e2e-4500-8042-fd7a26c618b2&gdpr=0&gdpr_consent=

42 B
649 B

78ms
36ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:5dbd60ac-7e2e-4500-8042-fd7a26c618b2&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:50 GMT
cache-control: no-store, no-cache, private
x-lat: amspug002:0:378
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Tue, 25 May 2021 04:33:49 GMT
Server: MT3 3736 915c305 master cdg-pixel-x8
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:5dbd60ac-7e2e-4500-8042-fd7a26c618b2&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 25 May 2021 04:33:48 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame AFDE
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2233530701112908820

42 B
233 B

38ms
37ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2233530701112908820
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:50 GMT
cache-control: no-store, no-cache, private
x-lat: amspug014:0:2204
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:51 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2233530701112908820
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame AFDE
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b4bb0006-302e-4560-878d-81e532d74be8

42 B
293 B

109ms
36ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b4bb0006-302e-4560-878d-81e532d74be8
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:50 GMT
cache-control: no-store, no-cache, private
x-lat: amspug001:0:360
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:50 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b4bb0006-302e-4560-878d-81e532d74be8
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame AFDE
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8729579150955094641&gdpr=0&gdpr_consent=

42 B
520 B

86ms
25ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8729579150955094641&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:51 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug007:0:403
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:50 GMT
X-Proxy-Origin: 185.104.185.164; 185.104.185.164; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.43:80
AN-X-Request-Uuid: 4317e801-74d4-43d1-a803-4928a1ffebe7
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8729579150955094641&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 D04B26AA-CECE-446F-9742-FB18C01113AA
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame AFDE 43 B
99 B 35ms
33ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/D04B26AA-CECE-446F-9742-FB18C01113AA?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:50 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame 0077 27 B
304 B 89ms
28ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156962&siteId=718977&adId=2944653&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+7+9+1+0+1+1+1+6&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917228&us_privacy=&cb=1621917230808&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fask.fm%252Fzipperdragon8103&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fask.fm%252Fzipperdragon8103&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-5-25%206:33:51&ranreq=0.4239633398373106&timezone=2&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=718977&adId=2944653&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917228
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:51 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://ask.fm
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-vdbg
content-type: application/xml; charset=utf-8

GET track
aktrack.pubmatic.com/ Frame 0077 0
0

GET
H2 200 track
aktrack.pubmatic.com/ Frame 2675 0
61 B 34ms
32ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156962&s=718977&a=2944653&ts=1621917230&wa=0&e=96&ier=901
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:51 GMT
content-length: 0
content-type: text/html

GET
H2 200 tags.php Show response
pl.viadata.store/assets/ Frame 4EE4 4 KB
1 KB 76ms
75ms XHR
application/json 23.111.211.20
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://pl.viadata.store/assets/tags.php?secured=1&language=en&page_url=https%3A%2F%2Fask.fm%2Fzipperdragon8103&pub_sid=102415&pub_sub=0&format=json&tgt=0&VIA_SUBID=&VIA_ABT=&pce=1&npx=1&VIA_DNT=0&page_domain=ask.fm&trackdomain=logs.viadata.store&VIA_DADPOS=3&avtoken=221696&VIA_WIDTH=432&VIA_HEIGHT=243&imp=false&rc=2&cb=1621917231420
Requested by: Host: ask.fm
URL: https://ask.fm/zipperdragon8103
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.211.20 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash: 572dfb219554a3384efd149ee0bddee095b13c626cbd3a5a0e69fb26ad47589b

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ask.fm
date: Tue, 25 May 2021 04:33:51 GMT
content-encoding: br
access-control-allow-credentials: true
server: nginx/1.19.5
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 cs Show response
rtb-msk-2.viadata.store/vast/ Frame 4EE4 71 B
498 B 74ms
74ms XHR
application/xml 23.111.115.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb-msk-2.viadata.store/vast/cs?zone=102415&w=432&h=243&site=https%3A%2F%2Fask.fm%2Fzipperdragon8103&vp=2&cbb=1917231498

Requested by

Host: ask.fm
URL: https://ask.fm/zipperdragon8103

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.111.115.236 , Russian Federation, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
age: 0
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/xml; charset=utf-8
access-control-allow-origin: https://ask.fm
cache-control: no-store
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
access-control-allow-headers: Content-Type, Accept

GET
H/1.1 200
OK v0 Show response
vtg1.rktch.com/ Frame 4EE4 21 B
417 B 72ms
71ms XHR
text/xml 176.99.5.169
LOGOL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vtg1.rktch.com/v0?i=11736&url=https%3A%2F%2Fask.fm%2Fzipperdragon8103&siteid=102415&cbb=1917231499
Requested by: Host: ask.fm
URL: https://ask.fm/zipperdragon8103
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.99.5.169 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 64a76d85490bf923477d715fb998da7a59c66988a645d080e2436f40cb3190f6

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:51 GMT
Server: nginx/1.14.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST
Content-Type: text/xml; charset=UTF-8
Access-Control-Allow-Origin: https://ask.fm
Access-Control-Max-Age: 0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Authorization, x-ad4-*

GET
H/1.1 200
OK rle.cgi Show response
ad.adriver.ru/cgi-bin/ Frame 4EE4 5 KB
6 KB 63ms
63ms XHR
text/xml 195.209.108.35
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adriver.ru/cgi-bin/rle.cgi?sid=222536&bn=1&bt=61&pz=0&w=400&h=220&vp=5&target=top&vmindn=5&vmaxdn=180&vminbtr=30&vmaxbtr=3000&tuid=1&rnd=1917231499&tail256=https%3A%2F%2Fask.fm%2F
Requested by: Host: ask.fm
URL: https://ask.fm/zipperdragon8103
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.108.35 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: 70562ee13c94a8356893a0e54d83ecbb68935332acd723072761311ccba6ddc1

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:51 GMT
Transfer-Encoding: chunked
P3P: policyref="https://adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Access-Control-Allow-Origin: https://ask.fm
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
ads.viralize.tv/vast/ Frame 4EE4 2 KB
1 KB 30ms
29ms XHR
text/xml 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.viralize.tv/vast/?zid=AADPh4dFgdgbKwgH&u=ask.fm&cbb=1917231500
Requested by: Host: ask.fm
URL: https://ask.fm/zipperdragon8103
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: 94a8b91d51ecd1e04ca1bbf6c3f863e91c1591fa4cb0290697ae7edc90be73a7

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:51 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding, Origin
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://ask.fm
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google
expires: 0

GET
H/1.1 200
OK vast Show response
moevideo.biz/ Frame 4EE4 2 KB
1 KB 164ms
163ms XHR
application/xml 92.38.138.105
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moevideo.biz/vast?ref=viads-ask.fm&impressionAfterPaid=1&es=1&vl=1&mvis=1&referrer=https%3A%2F%2Fask.fm%2Fzipperdragon8103&cbb=1917231500
Requested by: Host: ask.fm
URL: https://ask.fm/zipperdragon8103
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.138.105 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx / PHP/5.5.38
Resource Hash: 6e68f094f54a0e651834062d12692237e4b512ded6888e8c635378ffd0f2af67

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:51 GMT
Content-Encoding: gzip
X-Mv-Embed-Version: 1352
X-Powered-By: PHP/5.5.38
Transfer-Encoding: chunked
Connection: keep-alive
X-My-Reqtime: 0.083
Pragma: no-cache
Last-Modified: Tue, 25 May 2021 04:33:51 GMT
Server: nginx
X-My-Name: s39
Access-Control-Allow-Methods: GET, POST
Content-Type: application/xml
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
X-Mv-TryCache: 0
X-My-App-Time: 0.001
Access-Control-Allow-Headers: Content-Type, Accept
Expires: Thu, 19 Feb 1998 13:24:18 GMT

GET
H2 200 dsp
logs.viadata.store/event/ Frame 4EE4 43 B
296 B 68ms
67ms Image
image/gif 23.111.115.244
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.viadata.store/event/dsp?sid=102415&event=rtb&event2=request&cb=1621917231497&tid=2110

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 04:33:51 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2 200 dsp
logs.viadata.store/event/ Frame 4EE4 43 B
296 B 68ms
67ms Image
image/gif 23.111.115.244
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.viadata.store/event/dsp?sid=102415&event=rtb&event2=request&cb=1621917231498&tid=2106

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 04:33:51 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2 200 dsp
logs.viadata.store/event/ Frame 4EE4 43 B
296 B 68ms
67ms Image
image/gif 23.111.115.244
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.viadata.store/event/dsp?sid=102415&event=rtb&event2=request&cb=1621917231498&tid=2552

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 04:33:51 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2 200 dsp
logs.viadata.store/event/ Frame 4EE4 43 B
296 B 68ms
67ms Image
image/gif 23.111.115.244
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.viadata.store/event/dsp?sid=102415&event=rtb&event2=request&cb=1621917231499&tid=2108

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 04:33:51 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2 200 dsp
logs.viadata.store/event/ Frame 4EE4 43 B
296 B 69ms
68ms Image
image/gif 23.111.115.244
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.viadata.store/event/dsp?sid=102415&event=rtb&event2=request&cb=1621917231499&tid=4760

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 04:33:51 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2 200 dsp
logs.viadata.store/event/ Frame 4EE4 43 B
296 B 69ms
68ms Image
image/gif 23.111.115.244
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.viadata.store/event/dsp?sid=102415&event=rtb&event2=request&cb=1621917231499&tid=2111

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 04:33:51 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2 200 dsp
logs.viadata.store/event/ Frame 4EE4 43 B
296 B 72ms
67ms Image
image/gif 23.111.115.244
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.viadata.store/event/dsp?sid=102415&event=rtb&event2=request&cb=1621917231500&tid=2555

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 04:33:51 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2 200 dsp
logs.viadata.store/event/ Frame 4EE4 43 B
296 B 72ms
67ms Image
image/gif 23.111.115.244
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.viadata.store/event/dsp?sid=102415&event=rtb&event2=request&cb=1621917231500&tid=2109

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 04:33:51 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2 200 viralize_vpaid.min.d7315bd0.js Show response
static.viralize.tv/ Frame 2C1D 60 KB
18 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00::210:ba28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.viralize.tv/viralize_vpaid.min.d7315bd0.js
Requested by: Host: ask.fm
URL: https://ask.fm/zipperdragon8103
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 86034ce77b3a6b40a35a983344766af5d5f5321ef04e81ec86cb2332d8676d66

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:51 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-Uy7F1JY42k-Qvyhz7kH65YKVuvOdCgIiFCE_XVgdP_JYTLqWDvq1yzoBz0q2ZeeNQrZAc0C3ObtRHSVia_3LPQ-6aTqXA
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 18173
last-modified: Mon, 17 May 2021 13:15:57 GMT
server: UploadServer
etag: "d7315bd0cad47e1de22db2bcee62a5da"
vary: Accept-Encoding
x-goog-hash: crc32c=LNcUbg==, md5=1zFb0MrUfh3iLbK87mKl2g==
x-goog-generation: 1621257357658649
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-goog-stored-content-length: 61774
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 24 Jun 2021 04:33:51 GMT

GET
H/1.1 200
OK vpaid.min.js Show response
moevideo.biz/embed/player/1661/vpaid/ Frame 380E 7 KB
3 KB 80ms
80ms Script
application/x-javascript 92.38.138.105
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moevideo.biz/embed/player/1661/vpaid/vpaid.min.js
Requested by: Host: ask.fm
URL: https://ask.fm/zipperdragon8103
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.138.105 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: e3cedeedecd228caa058b365fd4dd4a40f1995c71bc979fe79827bb752bbe2b8

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:51 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Apr 2021 12:17:35 GMT
Server: nginx
X-My-Name: s3
ETag: W/"60758bdf-1c64"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Connection: keep-alive
X-My-Reqtime: 0.000

GET
H2 200 context.js Show response
an.yandex.ru/system/ 136 KB
38 KB 57ms
56ms Script
text/javascript 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/context.js

Requested by

Host: ask.fm
URL: https://ask.fm/zipperdragon8103

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8f5c88296da53f7bd8df3c82dd50dfa9e765bd4844546f09fc64184eadf58e65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
strict-transport-security: max-age=31536000
content-encoding: br
etag: 3366536166
x-yandex-req-id: 1621917231727932-1514265929157412565900105-production-app-host-sas-pcode-112
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 25 May 2021 05:33:51 GMT

GET
H2 200 / Show response
ads.viralize.tv/player/ Frame 2C1D 7 KB
3 KB 38ms
37ms XHR
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.viralize.tv/player/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fask.fm&cbb=1917231500&sid=01ebbd1267e5a9caf3a9b96444c02011&ahd=1&enable_branding=0&player_session=%7B%22page_id%22%3A%220179a1ccdf8dc1430483c7f9607c70f0%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1383%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A432%2C%22height%22%3A243%7D%2C%22pub_platform%22%3A%22%22%7D&dd=ask.fm&sc=1&gdpr=1&cs=&cmp=unavailable
Requested by: Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.d7315bd0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: cfeec7a86c46e8e3f75bcdfce7a619228cbb322011e54da8171f8130dae4bacf

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:51 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ask.fm
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 raven.min.js Show response
cdn.ravenjs.com/3.17.0/ Frame 8A3E 25 KB
9 KB 15ms
14ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Requested by: Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.d7315bd0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Fastly /
Resource Hash: 570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:51 GMT
content-encoding: gzip
last-modified: Thu, 13 Jul 2017 16:58:06 GMT
server: Fastly
age: 1844
etag: "51d6eff0ea5151f41fa0e2f3310fc7c7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 9634

GET
H3-29 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.1/ Frame 8A3E 95 KB
33 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.1/jquery.min.js

Requested by

Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.d7315bd0.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 21:19:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 285237
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34056
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 May 2022 21:19:54 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ Frame 8A3E 72 B
145 B 23ms
22ms Script
text/javascript 2a04:4e42:200::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated

Requested by

Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.d7315bd0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 7692186
detected-user-agent: Chrome Mobile/89.0.4389
server-timing: HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length: 74
referrer-policy: origin-when-cross-origin
last-modified: Wed, 24 Feb 2021 10:10:21 GMT
date: Tue, 25 May 2021 04:33:51 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/89.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 8A3E 334 KB
115 KB 32ms
18ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.d7315bd0.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f70fee72f4b08b7a97e7740fc8bbc725f9877ce869b60a8e2f233327b52fb020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117244
x-xss-protection: 0
expires: Tue, 25 May 2021 04:33:51 GMT

GET
H2 200 viralize_player.min.fabab513.js Show response
static.viralize.tv/ Frame 8A3E 620 KB
180 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00::210:ba28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.viralize.tv/viralize_player.min.fabab513.js
Requested by: Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_vpaid.min.d7315bd0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 817384cf858af3b24293ea9cdce876477a4ec2e6bd1bd37ff7d0a4012f97f8f8

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:51 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-UzbGn4mMVR1J74FYyFqMdOrbKV_32HIspt3F_V-37EJlf6wbfjll6QHCERDX2yR7-4AcwtQ9c0Hjm5e6Sl3z6A
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 182957
last-modified: Fri, 21 May 2021 11:25:00 GMT
server: UploadServer
etag: "fabab513c32ae27db080ed8283cdc6d5"
vary: Accept-Encoding
x-goog-hash: crc32c=D/dkTg==, md5=+rq1E8Mq4n2wgO2Cg83G1Q==
x-goog-generation: 1621596300129205
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-goog-stored-content-length: 634663
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 24 Jun 2021 04:33:51 GMT

GET
H2 200 polyfill.min.js
polyfill.io/v3/ Frame 8A3E 72 B
116 B 13ms
13ms Other
text/javascript 2a04:4e42:200::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated

Requested by

Host: ask.fm
URL: https://ask.fm/zipperdragon8103

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 7692186
detected-user-agent: Chrome Mobile/89.0.4389
server-timing: HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length: 74
referrer-policy: origin-when-cross-origin
last-modified: Wed, 24 Feb 2021 10:10:21 GMT
date: Tue, 25 May 2021 04:33:51 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/89.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK vpaid Show response
moevideo.biz/embed/ Frame BD8F 19 KB
9 KB 228ms
228ms Document
text/html 92.38.138.105
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moevideo.biz/embed/vpaid?token=jeJkSND68%2BRIHXvZtynaYI0f3jDRZqyIOY6Gy8Bp2jlEk%2Bytm6wGtYEaKnysogYs&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fzipperdragon8103&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1661/vpaid/vpaid.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.138.105 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx / PHP/5.5.38
Resource Hash: fec349d7669261f3f91bd63f18ac03eee8e20931777f34a845a4dd321d343f8e

Request headers

Host: moevideo.biz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ask.fm/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: mvuid=2c9b7ca5ee3973863919; mvsid=79edd8af-c10e-46ea-9def-d9c67e1e48b6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ask.fm/

Response headers

Server: nginx
Date: Tue, 25 May 2021 04:33:51 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.5.38
X-My-Adv-Time: 0.00100708007812
Expires: Thu, 19 Feb 1998 13:24:18 GMT
Last-Modified: Tue, 25 May 2021 04:33:51 GMT
Cache-Control: max-age=0
Pragma: no-cache
X-Mv-TryCache: 0
X-My-App-Time: 0.007
X-Mv-Embed-Version: 1352
X-My-Name: s33
X-My-Reqtime: 0.101
Content-Encoding: gzip

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 8A3E 65 B
642 B 105ms
105ms XHR
text/xml 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=1052170&t=2&url=https%3A%2F%2Fask.fm&gdpr=1&gdpr_consent=&w=432&h=243&t=1&random=1621917231

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:51 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://ask.fm
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 /
ads.viralize.tv/t-bid-opportunity/ Frame 8A3E 0
73 B 27ms
27ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ebbd1267e5a9caf3a9b96444c02011&item=YWRuXzY4NjQCqIY-zq6lUg%3D%3D.1.wp1sc1
Requested by: Host: ask.fm
URL: https://ask.fm/zipperdragon8103
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:51 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 advast Show response
ice.360yield.com/ Frame 8A3E 27 B
235 B 94ms
93ms XHR
application/xml 52.58.124.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/advast?p=22297298&w=16&h=9&minduration=1&maxduration=60&player_width=432&player_height=243&referrer=https%3A%2F%2Fask.fm&gdpr=&vast_version=3&vpaid_version=2&video_format_type=instream&schain=1.0,1!viralize.com,4704,1,,,
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.124.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ask.fm
date: Tue, 25 May 2021 04:33:52 GMT
access-control-allow-credentials: true
content-type: application/xml; charset=UTF-8
content-length: 27
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 /
ads.viralize.tv/t-bid-opportunity/ Frame 8A3E 0
82 B 27ms
26ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ebbd1267e5a9caf3a9b96444c02011&item=YWRuXzUyMDABVS7K5Q4_fA%3D%3D.2.wp2sc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:51 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 204 /
ads.viralize.tv/track/ Frame 8A3E 0
39 B 26ms
26ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebbd1267e5a9caf3a9b96444c02011%3A0%3AYWRuXzY4NjQCqIY-zq6lUg%3D%3D~wp1sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzY4NjQCqIY-zq6lUg%3D%3D~wp1sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:52 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H/1.1 200
OK styles.css
moevideo.biz/embed/player/1661/skins/gray/ Frame BD8F 54 KB
16 KB 81ms
81ms Stylesheet
text/css 92.38.138.105
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moevideo.biz/embed/player/1661/skins/gray/styles.css
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=jeJkSND68%2BRIHXvZtynaYI0f3jDRZqyIOY6Gy8Bp2jlEk%2Bytm6wGtYEaKnysogYs&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fzipperdragon8103&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.138.105 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 8981b7634262efb2ccddde3aaf691c544eb2e2a9f95fe7f7976d6574a14999e4

Request headers

Referer: https://moevideo.biz/embed/vpaid?token=jeJkSND68%2BRIHXvZtynaYI0f3jDRZqyIOY6Gy8Bp2jlEk%2Bytm6wGtYEaKnysogYs&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fzipperdragon8103&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:52 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Apr 2021 12:16:35 GMT
Server: nginx
X-My-Name: s2
ETag: W/"60758ba3-d99f"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive
X-My-Reqtime: 0.000

GET
H/1.1 200
OK mvplayer.min.js Show response
moevideo.biz/embed/player/1661/ Frame BD8F 574 KB
165 KB 137ms
136ms Script
application/x-javascript 92.38.138.105
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moevideo.biz/embed/player/1661/mvplayer.min.js
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=jeJkSND68%2BRIHXvZtynaYI0f3jDRZqyIOY6Gy8Bp2jlEk%2Bytm6wGtYEaKnysogYs&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fzipperdragon8103&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.138.105 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 5ac8bf8a7a52ce541b0804f46220ad95e33b718a2e5c3d028bdf1434848d6731

Request headers

Referer: https://moevideo.biz/embed/vpaid?token=jeJkSND68%2BRIHXvZtynaYI0f3jDRZqyIOY6Gy8Bp2jlEk%2Bytm6wGtYEaKnysogYs&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fzipperdragon8103&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:52 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Apr 2021 12:17:46 GMT
Server: nginx
X-My-Name: s1
ETag: W/"60758bea-8f7eb"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Connection: keep-alive
X-My-Reqtime: 0.000

GET
H2 200 / Show response
s.richaudience.com/vid/MP_Ua8BIWjxkR/1621917231/ Frame 8A3E 160 B
340 B 49ms
48ms XHR
text/xml 168.119.138.39
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/vid/MP_Ua8BIWjxkR/1621917231/?hasConsent=1&consentString=&mref=https%3A%2F%2Fask.fm&fp=130
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.138.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 21aa80733a2e64012e3f4f18beb996d922b2cbe4eb24fe383c556ee13baf1fd2

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:52 GMT
content-encoding: gzip
server: nginx/1.10.3
vary: Accept-Encoding
content-type: text/xml;charset=UTF-8
access-control-allow-origin: https://ask.fm
access-control-max-age: 86400
access-control-allow-credentials: true

GET
H2 200 /
ads.viralize.tv/t-bid-opportunity/ Frame 8A3E 0
82 B 26ms
26ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ebbd1267e5a9caf3a9b96444c02011&item=YWRuXzU0MDa7VgRR7a8xUg%3D%3D.3.wp3sc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:52 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 204 /
ads.viralize.tv/track/ Frame 8A3E 0
39 B 26ms
25ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebbd1267e5a9caf3a9b96444c02011%3A0%3AYWRuXzUyMDABVS7K5Q4_fA%3D%3D~wp2sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzUyMDABVS7K5Q4_fA%3D%3D~wp2sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:52 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H/1.1 200
OK 280210 Show response
search.spotxchange.com/vast/2.0/ Frame 8A3E 67 B
1 KB 53ms
52ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/280210?VPAID=JS&content_page_url=https%3A%2F%2Fask.fm&cb=1621917231&player_width=432&player_height=243&gdpr=1&gdpr_consent=&custom[format]=instream&schain=1.0,1!viralize.com,4704,1,,,
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:52 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000320
X-SpotX-Timing-SpotMarket: 0.010371
X-SpotX-Timing-Page-Mux: 0.000239
X-SpotX-Timing-Page-Require: 0.000438
X-fe: 134
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000023
Content-Length: 77
X-SpotX-Timing-Page: 0.015908
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000338
Last-Modified: Tue, 25 May 2021 04:33:52 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.010371
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://ask.fm
X-SpotX-Timing-Page-Misc: 0.004169
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000009
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
ads.viralize.tv/t-bid-opportunity/ Frame 8A3E 0
82 B 27ms
26ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ebbd1267e5a9caf3a9b96444c02011&item=YWRuXzQ2MTnoFV5GeobRcA%3D%3D.4.wp4sc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:52 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 204 /
ads.viralize.tv/track/ Frame 8A3E 0
39 B 26ms
26ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebbd1267e5a9caf3a9b96444c02011%3A0%3AYWRuXzU0MDa7VgRR7a8xUg%3D%3D~wp3sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzU0MDa7VgRR7a8xUg%3D%3D~wp3sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:52 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 8A3E 1 KB
2 KB 44ms
43ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=11644081&domain=ask.fm&loc=ask.fm&_fw_gdpr=1&_fw_gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 40c44fd957e03a23dff99f0d4f69556d50ea9469fe7fc4cac16fe2f0ec3a5971

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:52 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1304
x-sticky-va: 1
x-sticky-vk: 1621917232082024-424
Expires: Tue, 25 May 2021 04:33:52 GMT

GET
H2 200 /
ads.viralize.tv/t-bid-opportunity/ Frame 8A3E 0
82 B 26ms
25ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ebbd1267e5a9caf3a9b96444c02011&item=YWRuXzUwODiQS2KJhCtM5Q%3D%3D.5.wp5sc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:52 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 /
ads.viralize.tv/t-bid-done/ Frame 8A3E 0
82 B 30ms
30ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-done/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&item=YWRuXzUwODiQS2KJhCtM5Q%3D%3D&sc=wp5sc1&l=vpaid&as=stickyADStv&ct=application%2Fjavascript&sid=01ebbd1267e5a9caf3a9b96444c02011
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:52 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 6EB5 328 KB
111 KB 6ms
6ms Script
application/x-javascript 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_player.min.fabab513.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: de516f330c0084178fc78cd5e6d49cba306d8380428386b088b6805c512a1561

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Mar 2021 03:29:54 GMT
ETag: "1616556594"
X-HW: 1621917229.dop165.fr8.t,1621917232.cds240.fr8.shn,1621917232.cds240.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 113077

GET
H2 204 /
ads.viralize.tv/track/ Frame 8A3E 0
39 B 25ms
25ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebbd1267e5a9caf3a9b96444c02011%3A0%3AYWRuXzQ2MTnoFV5GeobRcA%3D%3D~wp4sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzQ2MTnoFV5GeobRcA%3D%3D~wp4sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_done%22%2C%22session_id%22%3A%2201ebbd1267e5a9caf3a9b96444c02011%3A0%3AYWRuXzUwODiQS2KJhCtM5Q%3D%3D~wp5sc1%3A0%22%2C%22bid_done_id%22%3A%220%22%2C%22label%22%3A%22bid_selected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:52 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H2

403

/
c1.adform.net/serving/cookie/match/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=1&gdpr_consent=null

0
330 B

43ms
42ms

Image
text/plain

37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=18&gdpr=1&gdpr_consent=null

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:52 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

Redirect headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:52 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://c1.adform.net/serving/cookie/match/?party=18&gdpr=1&gdpr_consent=null
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1621917232066048-394
Expires: Tue, 25 May 2021 04:33:52 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 6EB5 301 B
847 B 43ms
43ms XHR
text/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=11644081&loc=https%3A%2F%2Fask.fm%2Fzipperdragon8103
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:52 GMT
Server: nginx
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1621917232109038-399
Expires: Tue, 25 May 2021 04:33:52 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 6EB5 67 B
711 B 132ms
132ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=11644081&loc=https%3A%2F%2Fask.fm%2Fzipperdragon8103&domain=ask.fm&reqType=AdsSetup&_fw_gdpr=1&protocolVersion=2.0&_fw_gdpr_consent=&schain=1.0%2C1!viralize.com%2C4704%2C1%2C%2C%2C&auction=1&vav=33ae02a4f94587e28940b7ef4574e5a5&vaviv=8ce07503699faf4263a96b3d4cf02ba2&mustangVersion=1.11.8.1&focus=true&percentViewable=100&componentId=vpaid-adapter&playerSize=0x0&sizeDebug=%7Bw%3D0%2Ch%3D0%2CenvPS%3D%7Bwidth%3D0%2Cheight%3D0%7D%2CcontS%3D%7Bwidth%3D0%2Cheight%3D0%7D%7D&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:52 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1621917231941080-352
Expires: Tue, 25 May 2021 04:33:52 GMT

GET
H/1.1 200
OK storage.html Show response
moe.video/ Frame 4151 18 KB
7 KB 215ms
215ms Document
text/html 92.223.106.16
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moe.video/storage.html?v=08
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1661/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.223.106.16 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Host: moe.video
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://moevideo.biz/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://moevideo.biz/

Response headers

Server: nginx
Date: Tue, 25 May 2021 04:33:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 07 May 2021 20:13:21 GMT
ETag: W/"60959f61-4783"
X-My-Name: s1
X-My-Reqtime: 0.100
X-B-Name: f40
Content-Encoding: gzip

GET
DATA 200
OK truncated
/ Frame BD8F 313 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6add357eb64adef558f956767816927de0b8be69dd7a8f50953a0f79ee20daee

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET user-matching
ads.stickyadstv.com/ Frame 6EB5 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=feb37fea3efb27c35e45db961af7d253&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
344 B

99ms
99ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/ecm3?id=feb37fea3efb27c35e45db961af7d253&ex=freewheel.tv&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:52 GMT
Server: Server
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:52 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=feb37fea3efb27c35e45db961af7d253&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1621917232019081-356
Expires: Tue, 25 May 2021 04:33:52 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZmViMzdmZWEzZWZiMjdjMzVlNDVkYjk2MWFmN2QyNTM=&gdpr=0&gdpr_consent=

170 B
188 B

38ms
37ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZmViMzdmZWEzZWZiMjdjMzVlNDVkYjk2MWFmN2QyNTM=&gdpr=0&gdpr_consent=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:52 GMT
Server: nginx
Cache-Control: max-age=0, no-cache, no-store
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZmViMzdmZWEzZWZiMjdjMzVlNDVkYjk2MWFmN2QyNTM=&gdpr=0&gdpr_consent=
Access-Control-Allow-Origin: *
Cneonction: close
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1621917232303012-350
Expires: Tue, 25 May 2021 04:33:52 GMT

GET
H/1.1

200
OK

ac Show response
www8.smartadserver.com/ Frame 8A3E
Redirect Chain

https://www8.smartadserver.com/ac?siteid=115779&pgid=1343569&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1621917231&vpw=432&vph=243&pgDomain=ask.fm&gdpr_consent=&gdpr=1&schai...
https://www8.smartadserver.com/ac?siteid=115779&pgid=1343569&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1621917231&vpw=432&vph=243&pgDomain=ask.fm&gdpr_consent=&gdpr=1&schai...

129 B
504 B

126ms
126ms

XHR
text/xml

185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www8.smartadserver.com/ac?siteid=115779&pgid=1343569&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1621917231&vpw=432&vph=243&pgDomain=ask.fm&gdpr_consent=&gdpr=1&schain=1.0%2C1!viralize.com%2C4704%2C1%2C%2C%2C&cklb=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:51 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://ask.fm
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
transfer-encoding: chunked

Redirect headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:52 GMT
location: https://www8.smartadserver.com/ac?siteid=115779&pgid=1343569&fmtid=43957&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&tmstp=1621917231&vpw=432&vph=243&pgDomain=ask.fm&gdpr_consent=&gdpr=1&schain=1.0%2C1!viralize.com%2C4704%2C1%2C%2C%2C&cklb=1
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://ask.fm
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 /
ads.viralize.tv/t-bid-opportunity/ Frame 8A3E 0
82 B 27ms
26ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ebbd1267e5a9caf3a9b96444c02011&item=YWRuXzU5ODC9bGvV0x6X6w%3D%3D.6.wp6sc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:52 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame BD8F 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=jeJkSND68%2BRIHXvZtynaYI0f3jDRZqyIOY6Gy8Bp2jlEk%2Bytm6wGtYEaKnysogYs&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fzipperdragon8103&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 420
date: Tue, 25 May 2021 04:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Tue, 25 May 2021 06:26:52 GMT

GET
H/1.1 200
OK ads-async.js Show response
ad.mail.ru/static/ Frame BD8F 197 B
489 B 43ms
42ms Script
application/javascript 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/static/ads-async.js
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=jeJkSND68%2BRIHXvZtynaYI0f3jDRZqyIOY6Gy8Bp2jlEk%2Bytm6wGtYEaKnysogYs&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fzipperdragon8103&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 66d1c7aa064387309678f78ae89291315e156ae7a6247f84b8813cd2a23d9318

Request headers

Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:52 GMT
Server: nginx
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=600
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 197
Expires: Tue, 25 May 2021 04:43:52 GMT

GET
H2 200 AdRiverFPS_MV.js Show response
content.adriver.ru/banners/0007207/0007207973/0/ Frame BD8F 10 KB
10 KB 72ms
72ms Script
application/x-javascript 77.109.110.134
EDPNET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.adriver.ru/banners/0007207/0007207973/0/AdRiverFPS_MV.js?id1=2c9b7ca5ee3973863919
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/vpaid?token=jeJkSND68%2BRIHXvZtynaYI0f3jDRZqyIOY6Gy8Bp2jlEk%2Bytm6wGtYEaKnysogYs&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fzipperdragon8103&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.109.110.134 Brussels, Belgium, ASN9031 (EDPNET, BE),
Reverse DNS
Software: nginx /
Resource Hash: c95123ccc9890a5ac5dba9d9060abc099e1fcb9f7e1043c675188ac12942616f

Request headers

Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:52 GMT
last-modified: Fri, 09 Apr 2021 14:49:31 GMT
server: nginx
etag: "6070697b-26a8"
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 9896
expires: Tue, 25 May 2021 05:33:52 GMT

GET
H/1.1 200
OK shim.gif
creatives.sascdn.com/ Frame 8A3E 43 B
378 B 6ms
6ms Image
image/gif 2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creatives.sascdn.com/shim.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:52 GMT
Last-Modified: Fri, 17 Aug 2018 12:23:00 GMT
Server: Apache
ETag: "221d8352905f2c38b3cb2bd191d630b0:1534508580"
Content-Type: image/gif
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 25 May 2022 04:33:52 GMT

GET
H2 200 / Show response
ads.viralize.tv/d-vast/ Frame 8A3E 71 B
143 B 29ms
28ms XHR
text/xml 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.viralize.tv/d-vast/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fask.fm&cbb=1917231500&sid=01ebbd1267e5a9caf3a9b96444c02011&ahd=1&enable_branding=0&player_session=%7B%22page_id%22%3A%220179a1ccdf8dc1430483c7f9607c70f0%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1383%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A432%2C%22height%22%3A243%7D%2C%22pub_platform%22%3A%22%22%7D&dd=ask.fm&sc=1&gdpr=1&cmp=unavailable&wfp=7&rcx=460.17321230.1.12
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: 3419057d4d0ea2416ad392eb797ded2ac1033896fc70df1dadd4eaad31862bf1

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:52 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding, Origin
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://ask.fm
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H/1.1 200
OK 04C5EF.js Show response
r.mradx.net/img/BD/ Frame BD8F 119 KB
39 KB 171ms
87ms Script
application/javascript 2a00:1148:db00::28
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://r.mradx.net/img/BD/04C5EF.js
Requested by: Host: ad.mail.ru
URL: https://ad.mail.ru/static/ads-async.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a00:1148:db00::28 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: ea28e1aaa70b7a1ef1e0e6d4f64e1104742ced233b3ee7b2d131f033cca66bca

Request headers

Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 09:46:15 GMT
Server: nginx
ETag: W/"60892ee7-1dc47"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ptv Show response
secure.adnxs.com/ Frame 8A3E 3 KB
2 KB 38ms
37ms XHR
application/xml 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/ptv?member=9986&id=19417482&vplaybackmethod=2&referrer=ask.fm&gdpr=1&gdpr_consent=&cb=1621917231

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

66cbcb8f742297b3c9d1ac4423932036c78b0802011f7df08e7f636a07406cb2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:52 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.104.185.164; 185.104.185.164; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.69:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: e193ef65-63bd-4fed-8cb8-c08af2bcadb7
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/xml; charset=utf-8
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 /
ads.viralize.tv/t-bid-opportunity/ Frame 8A3E 0
82 B 27ms
27ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ebbd1267e5a9caf3a9b96444c02011&item=YWRuXzUzMTSscnPHo3Jnhw%3D%3D.8.wp8sc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:52 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 204 /
ads.viralize.tv/track/ Frame 8A3E 0
39 B 26ms
26ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebbd1267e5a9caf3a9b96444c02011%3A0%3AYWRuXzU5ODC9bGvV0x6X6w%3D%3D~wp6sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzU5ODC9bGvV0x6X6w%3D%3D~wp6sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:52 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H2 200 / Show response
ads.viralize.tv/vast/ Frame 8A3E 71 B
309 B 28ms
27ms XHR
text/xml 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.viralize.tv/vast/?zid=AADYxvtdPOT9teZk&u=appnexus.com&lid=AAV8wvo2iptXlPvO
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: 3419057d4d0ea2416ad392eb797ded2ac1033896fc70df1dadd4eaad31862bf1

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:52 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding, Origin
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://ask.fm
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google
expires: 0

GET
H2 200 av Show response
viralize-d.openx.net/v/1.0/ Frame 8A3E 48 B
251 B 30ms
30ms XHR
text/xml 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://viralize-d.openx.net/v/1.0/av?auid=541171626&url=ask.fm&cb=1621917231&vwd=432&vht=243&gdpr=1&gdpr_consent=&schain=1.0,1!viralize.com,4704,1,,,
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:52 GMT
content-encoding: gzip
server: OXGW/16.207.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://ask.fm
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 /
ads.viralize.tv/t-bid-opportunity/ Frame 8A3E 0
82 B 26ms
26ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ebbd1267e5a9caf3a9b96444c02011&item=YWRuXzQ2ODVqVsva9dTlyQ%3D%3D.9.wp9sc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:52 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H/1.1 200
OK json.cgi Show response
ad.adriver.ru/cgi-bin/ Frame BD8F 384 B
1022 B 62ms
61ms Fetch
application/json 195.209.108.35
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adriver.ru/cgi-bin/json.cgi?sid=1&ad=719473&bt=55&pid=3198680&bid=7189165&bn=7189165&custom=300=0;301=0;302=AK3Z2LJUiAUJx4liaI1tWqw;303=unavail;304=AK3Z2LJUiAUJx4liaI1tWqw;305=2c9b7ca5ee3973863919;306=;307=;308=0;309=0
Requested by: Host: content.adriver.ru
URL: https://content.adriver.ru/banners/0007207/0007207973/0/AdRiverFPS_MV.js?id1=2c9b7ca5ee3973863919
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.108.35 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: a82bd8d33cfaaaffbeefb5380611b8b1b76c9e41bc6550cddade8105aec1bca5

Request headers

Referer: https://moevideo.biz/embed/vpaid?token=jeJkSND68%2BRIHXvZtynaYI0f3jDRZqyIOY6Gy8Bp2jlEk%2Bytm6wGtYEaKnysogYs&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fzipperdragon8103&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:52 GMT
Transfer-Encoding: chunked
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Access-Control-Allow-Origin: https://moevideo.biz
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 8A3E 65 B
642 B 89ms
88ms XHR
text/xml 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=759670&t=2&url=https%3A%2F%2Fask.fm&gdpr=1&gdpr_consent=&w=432&h=243&t=1&random=1621917231

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:52 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://ask.fm
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 /
ads.viralize.tv/t-bid-opportunity/ Frame 8A3E 0
82 B 27ms
27ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ebbd1267e5a9caf3a9b96444c02011&item=YWRuXzQzOTJKzdzZyUFr1w%3D%3D.10.wp10sc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:52 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 204 /
ads.viralize.tv/track/ Frame 8A3E 0
39 B 28ms
28ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebbd1267e5a9caf3a9b96444c02011%3A0%3AYWRuXzUzMTSscnPHo3Jnhw%3D%3D~wp8sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzUzMTSscnPHo3Jnhw%3D%3D~wp8sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebbd1267e5a9caf3a9b96444c02011%3A0%3AYWRuXzQ2ODVqVsva9dTlyQ%3D%3D~wp9sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzQ2ODVqVsva9dTlyQ%3D%3D~wp9sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:52 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H/1.1 200
OK / Show response
ad.mail.ru/adq/ Frame BD8F 83 B
450 B 46ms
45ms Script
application/x-javascript 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/adq/?callback=mailru_ad1621917232763&q=199847&_=68255824
Requested by: Host: r.mradx.net
URL: https://r.mradx.net/img/BD/04C5EF.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: d3e334ff5fa2e31f8d40520a5297f4c7c708b452f99d2492b491579bdf7ae0bd

Request headers

Referer: https://moevideo.biz/embed/vpaid?token=jeJkSND68%2BRIHXvZtynaYI0f3jDRZqyIOY6Gy8Bp2jlEk%2Bytm6wGtYEaKnysogYs&ref=viads-ask.fm&title=&duration=0&test=0&proxyVars%5Breferer%5D=https%3A%2F%2Fask.fm%2Fzipperdragon8103&impressionAfterPaid=1&muteVisibleCheck=1&vl=1&es=1&mvver=1661
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 04:33:52 GMT
Content-Encoding: gzip
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: private, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 8A3E 965 B
850 B 36ms
35ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917231
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: a884956d989dbfcf828271e94f1e0b81ed8c1235f28f045c0110427b52eb05c6

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:52 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5b1869b8fc7b9"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://ask.fm
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 597
expires: Tue, 25 May 2021 04:33:52 GMT

GET
H2 200 /
ads.viralize.tv/t-bid-opportunity/ Frame 8A3E 0
82 B 27ms
26ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&sid=01ebbd1267e5a9caf3a9b96444c02011&item=YWRuXzYwMzne7x9rsv40Jg%3D%3D.11.wp11sc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:52 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 /
ads.viralize.tv/t-bid-done/ Frame 8A3E 0
82 B 28ms
27ms Image
application/json 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/t-bid-done/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fask.fm&t=adn&item=YWRuXzYwMzne7x9rsv40Jg%3D%3D&sc=wp11sc1&l=vpaid&as=PubMatic&ct=application%2Fjavascript&sid=01ebbd1267e5a9caf3a9b96444c02011
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:52 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 4CF3 150 KB
35 KB 46ms
46ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917231
Requested by: Host: static.viralize.tv
URL: https://static.viralize.tv/viralize_player.min.fabab513.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d88253f5fa17497bfdc4546ccf644a8f954c7f2314e41f09354f70b2282e48ae

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:52 GMT
content-encoding: gzip
last-modified: Tue, 05 Jan 2021 07:24:19 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-257f0-5b82218515d54"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 35684

GET
H2 204 /
ads.viralize.tv/track/ Frame 8A3E 0
39 B 26ms
25ms Image
text/plain 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ebbd1267e5a9caf3a9b96444c02011%3A0%3AYWRuXzQzOTJKzdzZyUFr1w%3D%3D~wp10sc1%22%2C%22bid_opportunity_id%22%3A%22YWRuXzQzOTJKzdzZyUFr1w%3D%3D~wp10sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_done%22%2C%22session_id%22%3A%2201ebbd1267e5a9caf3a9b96444c02011%3A0%3AYWRuXzYwMzne7x9rsv40Jg%3D%3D~wp11sc1%3A0%22%2C%22bid_done_id%22%3A%220%22%2C%22label%22%3A%22bid_selected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: uvicorn, Unknown /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:52 GMT
via: 1.1 google
server: uvicorn, Unknown
alt-svc: clear

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame CCDB 38 KB
14 KB 35ms
35ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917231
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ask.fm/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=D04B26AA-CECE-446F-9742-FB18C01113AA; chkChromeAb67Sec=1; DPSync3=1623110400%3A201_197_219%7C1621987200%3A174; SyncRTB3=1623196800%3A35%7C1623110400%3A54_3_220_13_161_7_56_71_21; KRTBCOOKIE_57=22776-8729579150955094641; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEN9TJy4kEwV6UnFdTzj6iDY&KRTB&16514-CAESEN9TJy4kEwV6UnFdTzj6iDY&KRTB&23025-CAESEN9TJy4kEwV6UnFdTzj6iDY; SPugT=1621917229; KRTBCOOKIE_27=16736-uid:5dbd60ac-7e2e-4500-8042-fd7a26c618b2&KRTB&23208-uid:5dbd60ac-7e2e-4500-8042-fd7a26c618b2&KRTB&23114-uid:5dbd60ac-7e2e-4500-8042-fd7a26c618b2&KRTB&16735-uid:5dbd60ac-7e2e-4500-8042-fd7a26c618b2; PugT=1621917230; KRTBCOOKIE_377=6810-b4bb0006-302e-4560-878d-81e532d74be8&KRTB&22918-b4bb0006-302e-4560-878d-81e532d74be8&KRTB&23031-b4bb0006-302e-4560-878d-81e532d74be8; KRTBCOOKIE_391=22924-2233530701112908820&KRTB&23263-2233530701112908820
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ask.fm/

Response headers

last-modified: Tue, 11 May 2021 05:24:02 GMT
etag: "13006b6-96ca-5c2071a26cca4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13964
content-type: text/html; charset=UTF-8
cache-control: public, max-age=58497
expires: Tue, 25 May 2021 20:48:49 GMT
date: Tue, 25 May 2021 04:33:52 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 4CF3 38 KB
14 KB 37ms
36ms Script
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917231
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:52 GMT
content-encoding: gzip
last-modified: Tue, 11 May 2021 05:24:02 GMT
server: Apache/2.2.15 (CentOS)
etag: "13006b6-96ca-5c2071a26cca4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=58497
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13964
expires: Tue, 25 May 2021 20:48:49 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame CCDB 2 KB
3 KB 33ms
33ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=83457286&p=156962&s=795650&a=3435608&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: b24a8d6821c2ad7eb29e1812623a74a5601c40a5a035490230c2f9777c2c9dd5

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:51 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H2 200 48953915 Show response
mc.yandex.com/webvisor/ 43 B
145 B 99ms
99ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=6&wv-hit=896397683&page-url=https%3A%2F%2Fask.fm%2Fzipperdragon8103&rn=1023866807&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1621917233%3Aw%3A1600x1200%3Av%3A523%3Az%3A120%3Ai%3A20210525063352%3Au%3A1621917221598797747%3Avf%3A5gv0p5rfujionf9a%3Awe%3A1%3Ati%3A2%3Ast%3A1621917233

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:53 GMT
last-modified: Tue, 25-May-2021 04:33:53 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 25-May-2021 04:33:53 GMT

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 7946
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=324B9BE1-F4D9-4B20-BD92-D681552EAC0B
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=324B9BE1-F4D9-4B20-BD92-D681552EAC0B

35 B
468 B

42ms
42ms

Document
image/gif

37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=324B9BE1-F4D9-4B20-BD92-D681552EAC0B

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /serving/cookie/match?CC=1&party=14&cid=324B9BE1-F4D9-4B20-BD92-D681552EAC0B
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 25 May 2021 04:33:53 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: uid=1059986920621745665; expires=Sat, 24 Jul 2021 04:33:53 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Tue, 25 May 2021 04:33:52 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=324B9BE1-F4D9-4B20-BD92-D681552EAC0B
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: C=1; expires=Fri, 25 Jun 2021 04:33:52 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 pubmatic Show response
d5p.de17a.com/getuid/ Frame C70A 35 B
134 B 51ms
50ms Document
image/gif 213.155.156.183
TELIANET Telia Ca...

General

Check archive.org

Show headers Download Go to

Full URL: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.155.156.183 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

:method: GET
:authority: d5p.de17a.com
:scheme: https
:path: /getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

content-length: 35
content-type: image/gif
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 7D6B 43 B
304 B 23ms
20ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Tue, 25 May 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1199
date: Tue, 25 May 2021 04:33:52 GMT
content-length: 43

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CCDB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Mkub4fTZSyC9ktaBVS6sCw%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Mkub4fTZSyC9ktaBVS6sCw%3D%3D&google_tc=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

34ms
33ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:53 GMT
content-encoding: gzip
last-modified: Wed, 21 Oct 2020 18:57:29 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-1f78-5b232eb4914bb"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=30286
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 2654
expires: Tue, 25 May 2021 12:58:39 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame CCDB
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=675660ac-7e30-4800-b317-079148502665

0
128 B

35ms
35ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=675660ac-7e30-4800-b317-079148502665
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:51 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Tue, 25 May 2021 04:33:51 GMT
Server: MT3 3736 915c305 master cdg-pixel-x28
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=675660ac-7e30-4800-b317-079148502665
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 25 May 2021 04:33:50 GMT

GET
H/1.1

200
OK

/
pixel.onaudience.com/ Frame CCDB
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=324B9BE1-F4D9-4B20-BD92-D681552EAC0B
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=5d0a239f21a77b2d120f00835e92c9af

35 B
248 B

119ms
119ms

Image
image/gif

51.222.80.231
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=161&icm&cver&mapped=5d0a239f21a77b2d120f00835e92c9af
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.80.231 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns574734.ip-51-222-80.net
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

Redirect headers

date: Tue, 25 May 2021 04:33:53 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://pixel.onaudience.com/?partner=161&icm&cver&mapped=5d0a239f21a77b2d120f00835e92c9af
cache-control: no-cache
access-control-allow-credentials: true
content-type: text/html
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame CCDB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzI0QjlCRTEtRjREOS00QjIwLUJEOTItRDY4MTU1MkVBQzBC&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzI0QjlCRTEtRjREOS00QjIwLUJEOTItRDY4MTU1MkVBQzBC&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
111 B

28ms
27ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:53 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug019:0:356
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame CCDB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAWKF7ieKwmQz45j17MmnK0&google_cver=1

42 B
282 B

28ms
27ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAWKF7ieKwmQz45j17MmnK0&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:53 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug018:0:445
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAWKF7ieKwmQz45j17MmnK0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame CCDB 43 B
611 B 31ms
29ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:52 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 24 May 2021 04:33:52 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame CCDB
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:985060ac-7e30-4400-8126-0c353cadadcc&gdpr=0&gdpr_consent=

42 B
494 B

35ms
35ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:985060ac-7e30-4400-8126-0c353cadadcc&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:51 GMT
cache-control: no-store, no-cache, private
x-lat: amspug004:0:427
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Tue, 25 May 2021 04:33:51 GMT
Server: MT3 3736 915c305 master cdg-pixel-x8
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:985060ac-7e30-4400-8126-0c353cadadcc&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 25 May 2021 04:33:50 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame CCDB
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=542602002293952765

42 B
232 B

35ms
35ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=542602002293952765
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:52 GMT
cache-control: no-store, no-cache, private
x-lat: amspug008:0:404
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:53 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=542602002293952765
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame CCDB
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9fb0b7b2-9768-4cf5-9eee-3a55c2683594

42 B
450 B

36ms
35ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9fb0b7b2-9768-4cf5-9eee-3a55c2683594
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:52 GMT
cache-control: no-store, no-cache, private
x-lat: amspug014:0:401
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:53 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9fb0b7b2-9768-4cf5-9eee-3a55c2683594
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame CCDB
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7722511024432319832&gdpr=0&gdpr_consent=

42 B
365 B

27ms
27ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7722511024432319832&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:53 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug007:0:427
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Tue, 25 May 2021 04:33:53 GMT
X-Proxy-Origin: 185.104.185.164; 185.104.185.164; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.41:80
AN-X-Request-Uuid: da3fb2bf-e5e9-46bf-9f44-b7fffb315c79
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7722511024432319832&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 324B9BE1-F4D9-4B20-BD92-D681552EAC0B
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame CCDB 43 B
578 B 34ms
33ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/324B9BE1-F4D9-4B20-BD92-D681552EAC0B?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:53 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame 4CF3 27 B
115 B 28ms
28ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+7+9+1+0+1+1+1+6&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917231&us_privacy=&cb=1621917232887&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fask.fm%252Fzipperdragon8103&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fask.fm%252Fzipperdragon8103&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-5-25%206:33:53&ranreq=0.2808807008698484&timezone=2&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917231
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:53 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://ask.fm
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-vdbg
content-type: application/xml; charset=utf-8

GET track
aktrack.pubmatic.com/ Frame 4CF3 0
0

GET
H2 200 track
aktrack.pubmatic.com/ Frame 8A3E 0
61 B 33ms
32ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156962&s=795650&a=3435608&ts=1621917232&wa=0&e=96&ier=901
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 04:33:53 GMT
content-length: 0
content-type: text/html

POST
H2 200 48953915 Show response
mc.yandex.com/webvisor/ 43 B
157 B 49ms
48ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=7&wv-hit=896397683&page-url=https%3A%2F%2Fask.fm%2Fzipperdragon8103&rn=520402035&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1621917235%3Aw%3A1600x1200%3Av%3A523%3Az%3A120%3Ai%3A20210525063354%3Au%3A1621917221598797747%3Avf%3A5gv0p5rfujionf9a%3Awe%3A1%3Ati%3A2%3Ast%3A1621917235

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 May 2021 04:33:54 GMT
last-modified: Tue, 25-May-2021 04:33:54 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 25-May-2021 04:33:54 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: emea.viadata.store
URL: https://emea.viadata.store/dynadmic/vast.php?sid=102415&ref=https://ask.fm/zipperdragon8103&gdpr=0&consent=&w=432&h=243&cbb=1917221883

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&_test=YKx_LgABSMB1QgA4

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

Domain: match.adsrvr.org
URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1

Domain: aktrack.pubmatic.com
URL: https://aktrack.pubmatic.com/track?operId=7&p=156962&s=718977&a=2944653&ts=1621917231&wa=0&e=95&vc=2

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=

Domain: aktrack.pubmatic.com
URL: https://aktrack.pubmatic.com/track?operId=7&p=156962&s=795650&a=3435608&ts=1621917233&wa=0&e=95&vc=2

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ask.fm/	1970-01-19 18:36:16	Name: _m_ask_fm_session Value: U3F0TnN4WHZFZlY2WXZmRHFHTVdPRmgvQjN6V0ZBbVFBWXpDbVVmV0s0OC9FdlBDTk1OampiQjRnSlk0ZjhGMGQvR1p6L29STkhhbDZLRTN1TWM3SEVXTUpqeXZhb21ERUFobmh2bkU5cXZnakRGejdhUVBrTy9hSjEwVnRMK3RMcFZBbjlmSms4b0xGZk96c1pSVnYrZDRhQ2g3VWRhNGtnMmovYkFySzJBQzNYQVpPWGpNQnMreU5aM3ZsOVdKeG45UWtRdE02TllZc3ZFVnlWdVUwTHhqVGVsM3NVQ2lQbkswaTdoNjBic1VBdDRhNGRFMEpsMjJUSXpVbkhmbS0tZWdUcUIwN2xncWhqVmVlY2RadHNNUT09--046de8fceb2f1ad8b5b6382e9636610c27bc7cfc
.ask.fm/	1970-01-19 18:33:09	Name: _ym_isad Value: 2
.ask.fm/	1970-01-20 03:17:33	Name: _ym_d Value: 1621917221
.ask.fm/	1970-01-20 03:17:33	Name: _ym_uid Value: 1621917221598797747
ask.fm/	1970-01-20 03:17:54	Name: country Value: FR
ask.fm/	1970-01-20 03:17:54	Name: uuid Value: d82b8aae-4965-4f96-98bc-16687116dbce
ask.fm/	1970-01-19 18:34:50	Name: traffic_source Value: organic
ask.fm/	1970-01-20 03:17:54	Name: locale Value: en

40 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://askfm.adspirit.de/adasync.min.js(Line 1) Message: %cAdSpirit Async%cFetch GDPR data (Feedback: false / GDPR: 1 / Status: / TCString: ) color:white; background-color:#66AADD; border-left:5px solid white; padding:3px; margin-right:10px;
console-api	warning	URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js(Line 61) Message: 06:33:49,736 com.stickyadstv.utils.Browser GDPR 2.0 - TCFAPI function cannot be found. _fw_gdpr: null, _fw_gdpr_consent: null
console-api	info	URL: https://content.adriver.ru/banners/0007207/0007207973/0/AdRiverFPS_MV.js?id1=2c9b7ca5ee3973863919(Line 2) Message: request.onupgradeneeded [object IDBVersionChangeEvent]
console-api	log	URL: https://r.mradx.net/img/BD/04C5EF.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://r.mradx.net/img/BD/04C5EF.js(Line 1) Message: Access to window.top is denied!
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=718977&adId=2944653&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917228(Line 180) Message: pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=718977&adId=2944653&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917228(Line 180) Message: pm-info:Inside catch block, setting the value 1 received in the argument due to error:
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=718977&adId=2944653&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917228(Line 180) Message: pm-info:Finally, debug level set to 1
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=718977&adId=2944653&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917228(Line 180) Message: pm-info:VPAIDMain:handshakeVersion() - PM AD MANAGER RELEASE VERSION: 1.2.0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=718977&adId=2944653&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917228(Line 180) Message: pm-info:VPAIDMain:handshakeVersion() - Player Version:2.0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=718977&adId=2944653&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917228(Line 180) Message: pm-info:into initPreConfiguration method
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=718977&adId=2944653&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917228(Line 180) Message: pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=718977&adId=2944653&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917228(Line 180) Message: pm-info:Inside catch block, setting the value 2 received in the argument due to error:
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=718977&adId=2944653&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917228(Line 180) Message: pm-info:Finally, debug level set to 2
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=718977&adId=2944653&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917228(Line 180) Message: pm-info:into initAd method
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=718977&adId=2944653&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917228(Line 180) Message: pm-info:Inside createQueryString() : QueryString created from adtag variables - adtype=13&pubId=156962&siteId=718977&adId=2944653&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+7+9+1+0+1+1+1+6&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917228&us_privacy=&cb=1621917230808
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=718977&adId=2944653&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917228(Line 180) Message: pm-info:Inside createQueryString() : QueryString created from adtag variables - SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fask.fm%252Fzipperdragon8103&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fask.fm%252Fzipperdragon8103&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-5-25 6:33:51&ranreq=0.4239633398373106&timezone=2&depth=0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=718977&adId=2944653&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917228(Line 180) Message: pm-info:PM AdRequest Time: 0.602secs.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=718977&adId=2944653&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917228(Line 180) Message: pm-info:Ad Error Time: 0.604secs.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=718977&adId=2944653&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917228(Line 180) Message: pm-info:Total Component Time since player call: 0.683secs.
console-api	error	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=718977&adId=2944653&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917228(Line 180) Message: pm-error:Invalid/Empty VAST Response from PubMatic Ad Server
console-api	warning	URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js(Line 61) Message: 06:33:52,222 com.stickyadstv.utils.Browser GDPR 2.0 - TCFAPI function cannot be found. _fw_gdpr: null, _fw_gdpr_consent: null
console-api	log	URL: https://r.mradx.net/img/BD/04C5EF.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://r.mradx.net/img/BD/04C5EF.js(Line 1) Message: Access to window.top is denied!
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917231(Line 180) Message: pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917231(Line 180) Message: pm-info:Inside catch block, setting the value 1 received in the argument due to error:
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917231(Line 180) Message: pm-info:Finally, debug level set to 1
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917231(Line 180) Message: pm-info:VPAIDMain:handshakeVersion() - PM AD MANAGER RELEASE VERSION: 1.2.0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917231(Line 180) Message: pm-info:VPAIDMain:handshakeVersion() - Player Version:2.0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917231(Line 180) Message: pm-info:into initPreConfiguration method
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917231(Line 180) Message: pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917231(Line 180) Message: pm-info:Inside catch block, setting the value 2 received in the argument due to error:
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917231(Line 180) Message: pm-info:Finally, debug level set to 2
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917231(Line 180) Message: pm-info:into initAd method
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917231(Line 180) Message: pm-info:Inside createQueryString() : QueryString created from adtag variables - adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+7+9+1+0+1+1+1+6&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917231&us_privacy=&cb=1621917232887
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917231(Line 180) Message: pm-info:Inside createQueryString() : QueryString created from adtag variables - SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fask.fm%252Fzipperdragon8103&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fask.fm%252Fzipperdragon8103&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-5-25 6:33:53&ranreq=0.2808807008698484&timezone=2&depth=0
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917231(Line 180) Message: pm-info:PM AdRequest Time: 0.538secs.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917231(Line 180) Message: pm-info:Ad Error Time: 0.539secs.
console-api	info	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917231(Line 180) Message: pm-info:Total Component Time since player call: 0.609secs.
console-api	error	URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156962&siteId=795650&adId=3435608&vadFmt=3&vapi=2&vminl=1&vmaxl=100&vh=243&vw=432&vtype=1&vpos=1&vplay=1+2+3+4&vskip=0&vcom=0&vfmt=1+3+4+5+6+7+9+10+11+12&gdpr=1&gdpr_consent=&placement=1&schain=1.0,1!viralize.com,4704,1,,,&kadpageurl=https%3A%2F%2Fask.fm&cachebuster=1621917231(Line 180) Message: pm-error:Invalid/Empty VAST Response from PubMatic Ad Server

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ad.adriver.ru
ad.mail.ru
ads.pubmatic.com
ads.stickyadstv.com
ads.us.e-planning.net
ads.viralize.tv
adx.adform.net
ajax.googleapis.com
aktrack.pubmatic.com
an.yandex.ru
ask.fm
askfm-usd-d.openx.net
askfm.adspirit.de
bidder.criteo.com
c1.adform.net
casale-match.dotomi.com
cdn.adspirit.de
cdn.connectad.io
cdn.jsdelivr.net
cdn.ravenjs.com
cdn.stickyadstv.com
cdn.viadata.store
ced.sascdn.com
cm.g.doubleclick.net
cmp.optad360.io
connect.facebook.net
content.adriver.ru
creatives.sascdn.com
cs-0.moevideo.biz
d2f6o1s2veeoj7.cloudfront.net
d3r6ceqp4shltl.cloudfront.net
d5p.de17a.com
dis.criteo.com
dmg.digitaltarget.ru
dsum-sec.casalemedia.com
dsum.casalemedia.com
emea.viadata.store
get.optad360.io
ghb.console.adtarget.com.tr
gum.criteo.com
htlb.casalemedia.com
i.connectad.io
ib.adnxs.com
ice.360yield.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
js-sec.indexww.com
loada.exelator.com
logs.viadata.store
match.adsrvr.org
mc.yandex.com
mc.yandex.ru
moe.video
moevideo.biz
mug.criteo.com
onetag-sys.com
pixel.onaudience.com
pixel.quantserve.com
pl.viadata.store
playreplay.me
playreplay.net
pm.w55c.net
polyfill.io
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prg.smartadserver.com
r.mradx.net
rtb-msk-2.viadata.store
s.amazon-adsystem.com
s.richaudience.com
search.spotxchange.com
secure.adnxs.com
serving.stat-rock.com
simage2.pubmatic.com
ssum-sec.casalemedia.com
static.criteo.net
static.viralize.tv
sync-eu.connectad.io
sync-tm.everesttech.net
sync.mathtag.com
sync.richaudience.com
thesame.tv
um.simpli.fi
um2.eqads.com
viadata.store
vid.pubmatic.com
viralize-d.openx.net
vpaid.pubmatic.com
vtg1.rktch.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www8.smartadserver.com
yastatic.net
ads.stickyadstv.com
aktrack.pubmatic.com
cm.g.doubleclick.net
emea.viadata.store
match.adsrvr.org
sync-tm.everesttech.net
13.248.242.197
136.144.59.88
142.250.185.194
144.76.120.254
159.253.128.183
168.119.138.39
168.119.149.178
176.99.5.169
178.250.0.157
178.250.0.163
178.250.2.131
18.198.126.47
185.15.175.134
185.29.135.190
185.33.220.145
185.33.220.241
185.64.189.110
185.64.189.114
185.64.189.115
185.64.190.75
185.64.190.80
185.86.138.16
185.86.139.58
185.94.180.124
193.138.77.142
195.209.108.35
2.16.186.113
2.18.232.130
2.18.233.180
2.18.234.21
2.18.234.233
2.21.111.28
2001:4de0:ac19::1:b:3b
213.155.156.183
23.111.115.172
23.111.115.236
23.111.115.244
23.111.211.20
2600:9000:20eb:d600:7:6e4f:6cc0:21
2600:9000:21f3:4800:11:a4de:2580:93a1
2600:9000:21f3:8800:11:3771:2e40:21
2600:9000:21f3:da00:6:b871:4f00:93a1
2606:4700:10::6816:37ce
2620:116:800d:21:f916:5049:f87f:108e
2a00:1148:db00::17
2a00:1148:db00::28
2a00:1288:110:c305::8000
2a00:1450:4001:808::200e
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2008
2a00:1450:4001:82a::200a
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:6c00::210:ba1a
2a02:26f0:6c00::210:ba28
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8::90
2a02:6ea0:c700::1
2a02:fa8:8806:20::2040
2a03:2880:f030:13:face:b00c:0:3
2a03:2880:f130:83:face:b00c:0:25de
2a04:4e42:200::621
2a04:4e42:3::621
2a04:4e42::729
2a0c:5c81:5142::2
34.98.64.218
35.170.231.210
35.186.238.232
35.244.159.8
37.157.2.234
37.157.6.242
46.249.52.249
51.222.80.231
51.89.9.254
52.57.110.162
52.58.124.95
72.21.206.140
77.109.110.134
85.215.2.53
92.223.103.250
92.223.103.37
92.223.106.16
92.38.138.105
92.38.138.123
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540
08d2503bb471680472543885cfb3912a1d77c0de71645d837aac8d131bb18a1d
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13be9605e71b444b62fa3d78780ea07b8d585696cb3afa8196adb89d17ee26fc
16fd695ea13329e84a86bff1ce2b9bc23d807ced7c4106a932521587b1dda33f
176e4029787198a3a9f1a28252d1caaad487fa0ecc0b81c85647f243eb205c42
18e9f121a9bc0d87790b6868e7590deace3d556cb5ed36694a4eadbdb9211165
1a5c8cd0a6a5f20fa20aabbdebfc2c88bb4f2627bfe161293a0060148e40a39e
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74
21aa80733a2e64012e3f4f18beb996d922b2cbe4eb24fe383c556ee13baf1fd2
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772
23deffedc6282ddb415e452d713ebe11ab459d10443387e33d1f8b1e5d3a1650
240776fce2938601113fe610b9cd8a1205c325df8f3ebc0cbb1ed5b5d7aa2b05
25cdb27fab782e5ee837664296143f732b96d09cad09968e25ca99f1b163ae9d
28004652367fd33d35145be63351633bc125d7ab4f49a527e625187091db6b5f
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
332af2c064777fd78548e8e11e409f891204b2965d2c1f9b40982d548a46a9fa
3419057d4d0ea2416ad392eb797ded2ac1033896fc70df1dadd4eaad31862bf1
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37afcc50aed647983a6e055ccfdcb8ffb5edc9f759d42330a10edb6585f971f7
395731bbf5905424910bac88159528e4ef02fa713082bbd0036d8d17624ec95b
3a2ec2c73d4174ffff6677b1d95a444ba894ddc7f4dc5cc1e561736add95de92
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dc23ab307f18ae1767e2150d7d6bd8f0122e8c91dcefb92e03b9df3ac013a4c
3f32ab7d466ee99b7e292e7b830b4c2ae03c2f959a0555264a01ceb892a15392
3fa21b93719b27fbbac717aa68f4f8a113cc0850a548aa5f001716dcd31ea33c
40b784aed91e0f7d6d756bd7af24b82055d3f0a98480eaa6829d41cc295d16ef
40c44fd957e03a23dff99f0d4f69556d50ea9469fe7fc4cac16fe2f0ec3a5971
41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401
41f7c607aa0ae83dc735e3445740d9fbe19130ff98914feb887ca5458602c2eb
429702afcd7aa19634ee6b6b3b52dc5864ca29c57dc7d50a4e80afc16915ec61
42f60763bfa21d0c1d5fb1ddfb7befe4cc5056c2935c1a046fbf8e476848dd9c
43a6a06d1407a59d762a7a17f5c2c139f6eab37c605dac9f35c3e4400f0563c9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4580dd5d9195a1484f6887d41c289f019eb6f64cfaa55f455de06934e1878439
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
557fad23ed9f127ff974d10134cb33823d5c9c7507bc115ff9583b103cb5211b
55a3395bc0127d2f33ac74342f9ba5183c566edb06590b2791c7581ff89e0ada
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74
572dfb219554a3384efd149ee0bddee095b13c626cbd3a5a0e69fb26ad47589b
583956f94324a10b02c7a1cf495af04a4a53e689f3a9fb6cfb132f8dea5ec244
5ac8bf8a7a52ce541b0804f46220ad95e33b718a2e5c3d028bdf1434848d6731
60408b672ba6458703294ab03864575a4d250442c549f63d9c9196ed66447613
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
64a76d85490bf923477d715fb998da7a59c66988a645d080e2436f40cb3190f6
65985dcfcaab798738d165704f6c42c10fab4386a03aeb105ea3704bdef06f72
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66cbcb8f742297b3c9d1ac4423932036c78b0802011f7df08e7f636a07406cb2
66d1c7aa064387309678f78ae89291315e156ae7a6247f84b8813cd2a23d9318
679642add99b52d0e70450bf716f963f1defaed601e3c472108a3e27129c07ab
6abbc225f2a4334c1a2f201302ad8bea148b00be27446c1ff00e28939b7b4034
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6add357eb64adef558f956767816927de0b8be69dd7a8f50953a0f79ee20daee
6aef7c004e8d9551468e7ba3afa304f8fef2e0a71c6ef432542b90081a9bb051
6e68f094f54a0e651834062d12692237e4b512ded6888e8c635378ffd0f2af67
70562ee13c94a8356893a0e54d83ecbb68935332acd723072761311ccba6ddc1
7368fe1368d514d2438ec6bb0b6663634e627e61a760c4eb5a8af574ae0e3ccc
756b9209561d2a2a4a54f2198bf8e6ebd9b8982452f3a7607026acc259211c81
77cf9c1612dcbfc5626f271d1fbcd09f940ce329f2ecad4964bf22bb3b8f210c
789d737942cb6ea5d8c9984d69a8f6b4d47125a088fbfe9d4f908a7ab3185bb5
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
817384cf858af3b24293ea9cdce876477a4ec2e6bd1bd37ff7d0a4012f97f8f8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
83b9ce69a9267aa37d9fdfcbe4539fc9bae9ddafc91f82625c5e2284104203f2
853324ad1cb1a0bbc62244f1854403cfe21ddb5bd45fd2595d018734c80daac7
85ea197689891192f6f5ea6ceb68ad0ac922bde59f45262a122d44cbe00fd78f
86034ce77b3a6b40a35a983344766af5d5f5321ef04e81ec86cb2332d8676d66
8981b7634262efb2ccddde3aaf691c544eb2e2a9f95fe7f7976d6574a14999e4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c3bd0206604cd99cfabccb30a4217884e646db7bb714a85f772b336323a7d51
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f5c88296da53f7bd8df3c82dd50dfa9e765bd4844546f09fc64184eadf58e65
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
914364ce3cc110a5c057fb8fbac24d6a11a6810c15bf059c59378a12cd4b6f02
91da8490ecdf435c9366a76e79458778c942770460b5ce102fe5bb82f1b96a7a
94a8b91d51ecd1e04ca1bbf6c3f863e91c1591fa4cb0290697ae7edc90be73a7
955cde192ca67fbfa7b2b09e43f72b171f7a0870d6f98a5b545eb549465e94a7
982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee
98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f
9d33f1621ca6eca3c807b75f23aea2f847f1992d487cab0aeb732332af8fab46
9e0941532e70d706aef15f35e1432835cd264136dd148bf3802eaff5003d52ea
9e18d136de6919f81e71cd18adbbd83a8dbbba1e5073b101f3ee35a826b7993a
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a4896518cc71d378856d717ee0349957b4bb387a5556b33c090f9dd7849dfa23
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a82bd8d33cfaaaffbeefb5380611b8b1b76c9e41bc6550cddade8105aec1bca5
a884956d989dbfcf828271e94f1e0b81ed8c1235f28f045c0110427b52eb05c6
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
acefa93cfdc556413f965eec9bb9602e1f347c7ba5197f2b6e991c99ad65d59d
ae3c4c495e3e54f94163b061e738eb97bac631f2f98f32007907eb71d26dc98a
ae5130815a4778efc660602ed651239c9de825f1922316af8c0e3b9adf88bd81
ae78f62cfad2e88c5136451482a8a2eba3cfef2b6c23caeb427ca6113c2bf86c
afd9e506b65b25f760831ce0da628c8d02427f274e2f436841a80d760913ccfe
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1efea1ea1d5dacd4e53c4d220663ec89ebc5c91f6b99c4d7e8f3a670e901ff4
b24a8d6821c2ad7eb29e1812623a74a5601c40a5a035490230c2f9777c2c9dd5
b3b0ef2b10db3b888a68dfffe70f0e91591e3b06b727d0e7b84f22392265e5c9
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2
c0c8fab52bd23faf85d55360f9ee47fe6537f1fb63befc9f19bddda64534e160
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c233d6098087425dfeea8f690fd936de6b3cb2dc9fda991b0a5051169d334399
c3f11ffbaaba9768b1b5b86613b1dfe237de5257be4ac0a8d477ec497e38a20c
c81d385094258a16ed73e19cfef6b5ddd91ffcd692474281cc7b73b95f71a545
c95123ccc9890a5ac5dba9d9060abc099e1fcb9f7e1043c675188ac12942616f
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
cb5821c7f2229b215fd791ce3e7053cf4edab0a2c0c710bd2f701f5bdd18d4d8
cc6732e52b7dbea073b479441cba0b6778251ac742ee21db7dad66cbb9b32071
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
cee03da6372aac6087621b63d577c941c783700c781be1443a42b24626021c34
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfeec7a86c46e8e3f75bcdfce7a619228cbb322011e54da8171f8130dae4bacf
d22aab528f8ff6e3f1a6640a048a11335ac5995890767a9bdda952e2178f0e28
d3e334ff5fa2e31f8d40520a5297f4c7c708b452f99d2492b491579bdf7ae0bd
d68344ec2b50888b7070a552a883bb332e1f1f79f27c87a4211db96528c30f1e
d88253f5fa17497bfdc4546ccf644a8f954c7f2314e41f09354f70b2282e48ae
da99152e855fe6ad6e826fb421e8e168df6cf7fc7f425b8c5a4604d364cb2ec3
dd8be889b25965837eb139dbeae4e895faa347a18f0379eadb02dbffce4371ce
de516f330c0084178fc78cd5e6d49cba306d8380428386b088b6805c512a1561
e1523bb7c50aeb3b7c37d26e7bd7e22977e11013b50865832a9db6b8fc19abc6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cedeedecd228caa058b365fd4dd4a40f1995c71bc979fe79827bb752bbe2b8
e8619b8ec38dde5568e62e07198c1c17af00a7b7592169554e2d9260a16bb233
ea28e1aaa70b7a1ef1e0e6d4f64e1104742ced233b3ee7b2d131f033cca66bca
ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7
eb32ceaf4ddd73a40dcd735f4c8d96926d088850384583a0f4e60938afd72e90
eb7c189c7b381ef66e371579c9a7fc5016e7ac3b0e73b554ba0aa16fa146be55
edb48f47d769a51a21230739ab84880f5d7b12367a72f636e33cb178b0b3d746
ee12cd05fb9abaaf57367f383e0d6a4f8cab62a0061d01a955467d4390a22d95
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efded6408c7e64cd48c00b10bdd63b79539c5bb13a396b9f3773f71fe2d5a606
efeab73559fcc6d5b9a958ecba36f1b35213cc443c218b0cdebd66fc906f3f78
f09091df31ae66d41f2fef3ddcd70fdb7f3f016009c1c617d98a1548612f2cdb
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f1c670c430666ae5141b335260e90338873051526ead9ad670e06c14f611debf
f700108987c0de070499495c0331d07411ba2c78320c66476b666e93734922bc
f70fee72f4b08b7a97e7740fc8bbc725f9877ce869b60a8e2f233327b52fb020
f75c949a2a0cce5cb47dc9ee2afed1393cb89cb36a98b4f14dd77196e756ce39
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
f978f9df482aa6d4b9539ed187c72c7eeed009a2c9263e2ff81a555b0a663d54
fec349d7669261f3f91bd63f18ac03eee8e20931777f34a845a4dd321d343f8e
ffe97ec486ec7774cb9e7f2bb44ade7eebff70b9348d48b065e9d550659b60f9

ask.fm Open in urlscan Pro 193.138.77.142 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

324 Requests

98 %HTTPS

34 %IPv6

61 Domains

97 Subdomains

81 IPs

12 Countries

3928 kBTransfer

9627 kBSize

8 Cookies

12 Outgoing links

Redirected requests

324 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ask.fm Open in urlscan Pro
193.138.77.142 Public Scan

Screenshot
Live screenshot

Full Image

324
Requests

98 %
HTTPS

34 %
IPv6

61
Domains

97
Subdomains

81
IPs

12
Countries

3928 kB
Transfer

9627 kB
Size

8
Cookies

324 HTTP transactions
12 data transactions