URL: https://ask.fm/francecoil85
Submission: On September 22 via manual from GB — Scanned from DE

Summary

This website contacted 77 IPs in 13 countries across 86 domains to perform 319 HTTP transactions. The main IP is 193.138.77.140, located in Latvia and belongs to ASK-FM, US. The main domain is ask.fm.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on September 15th 2021. Valid for: a year.
This is the only time ask.fm was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 193.138.77.140 395754 (ASK-FM)
6 2600:9000:21f... 16509 (AMAZON-02)
1 3.129.250.65 16509 (AMAZON-02)
3 35.201.96.133 15169 (GOOGLE)
1 2a05:d018:ac8... 16509 (AMAZON-02)
3 10 2a02:6b8::1:119 208722 (YNDX)
21 2600:9000:21f... 16509 (AMAZON-02)
4 2600:9000:20e... 16509 (AMAZON-02)
1 52.209.141.213 16509 (AMAZON-02)
8 151.139.128.11 20446 (HIGHWINDS3)
2 2 66.155.71.149 13768 (COGECO-PEER1)
3 3.123.90.134 16509 (AMAZON-02)
12 13 52.57.48.21 16509 (AMAZON-02)
1 1 35.156.165.31 16509 (AMAZON-02)
7 7 213.19.147.44 26120 (RHYTHMONE)
3 4 76.223.111.131 16509 (AMAZON-02)
14 2.18.234.233 16625 (AKAMAI-AS)
7 146.20.128.61 27357 (RACKSPACE)
20 146.20.128.160 27357 (RACKSPACE)
6 6 2001:678:cb4:... 56396 (AMOBEE)
18 146.20.132.73 27357 (RACKSPACE)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
2 2600:9000:215... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
1 2a04:4e42:400... 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 178.250.0.157 44788 (ASN-CRITE...)
5 25 37.252.173.215 29990 (ASN-APPNEX)
1 185.86.137.114 201081 (SMARTADSE...)
1 147.75.38.124 54825 (PACKET)
5 51.89.9.252 16276 (OVH)
1 2.21.111.28 16625 (AKAMAI-AS)
7 88.212.252.2 7979 (SERVERS-COM)
1 13 2606:4700:10:... 13335 (CLOUDFLAR...)
3 11 37.157.3.30 198622 (ADFORM)
1 185.94.180.123 35220 (SPOTX-AMS)
5 13 18.159.240.81 16509 (AMAZON-02)
21 2.18.233.180 16625 (AKAMAI-AS)
1 3 35.244.159.8 15169 (GOOGLE)
3 2600:9000:215... 16509 (AMAZON-02)
4 2.18.232.130 16625 (AKAMAI-AS)
4 185.64.189.115 62713 (AS-PUBMATIC)
2 2 213.155.156.185 1299 (TELIANET ...)
21 185.64.190.80 62713 (AS-PUBMATIC)
1 178.250.2.151 44788 (ASN-CRITE...)
10 10 142.250.185.194 15169 (GOOGLE)
3 3 185.29.132.245 30419 (MEDIAMATH...)
2 185.64.190.81 62713 (AS-PUBMATIC)
1 2 159.253.128.183 36351 (SOFTLAYER)
2 2 2620:116:800d... 16509 (AMAZON-02)
3 185.64.190.75 62713 (AS-PUBMATIC)
2 3.12.29.116 16509 (AMAZON-02)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 3 34.247.198.95 16509 (AMAZON-02)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.229 62713 (AS-PUBMATIC)
1 2 77.243.60.138 42697 (NETIC-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 3.213.248.174 14618 (AMAZON-AES)
4 4 18.156.0.31 16509 (AMAZON-02)
2 2a00:1288:110... 34010 (YAHOO-IRD)
1 1 193.0.160.128 54312 (ROCKETFUEL)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 3 151.101.66.49 54113 (FASTLY)
1 1 178.62.202.251 14061 (DIGITALOC...)
1 1 162.55.6.212 24940 (HETZNER-AS)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 173.231.180.197 29791 (VOXEL-DOT...)
1 1 188.165.4.142 16276 (OVH)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2a04:4e42:600... 54113 (FASTLY)
1 151.101.193.44 54113 (FASTLY)
1 169.197.150.8 398989 (DEEPINTENT)
1 1 34.98.107.212 15169 (GOOGLE)
1 2 37.252.173.27 29990 (ASN-APPNEX)
1 34.254.122.11 16509 (AMAZON-02)
6 144.76.120.254 24940 (HETZNER-AS)
2 13 2.18.234.21 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2 3.120.83.159 16509 (AMAZON-02)
2 2 193.232.148.143 48061 (UMA-TECH-AS)
5 5 31.172.81.158 44066 (DE-FIRSTC...)
3 3 72.251.249.13 29791 (VOXEL-DOT...)
1 151.236.71.146 204720 (CDNETWORKS)
1 2 52.46.154.242 16509 (AMAZON-02)
2 3 104.111.242.53 16625 (AKAMAI-AS)
1 1 54.90.144.255 14618 (AMAZON-AES)
1 35.244.174.68 15169 (GOOGLE)
1 1 35.158.223.21 16509 (AMAZON-02)
1 2 54.36.109.156 16276 (OVH)
2 178.162.133.149 60781 (LEASEWEB-...)
2 2 18.184.95.242 16509 (AMAZON-02)
1 2 34.253.111.115 16509 (AMAZON-02)
1 1 52.71.142.200 14618 (AMAZON-AES)
2 2 52.44.220.233 14618 (AMAZON-AES)
2 2 18.194.125.59 16509 (AMAZON-02)
1 38.27.122.158 174 (COGENT-174)
1 1 34.199.172.6 14618 (AMAZON-AES)
1 1 47.252.78.131 ()
5 52.28.33.143 ()
319 77
Apex Domain
Subdomains
Transfer
53 lkqd.net
ad.lkqd.net
v.lkqd.net
cs.lkqd.net
t.lkqd.net
225 KB
52 pubmatic.com
vpaid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
simage2.pubmatic.com
vid.pubmatic.com
aktrack.pubmatic.com
aud.pubmatic.com
293 KB
31 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
88 KB
31 cloudfront.net
d3r6ceqp4shltl.cloudfront.net
d16vsmxl4d5tw1.cloudfront.net
dbq8hrmshvuto.cloudfront.net
700 KB
15 advertising.com
ads.adaptv.advertising.com
pixel.advertising.com
9 KB
14 stickyadstv.com
ads.stickyadstv.com
18 KB
13 quantumdex.io
useast.quantumdex.io
sync.quantumdex.io
ms.quantumdex.io
2 KB
13 bidswitch.net
x.bidswitch.net
4 KB
12 casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
15 KB
11 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
ads-eu.v.ssp.yahoo.com
8 KB
11 adform.net
adx.adform.net
c1.adform.net
6 KB
11 doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net Failed
1 KB
8 betweendigital.com
ads.betweendigital.com
cache.betweendigital.com
6 KB
8 yandex.com
mc.yandex.com
2 KB
6 stat-rock.com
serving.stat-rock.com
97 KB
6 turn.com
ad.turn.com
3 KB
5 springserve.com
vpaid.springserve.com
vid-io-cle.springserve.com
261 KB
5 onetag-sys.com
onetag-sys.com
3 KB
5 criteo.com
gum.criteo.com
mug.criteo.com
dis.criteo.com
2 KB
5 1rx.io
sync.1rx.io
3 KB
4 adsrvr.org
match.adsrvr.org
2 KB
4 vidoomy.com
ads.vidoomy.com
a.vidoomy.com
7 KB
3 owneriq.net
px.owneriq.net
1 KB
3 lijit.com
ap.lijit.com
2 KB
3 bumlam.com
sync.bumlam.com
2 KB
3 everesttech.net
sync-tm.everesttech.net
1001 B
3 bidr.io
match.prod.bidr.io
2 KB
3 mathtag.com
sync.mathtag.com
2 KB
3 openx.net
vidoomy-d.openx.net
1007 B
3 optad360.io
cmp.optad360.io
get.optad360.io
565 KB
3 colossalcoat.com
colossalcoat.com
30 KB
3 ask.fm
ask.fm
43 KB
2 w55c.net
pm.w55c.net
2 KB
2 stackadapt.com
sync.srv.stackadapt.com
1 KB
2 crwdcntrl.net
bcp.crwdcntrl.net
1 KB
2 sonobi.com
sync.go.sonobi.com
1 KB
2 id5-sync.com
id5-sync.com
3 KB
2 amazon-adsystem.com
s.amazon-adsystem.com
1 KB
2 adsniper.ru
sync3.adsniper.ru
1 KB
2 adhigh.net
px.adhigh.net
821 B
2 creative-serving.com
ads.creative-serving.com
1 KB
2 indexww.com
js-sec.indexww.com
2 KB
2 taboola.com
trc.taboola.com
match.taboola.com
652 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 audrte.com
a.audrte.com
2 KB
2 semasio.net
uipglob.semasio.net
1 KB
2 fiftyt.com
visitor.fiftyt.com
1 KB
2 quantserve.com
pixel.quantserve.com
960 B
2 simpli.fi
um.simpli.fi
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 4dex.io
script.4dex.io
22 KB
2 google-analytics.com
www.google-analytics.com
20 KB
2 facebook.net
connect.facebook.net
70 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com
962 B
2 sitescout.com
pixel-sync.sitescout.com
600 B
2 yandex.ru
mc.yandex.ru
an.yandex.ru Failed
65 KB
1 clientgear.com
event.clientgear.com
261 B
1 ipredictive.com
sync.ipredictive.com
522 B
1 bnmla.com
match.bnmla.com
114 B
1 extend.tv
sync.extend.tv
546 B
1 sharethrough.com
match.sharethrough.com
240 B
1 rlcdn.com
idsync.rlcdn.com
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com
377 B
1 gumgum.com
rtb.gumgum.com
238 B
1 playground.xyz
ads.playground.xyz
486 B
1 deepintent.com
match.deepintent.com
44 B
1 erne.co
green.erne.co
326 B
1 adgrx.com
cm.adgrx.com
408 B
1 ad4m.at
ad4m.at
974 B
1 loopme.me
csync.loopme.me
217 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 rfihub.com
p.rfihub.com
780 B
1 zeotap.com
mwzeom.zeotap.com
455 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 spotxchange.com
search.spotxchange.com
1 KB
1 connectad.io
i.connectad.io Failed
cdn.connectad.io
1 a-mo.net
prebid.a-mo.net
164 B
1 smartadserver.com
prg.smartadserver.com
314 B
1 jsdelivr.net
cdn.jsdelivr.net
1 KB
1 facebook.com
www.facebook.com
313 B
1 googletagmanager.com
www.googletagmanager.com
40 KB
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com
314 B
1 adsafeprotected.com
static.adsafeprotected.com
259 B
1 esputnik.com
esputnik.com
11 KB
0 exelator.com Failed
loada.exelator.com Failed
319 86
Domain Requested by
25 ib.adnxs.com 5 redirects get.optad360.io
vpaid.springserve.com
acdn.adnxs.com
21 d16vsmxl4d5tw1.cloudfront.net ask.fm
20 cs.lkqd.net ad.lkqd.net
18 t.lkqd.net ad.lkqd.net
14 simage2.pubmatic.com ads.pubmatic.com
14 ads.stickyadstv.com ask.fm
ad.lkqd.net
vpaid.springserve.com
13 ads.adaptv.advertising.com 5 redirects ad.lkqd.net
vpaid.springserve.com
13 x.bidswitch.net 12 redirects ads.pubmatic.com
11 sync.quantumdex.io get.optad360.io
sync.quantumdex.io
ssum-sec.casalemedia.com
ads.pubmatic.com
10 ads.pubmatic.com vpaid.pubmatic.com
ads.pubmatic.com
sync.quantumdex.io
10 cm.g.doubleclick.net
8 vpaid.pubmatic.com ad.lkqd.net
vpaid.springserve.com
blank
8 ad.lkqd.net ask.fm
ad.lkqd.net
8 mc.yandex.com 2 redirects ask.fm
mc.yandex.ru
7 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
7 image2.pubmatic.com ads.pubmatic.com
7 ads.betweendigital.com get.optad360.io
ads.betweendigital.com
7 v.lkqd.net ad.lkqd.net
6 serving.stat-rock.com get.optad360.io
6 adx.adform.net get.optad360.io
ad.lkqd.net
6 ad.turn.com 6 redirects
6 d3r6ceqp4shltl.cloudfront.net ask.fm
d3r6ceqp4shltl.cloudfront.net
5 ads-eu.v.ssp.yahoo.com
5 c1.adform.net 3 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
5 onetag-sys.com get.optad360.io
sync.quantumdex.io
5 sync.1rx.io 5 redirects
4 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
sync.quantumdex.io
4 ups.analytics.yahoo.com 4 redirects
4 image6.pubmatic.com ads.pubmatic.com
4 acdn.adnxs.com vpaid.springserve.com
get.optad360.io
4 match.adsrvr.org 3 redirects ssum-sec.casalemedia.com
4 dbq8hrmshvuto.cloudfront.net ask.fm
3 px.owneriq.net 2 redirects ssum-sec.casalemedia.com
3 ap.lijit.com 3 redirects
3 sync.bumlam.com 3 redirects
3 sync-tm.everesttech.net 2 redirects ssum-sec.casalemedia.com
3 match.prod.bidr.io 2 redirects ads.pubmatic.com
3 aktrack.pubmatic.com
3 vid.pubmatic.com vpaid.pubmatic.com
3 sync.mathtag.com 3 redirects
3 vpaid.springserve.com ad.lkqd.net
3 vidoomy-d.openx.net 1 redirects ad.lkqd.net
3 a.vidoomy.com ask.fm
3 colossalcoat.com ask.fm
colossalcoat.com
3 ask.fm serving.stat-rock.com
2 pm.w55c.net 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 bcp.crwdcntrl.net 1 redirects ssum-sec.casalemedia.com
2 pixel.advertising.com 2 redirects
2 sync.go.sonobi.com sync.quantumdex.io
2 id5-sync.com 1 redirects sync.quantumdex.io
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 sync3.adsniper.ru 2 redirects
2 px.adhigh.net 2 redirects
2 ads.creative-serving.com 2 redirects
2 js-sec.indexww.com get.optad360.io
ssum-sec.casalemedia.com
2 secure.adnxs.com 1 redirects ssum-sec.casalemedia.com
2 pr-bh.ybp.yahoo.com ads.pubmatic.com
ssum-sec.casalemedia.com
2 a.audrte.com 1 redirects ads.pubmatic.com
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 vid-io-cle.springserve.com vpaid.springserve.com
2 pixel.quantserve.com 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 image4.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 mug.criteo.com
2 script.4dex.io get.optad360.io
script.4dex.io
2 gum.criteo.com 1 redirects
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 get.optad360.io d3r6ceqp4shltl.cloudfront.net
get.optad360.io
2 connect.facebook.net d3r6ceqp4shltl.cloudfront.net
connect.facebook.net
2 sync.targeting.unrulymedia.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 mc.yandex.ru 1 redirects d3r6ceqp4shltl.cloudfront.net
1 event.clientgear.com 1 redirects
1 sync.ipredictive.com 1 redirects
1 match.bnmla.com ads.pubmatic.com
1 sync.extend.tv 1 redirects
1 match.sharethrough.com 1 redirects
1 ms.quantumdex.io 1 redirects
1 idsync.rlcdn.com ssum-sec.casalemedia.com
1 beacon.lynx.cognitivlabs.com 1 redirects
1 cache.betweendigital.com ads.betweendigital.com
1 cdn.connectad.io get.optad360.io
1 rtb.gumgum.com ads.pubmatic.com
1 ads.playground.xyz 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 green.erne.co 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 ad4m.at ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 p.rfihub.com 1 redirects
1 mwzeom.zeotap.com ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 search.spotxchange.com ad.lkqd.net
1 useast.quantumdex.io get.optad360.io
1 htlb.casalemedia.com get.optad360.io
1 prebid.a-mo.net get.optad360.io
1 prg.smartadserver.com get.optad360.io
1 cdn.jsdelivr.net get.optad360.io
1 stats.g.doubleclick.net www.google-analytics.com
1 www.facebook.com
1 cmp.optad360.io d3r6ceqp4shltl.cloudfront.net
1 www.googletagmanager.com d3r6ceqp4shltl.cloudfront.net
1 sonata-notifications.taptapnetworks.com 1 redirects
1 static.adsafeprotected.com ask.fm
1 esputnik.com ask.fm
1 ads.vidoomy.com ask.fm
0 an.yandex.ru Failed
0 loada.exelator.com Failed ads.pubmatic.com
0 i.connectad.io Failed get.optad360.io
319 120

This site contains links to these domains. Also see Links.

Domain
about.ask.fm
safety.ask.fm
support.ask.fm
www.facebook.com
instagram.com
twitter.com
vk.com
Subject Issuer Validity Valid
*.ask.fm
AlphaSSL CA - SHA256 - G2
2021-09-15 -
2022-10-17
a year crt.sh
*.cloudfront.net
Amazon
2021-03-19 -
2022-03-17
a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA
2021-08-06 -
2022-09-05
a year crt.sh
colossalcoat.com
R3
2021-09-11 -
2021-12-10
3 months crt.sh
*.esputnik.com
Sectigo RSA Domain Validation Secure Server CA
2019-11-28 -
2021-11-27
2 years crt.sh
mc.yandex.ru
Yandex CA
2021-07-28 -
2022-01-07
5 months crt.sh
static.adsafeprotected.com
Amazon
2021-01-06 -
2022-02-04
a year crt.sh
ad.lkqd.net
R3
2021-07-25 -
2021-10-23
3 months crt.sh
ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-13 -
2021-11-17
a year crt.sh
*.lkqd.net
DigiCert TLS RSA SHA256 2020 CA1
2021-07-09 -
2022-07-14
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-09-09 -
2021-12-08
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
*.optad360.io
Amazon
2020-12-17 -
2022-01-15
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020
2021-04-30 -
2022-06-01
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-08 -
2022-07-07
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-09-09 -
2021-12-07
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA
2020-01-30 -
2022-02-03
2 years crt.sh
*.a-mo.net
R3
2021-07-16 -
2021-10-14
3 months crt.sh
onetag-sys.com
R3
2021-07-26 -
2021-10-24
3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-02-05 -
2022-02-09
a year crt.sh
ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA
2020-08-06 -
2022-02-16
2 years crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2021-09-06 -
2022-10-07
a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018
2021-03-10 -
2022-03-29
a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2021-05-24 -
2021-11-17
6 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA
2021-03-30 -
2022-04-04
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2021-07-08 -
2022-08-08
a year crt.sh
*.springserve.com
Amazon
2021-04-30 -
2022-05-29
a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018
2021-03-11 -
2022-02-07
a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA
2019-09-18 -
2021-12-12
2 years crt.sh
*.match.prod.bidr.io
Amazon
2021-02-26 -
2022-03-27
a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020
2021-03-09 -
2022-04-10
a year crt.sh
*.audrte.com
Amazon
2021-01-26 -
2022-02-24
a year crt.sh
*.pbp.bf2.yahoo.com
DigiCert SHA2 High Assurance Server CA
2021-08-18 -
2021-11-17
3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2021-08-10 -
2022-09-11
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2020-04-23 -
2022-05-04
2 years crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-24 -
2022-03-26
a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-25 -
2021-12-26
a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2
2020-04-09 -
2022-06-08
2 years crt.sh
*.gumgum.com
Amazon
2021-06-05 -
2022-07-04
a year crt.sh
serving.stat-rock.com
R3
2021-08-22 -
2021-11-20
3 months crt.sh
connectad.io
Cloudflare Inc ECC CA-3
2021-05-16 -
2022-05-15
a year crt.sh
cache.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA
2019-11-08 -
2022-02-05
2 years crt.sh
s.amazon-adsystem.com
Amazon
2021-07-14 -
2022-06-27
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2021-03-18 -
2022-04-19
a year crt.sh
*.owneriq.net
GeoTrust RSA CA 2018
2021-01-29 -
2022-02-02
a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020
2021-03-22 -
2022-04-23
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-25 -
2022-03-28
a year crt.sh
*.id5-sync.com
R3
2021-07-13 -
2021-10-11
3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2
2020-12-06 -
2022-01-07
a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2021-04-29 -
2022-05-31
a year crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2
2021-01-06 -
2022-02-07
a year crt.sh

This page contains 59 frames:

Primary Page: https://ask.fm/francecoil85
Frame ID: A06C66B23B5F8428F63632A66033D88F
Requests: 116 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: B303E072E14F005DD75F33F8A52BE96F
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: FB6EA36E01ACAB490D70336DCBCF3172
Requests: 2 HTTP requests in this frame

Frame: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Frame ID: 75DA30C173BB51C45666D12C32A900C2
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 274586AAAE141A68A926280F144FF058
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: FA5BE33205C80B4C201FA91A5C05973C
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 9E5F5FE00EE4B79EB5671B5B79DAD595
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 1E2C7B2EC100E82C399FEC8DE7288E5C
Requests: 3 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: DE8B1E13E65FF92DC7D55139564DE4BA
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 93F5781D7C06FFFB571E1923E27B2E1E
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 7819054A6C6578BD7818CB0D5E447402
Requests: 6 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Frame ID: 32C7C2744ADE1123DD04654DF5697095
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: ED71CDB4FAB888EA8FB588F191135931
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 011F78A8B98E4BD72438860635EBFA55
Requests: 3 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Ffrancecoil85&schain=1.0,1!vidoomy.com,54345,1,1632353081357,,
Frame ID: 6E0C27190180C35B6ED237788D55F111
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 6A44442200B1DD7F9E13AF9181129B86
Requests: 13 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=453853BE-622D-4C70-AEBC-AD98526478D1
Frame ID: BB875DE61481CA535BA95865F828D863
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6377988007333069753
Frame ID: 52A544C9AE98DDA9DE526EE656E85A58
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 01C7489A1B9875224D73A2DDA60F70DB
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Frame ID: 1F84E0F47DE89EB5597304DA40782587
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Ffrancecoil85&schain=1.0,1!vidoomy.com,54345,1,1632353081358,,
Frame ID: 75F4B7D7A2508832B4B5EEECDEB4CA0F
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 919376B3AC86D9EA473B41575161193A
Requests: 14 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7010903107011868822
Frame ID: E5CA13BF932AACA1DD455C46981395E0
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: ED3BE86934722C0F30EBA778D40C3355
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Ffrancecoil85&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C20104624678227901967654445023%2C%2C
Frame ID: 8D8E6E5DD4EBCDE36F4B12C29FF94C3F
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 6D17B74DC6003E9B9B242A556988BA42
Requests: 4 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: B9FB020195D9E7C3C9EEAAB8102D7680
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=adconductor&gdpr=1&user_id=-8Rygq-XdYHgwX7R_Jdr2a-QcdPglHbSqMNXhRmq
Frame ID: 9B9B46DA7CFDCC3B149362D446AF4D27
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 1E2B7FBD1376C0E747B66A184A23EF4C
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 24972D2D9C6E6E40E17E4925476B6EF0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=a9oCQGlL7RfDx96AlSbvXhu8
Frame ID: AF1AD4369288958ABE0F3097ED1F4912
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 310027247E2A81E624CCF2DC37FE3E89
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=04bcb178-9cdd-4520-a8ea-d4849b09b8df-tuct84540bc&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 78C55FA3CF8F60546994C61FD33841A9
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: EEB2D64265277FD186C2E07C7D089C7C
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1632353081330
Frame ID: 657983FCA4211B4A6FDEE3FA6F9E086D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 97B3B4A5B284E8A9DC2857CEB6DD1926
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D71C054542C96090DFD9F1331F7572CB
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: EAB31B749366AD9AE14C87BD811C376F
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1632353084207
Frame ID: FE3429CD88AED8ED77871037A1DFB2E7
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: FEF60CCF1AF8D06AF8C40F70AEE89FD3
Requests: 11 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: F338C008FB2E03115E70CE6A614CC7B0
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 69CCDF48E7459E71EB6CDCA3E9E3560B
Requests: 5 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 7C74AA62CF0DF328213DDB600C533406
Requests: 10 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=3ace5b13-1f9d-510a-ada6-7ea4ccedc59d&CACHEBUSTER=698889
Frame ID: B91A277F23391F3FE5D64CE51474E5DE
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 517696376D0C9220E47ABEE8127E49A5
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: D76E16F36BA79C95887B5AFABDC666E6
Requests: 3 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 694B281363ACEE15530FC4243974AD76
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 6046DBF27C4E1431B9C330D3CDADBB5E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=D7absBiISqtshCr1N-La1YjzxlU
Frame ID: DD9BA3A78D41D16FCA60259440A033F7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:2u4omhjK1MtbBy5&gdpr=0&gdpr_consent=
Frame ID: 0A463B3F0F89B61FAA0F5AC9051173D1
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 16E93FF6F8CD4154850559BD11759EF2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A8C392066AB6478785FFF212652982AF
Frame ID: 6D88CA9338F255CE067E26804EFBC029
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=453853BE-622D-4C70-AEBC-AD98526478D1
Frame ID: AAEAB703EA8FFB7C01FCAEA3113C4F2D
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 6FA3BC73B091848CBC5CCABE15F0E50A
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 72B2999FA681F7158963DB54CB436B35
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 391450860E497B3C4423D838B558CDF4
Requests: 3 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Frame ID: 6F7ABD142D879837071018DD9149E9ED
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Ffrancecoil85&schain=1.0,1!vidoomy.com,54345,1,1632353085452,,
Frame ID: 46446CB6DFF82B04ECCBE12A2FDB6C14
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 07E89E72F3FFB3CEFF4006CC3B485B80
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Account Suspended - Ask.fm

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

319
Requests

97 %
HTTPS

25 %
IPv6

86
Domains

120
Subdomains

77
IPs

13
Countries

2607 kB
Transfer

6535 kB
Size

143
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9404.sL5XyQcRcY18kO_aKdiq7Zx1H6C0eCrthg46vjfsbhwzFoDRjoADS6J9A46X5q-n.wrxX4RvgKQY7MwDRv8icleVhx1Q%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9404._fozvwKigEs6A9TfWYJsshu78BZ0hsz_wJQE1dhptiMhrdPNoJGLpexs5nVqnkH91Tvmb6dHbBRUrZIpuihXKA%2C%2C.-4TC2aOwKQ68e416m5clAhikfCs%2C
Request Chain 40
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Request Chain 41
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=419301798.84164991883755049.304036 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=419301798.84164991883755049.304036 HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=vidoomy&bsw_custom_parameter=e330c04b-dea3-4b7e-bf6a-438dd4f0a607&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=vidoomy&user_id=csonata_5a70c2eb-e98b-4260-b67b-785e24f71eeb&bsw_param=e330c04b-dea3-4b7e-bf6a-438dd4f0a607&expires=10 HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=e330c04b-dea3-4b7e-bf6a-438dd4f0a607
Request Chain 42
  • https://sync.1rx.io/usersync2/vidoomy?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7038772573 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7038772573 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/19e8b32c-8184-4af2-85b7-bc7580dd7727 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-376acdc3-5507-46a4-89e4-19c62868c632-003?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3DRX-376acdc3-5507-46a4-89e4-19c62868c632-003 HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-376acdc3-5507-46a4-89e4-19c62868c632-003
Request Chain 44
  • https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Ffrancecoil85&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A682%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A644%3Acn%3A1%3Adp%3A0%3Als%3A790637425521%3Ahid%3A603935308%3Az%3A0%3Ai%3A20210922232440%3Aet%3A1632353080%3Ac%3A1%3Arn%3A114828792%3Arqn%3A1%3Au%3A1632353080310271983%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632353079519%3Ads%3A23%2C319%2C154%2C106%2C0%2C0%2C%2C127%2C4%2C%2C%2C%2C626%3Adsn%3A22%2C320%2C154%2C106%2C0%2C0%2C%2C22%2C5%2C%2C%2C%2C625%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632353081%3At%3AAccount%20Suspended%20-%20Ask.fm HTTP 302
  • https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Ffrancecoil85&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A682%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A644%3Acn%3A1%3Adp%3A0%3Als%3A790637425521%3Ahid%3A603935308%3Az%3A0%3Ai%3A20210922232440%3Aet%3A1632353080%3Ac%3A1%3Arn%3A114828792%3Arqn%3A1%3Au%3A1632353080310271983%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632353079519%3Ads%3A23%2C319%2C154%2C106%2C0%2C0%2C%2C127%2C4%2C%2C%2C%2C626%3Adsn%3A22%2C320%2C154%2C106%2C0%2C0%2C%2C22%2C5%2C%2C%2C%2C625%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632353081%3At%3AAccount%20Suspended%20-%20Ask.fm
Request Chain 53
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3311340378148549493
Request Chain 58
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2518706843731342197
Request Chain 80
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2518706843731342197
Request Chain 90
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=RycPNHxpNUVyVnZsUGRnR3ppS3V3RXdIaU9Yb0tnOVlrOEkyeDVudzNnU2RiMHdUZ09kdktKcGRMc0lJVG5ibloyVXhZbnB4Q29CQWVicG9lK25hTnA2VTlITFVKbDZzL2sxRjhoNk94eVEvVHpnMVV4am5wVEJaRkFERFptVVZ5V2xINk1JQnEvNzlpc2Jrd3dSYUhsUFl5eVplWERWbG5TanZ0TnlvVjhjSjFqS0NkL05TamdNWThmbXo3QWdqdWhiblZIa2lUam11SFM0VG11Wk5MVGtrWk5ZU0RtNGxlOElZY2VwMzVOcmgvZThNPXw&cppv=2
Request Chain 106
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fask.fm%2Ffrancecoil85&cb=642062698&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C8227901967654445023453366442,, HTTP 302
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fask.fm%2Ffrancecoil85&cb=642062698&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C8227901967654445023453366442,, HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Request Chain 117
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fask.fm%2Ffrancecoil85&cb=642062698&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C8227901967654445023453366442,, HTTP 302
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fask.fm%2Ffrancecoil85&cb=642062698&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C8227901967654445023453366442,,
Request Chain 132
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 133
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 137
  • https://c1.adform.net/serving/cookie/match?party=14&cid=453853BE-622D-4C70-AEBC-AD98526478D1 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=453853BE-622D-4C70-AEBC-AD98526478D1
Request Chain 138
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6377988007333069753
Request Chain 140
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RThTvmItTHCuvK2YUmR40Q%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RThTvmItTHCuvK2YUmR40Q%3D%3D&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 141
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3df0614b-bb3a-4400-9cf5-acab53100f8d
Request Chain 142
  • https://pixel.onaudience.com/?partner=214&mapped=453853BE-622D-4C70-AEBC-AD98526478D1 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
Request Chain 143
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDUzODUzQkUtNjIyRC00QzcwLUFFQkMtQUQ5ODUyNjQ3OEQx&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDUzODUzQkUtNjIyRC00QzcwLUFFQkMtQUQ5ODUyNjQ3OEQx&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 144
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJH7b30vTh0uCVEX7_hqgZc&google_cver=1
Request Chain 146
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=19e8b32c-8184-4af2-85b7-bc7580dd7727
Request Chain 147
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5121012387558385027
Request Chain 148
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:230b614b-bb39-4300-b04d-1511c93daab7&gdpr=0&gdpr_consent=
Request Chain 149
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7636156164787956838&gdpr=0&gdpr_consent=
Request Chain 150
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=CqjSwF771cMRrd6TDfvLm1780ZER-NaQWa_WUhU1
Request Chain 169
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7010903107011868822
Request Chain 170
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDSGMwN0NsM1lBQUFoWGt3dFJSdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 171
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=453853BE-622D-4C70-AEBC-AD98526478D1&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=453853BE-622D-4C70-AEBC-AD98526478D1&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=453853BE-622D-4C70-AEBC-AD98526478D1&addseg=19,36,42
Request Chain 172
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=453853BE-622D-4C70-AEBC-AD98526478D1&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=453853BE-622D-4C70-AEBC-AD98526478D1&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 174
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=453853BE-622D-4C70-AEBC-AD98526478D1 HTTP 302
  • https://a.audrte.com/p
Request Chain 175
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=453853BE-622D-4C70-AEBC-AD98526478D1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=453853BE-622D-4C70-AEBC-AD98526478D1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ema40KJE2uVtGrTJ.lnwbAryE8FbFwM-~A&gdpr=0&gdpr_consent=
Request Chain 177
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=875739029850004032&expires=30&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e330c04b-dea3-4b7e-bf6a-438dd4f0a607&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 179
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YUu7OwADldn0ewAR HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YUu7OwADldn0ewAR&gdpr=0&gdpr_consent=&_test=YUu7OwADldn0ewAR
Request Chain 180
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2518706843731342197&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 181
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 182
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:8adb45b7-4333-46c1-98a0-198a286cc8fc&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 194
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 195
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-376acdc3-5507-46a4-89e4-19c62868c632-003&rndcb=3064578312 HTTP 302
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=adconductor&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=adconductor&gdpr=1&user_id=-8Rygq-XdYHgwX7R_Jdr2a-QcdPglHbSqMNXhRmq
Request Chain 198
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=a9oCQGlL7RfDx96AlSbvXhu8
Request Chain 199
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 200
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=04bcb178-9cdd-4520-a8ea-d4849b09b8df-tuct84540bc&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 202
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7636156164787956838
Request Chain 227
  • https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 228
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=e330c04b-dea3-4b7e-bf6a-438dd4f0a607 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=e330c04b-dea3-4b7e-bf6a-438dd4f0a607 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=05865562-f166-4d74-b724-1e510ee18879&ssp=between&expires=30&user_group=5&bsw_param=e330c04b-dea3-4b7e-bf6a-438dd4f0a607 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=e330c04b-dea3-4b7e-bf6a-438dd4f0a607
Request Chain 229
  • https://px.adhigh.net/p/cm/btw HTTP 302
  • https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=Mml1rvnRJE8.AikABlF8D9Nlzg
Request Chain 230
  • https://sync.bumlam.com/?src=bw1&uid=3ace5b13-1f9d-510a-ada6-7ea4ccedc59d HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABi89q6KBlIFvp7KygpiJDNhY2U1YjEzLTFmOWQtNTEwYS1hZGE2LTdlYTRjY2VkYzU5ZA** HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARi89q6KBlIFvp7KygpiJDNhY2U1YjEzLTFmOWQtNTEwYS1hZGE2LTdlYTRjY2VkYzU5ZKIBEEU8Vb4b_BHshuAAJZDAZHw* HTTP 302
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQABi89q6KBmIkM2FjZTViMTMtMWY5ZC01MTBhLWFkYTYtN2VhNGNjZWRjNTlkogEQRTxVvhv8EeyG4AAlkMBkfA** HTTP 302
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQARi89q6KBmIkM2FjZTViMTMtMWY5ZC01MTBhLWFkYTYtN2VhNGNjZWRjNTlkogEQRTxVvhv8EeyG4AAlkMBkfA** HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=18&external_user_id=453c55be-1bfc-11ec-86e0-002590c0647c
Request Chain 231
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.betweendigital.com/match?bidder_id=114&external_user_id=cf49f7aed0b0044759579798
Request Chain 235
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YUu7PDFHrsWDWEQng1By6AAABK8AAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKNkQ6hQn_d53MTHkTxBuxY&google_cver=1
Request Chain 236
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YUu7PDFHrsWDWEQng1By6AAABK8AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YUu7PDFHrsWDWEQng1By6AAABK8AAAAB&dcc=t
Request Chain 238
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YUu7PDFHrsWDWEQng1By6AAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHHcj_ZTyDWN74UsEbw7OaU&google_cver=1&gdpr=1
Request Chain 239
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6856394842015386902&uid=Q6856394842015386902&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 240
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=4307ec3c-db09-48c2-bf06-76aeaa61b3a5&expiration=1663889085
Request Chain 244
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ym2eS9hE2uHNM7KHG1jnKHR7.E9wcM32q7l1dB8-~A
Request Chain 245
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=cf49f7aed0b0044759579798
Request Chain 246
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-376acdc3-5507-46a4-89e4-19c62868c632-003&rndcb=3434185476 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=e330c04b-dea3-4b7e-bf6a-438dd4f0a607&google_hm=ZTMzMGMwNGItZGVhMy00YjdlLWJmNmEtNDM4ZGQ0ZjBhNjA3 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEG1_trK-zeNWJzB7eM4nkkQ&google_cver=1&ssp=adconductor&bsw_param=e330c04b-dea3-4b7e-bf6a-438dd4f0a607 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/e330c04b-dea3-4b7e-bf6a-438dd4f0a607?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-376acdc3-5507-46a4-89e4-19c62868c632-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-376acdc3-5507-46a4-89e4-19c62868c632-003 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-376acdc3-5507-46a4-89e4-19c62868c632-003
Request Chain 247
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7636156164787956838
Request Chain 248
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=46bfd5b7-139e-46f5-a8b4-20e8c9e3df44
Request Chain 249
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=060d8968-fd4b-4137-9107-abbbd6ab2e42
Request Chain 250
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Request Chain 252
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7636156164787956838
Request Chain 253
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP453c7018-1bfc-11ec-b823-02d121a62cd4 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP453c7018-1bfc-11ec-b823-02d121a62cd4
Request Chain 261
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3df0614b-bb3a-4400-9cf5-acab53100f8d&gdpr=1&gdpr_consent=
Request Chain 262
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2518706843731342197
Request Chain 264
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YUu7PDFHrsWDWEQng1By6AAA%261199?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YUu7PDFHrsWDWEQng1By6AAA%261199?gdpr_consent=&us_privacy=&gdpr=1
Request Chain 265
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=6fd15022-8490-46a7-b109-2f7efe80b185
Request Chain 266
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=NKSuwpdrS0JncvTc5evsKYjzxlU
Request Chain 268
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=D7absBiISqtshCr1N-La1YjzxlU
Request Chain 269
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:2u4omhjK1MtbBy5&gdpr=0&gdpr_consent=
Request Chain 271
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A8C392066AB6478785FFF212652982AF
Request Chain 273
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=45744966-1bfc-11ec-98c4-1112683929aa&gdpr=0&gdpr_consent=
Request Chain 276
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=e330c04b-dea3-4b7e-bf6a-438dd4f0a607 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mk30b3deb7-33ac-4f8c-bc1f-1ee58c550adc&expires=7&user_group=5&ssp=between&bsw_param=e330c04b-dea3-4b7e-bf6a-438dd4f0a607 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=e330c04b-dea3-4b7e-bf6a-438dd4f0a607
Request Chain 287
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2518706843731342197
Request Chain 290
  • https://sync.bumlam.com/?src=aid0 HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=453c55be-1bfc-11ec-86e0-002590c0647c HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=453c55be-1bfc-11ec-86e0-002590c0647c&bounce=1 HTTP 302
  • https://sync.bumlam.com/?src=aid1&uid=PnH0LS5CiWZEC6ONmwVlMA& HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=PnH0LS5CiWZEC6ONmwVlMA&extra2=aidata HTTP 302
  • https://sync3.sniperlog.ru/?src=ggl&extra1=PnH0LS5CiWZEC6ONmwVlMA&extra2=aidata&google_gid=CAESELXLyTDX1-tsZJMBUgLvRdQ&google_cver=1 HTTP 301
  • https://sync.bumlam.com/?src=ggl&extra1=PnH0LS5CiWZEC6ONmwVlMA&extra2=aidata&google_gid=CAESELXLyTDX1-tsZJMBUgLvRdQ&google_cver=1 HTTP 302
  • https://an.yandex.ru/setud/adsniper/fe1dafd4982a309e?sign=3279833605
Request Chain 292
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1985563784&gdpr=0&gdpr_consent=&pageUrl=https%3A%2F%2Fask.fm%2Ffrancecoil85&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1985563784&gdpr=0&gdpr_consent=&pageUrl=https%3A%2F%2Fask.fm%2Ffrancecoil85&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=9a7daa03-3f90-42c2-85a9-e941c9f77f00&a.is_yahoo=3&redirect_y=dHM9MTYzMjM1MzA4NTU0NS40OTY4MjY6YXBpZD1VUDQ1M2M3MDE4LTFiZmMtMTFlYy1iODIzLTAyZDEyMWE2MmNkNDpyZXF1ZXN0X2lkPTlhN2RhYTAzLTNmOTAtNDJjMi04NWE5LWU5NDFjOWY3N2YwMA==
Request Chain 293
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1184215378&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Ffrancecoil85&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1184215378&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Ffrancecoil85&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=766d7f3d-a40c-495b-bfb0-40813e2c0719&a.is_yahoo=3&redirect_y=dHM9MTYzMjM1MzA4NTU0NS4zNzUwMDA6YXBpZD1VUDQ1M2M3MDE4LTFiZmMtMTFlYy1iODIzLTAyZDEyMWE2MmNkNDpyZXF1ZXN0X2lkPTc2NmQ3ZjNkLWE0MGMtNDk1Yi1iZmIwLTQwODEzZTJjMDcxOQ==
Request Chain 296
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1530863467&gdpr=0&gdpr_consent=&pageUrl=https%3A%2F%2Fask.fm%2Ffrancecoil85&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1530863467&gdpr=0&gdpr_consent=&pageUrl=https%3A%2F%2Fask.fm%2Ffrancecoil85&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=3306de59-3a99-458d-8dfc-d571df1b19b7&a.is_yahoo=3&redirect_y=dHM9MTYzMjM1MzA4NTU0Ny4zMzQ5NjE6YXBpZD1VUDQ1M2M3MDE4LTFiZmMtMTFlYy1iODIzLTAyZDEyMWE2MmNkNDpyZXF1ZXN0X2lkPTMzMDZkZTU5LTNhOTktNDU4ZC04ZGZjLWQ1NzFkZjFiMTliNw==
Request Chain 297
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=26848116&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Ffrancecoil85&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=26848116&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Ffrancecoil85&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=8aac3a0a-786b-4233-915c-9c0594160313&a.is_yahoo=3&redirect_y=dHM9MTYzMjM1MzA4NTU0Ny42MDgxNTQ6YXBpZD1VUDQ1M2M3MDE4LTFiZmMtMTFlYy1iODIzLTAyZDEyMWE2MmNkNDpyZXF1ZXN0X2lkPThhYWMzYTBhLTc4NmItNDIzMy05MTVjLTljMDU5NDE2MDMxMw==
Request Chain 304
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1211625530&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Ffrancecoil85&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1211625530&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Ffrancecoil85&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=a133a4e7-465e-48c6-abdf-0a1f29c79316&a.is_yahoo=3&redirect_y=dHM9MTYzMjM1MzA4NTU1Mi42MDcxNzg6YXBpZD1VUDQ1M2M3MDE4LTFiZmMtMTFlYy1iODIzLTAyZDEyMWE2MmNkNDpyZXF1ZXN0X2lkPWExMzNhNGU3LTQ2NWUtNDhjNi1hYmRmLTBhMWYyOWM3OTMxNg==

319 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set francecoil85
ask.fm/
13 KB
15 KB
Document
General
Full URL
https://ask.fm/francecoil85
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.138.77.140 , Latvia, ASN395754 (ASK-FM, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
56db5359eda573e81167aabe658fbc2c7ec3a9678d640f9fd7e356bca080c74d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
ask.fm
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Status
410 Gone
Cache-Control
no-cache
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Date
Wed, 22 Sep 2021 23:24:39 GMT
Set-Cookie
locale=de; path=/; expires=Fri, 23 Sep 2022 05:24:39 GMT uuid=32c41fc8-bdf5-4dd5-8592-9237e7aa5f39; path=/; expires=Fri, 23 Sep 2022 05:24:39 GMT; secure; HttpOnly country=DE; path=/; expires=Fri, 23 Sep 2022 05:24:39 GMT _m_ask_fm_session=VHgrVGpWZ0hJa3I0OEhGR1ZyUXh3akI4Mlg3aGJZcThkeHhLR0FHT0tDckhLRGZzZDNMQk1DRlZUQkNDU1VlRmF2YkJIM1d0NGhrdE1TVzJ6Vi94WEZLVS9lQjRFakp2NEkvY2JsTk81K1R2NDlReG1BdzBWYUhHZ3dhdTNKOGVBaEdhTHgzeHFwSFl2SUUrZURpTDRraEcvV0lDaE5CcWtpeWtkVytNZjduWWNmQ3FtMzVWYjM3bmVzOVFLMTJTY1JFSHh4SXRtb3hVM211dWZWQ2hiNVI4a2tYS3Z6WFJQejlReEdnUjdYcEJPQncwV1ZiNXZEWWxvMWh3VSs2MC0tQWxRek5YcjhzS0JBUGo1OXd2N1BnUT09--8c5bdc40ce3814a4628afe7ce6b2b356ef3e20e5; path=/; expires=Sat, 25 Sep 2021 23:24:39 GMT; secure; HttpOnly
Server
Ask.FM Web Service
Content-Security-Policy
frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security
max-age=63072000
application_ltr-e431b1b76f357244f36acf55909bf2867bff80742139afe7b2313cff66aa5d39.css
d3r6ceqp4shltl.cloudfront.net/assets/
205 KB
44 KB
Stylesheet
General
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-e431b1b76f357244f36acf55909bf2867bff80742139afe7b2313cff66aa5d39.css
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f600:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
f35eb63af5172e2882f9880d0668b3517869ae1dcf15cec3b5b4ebd506ffb544
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:00:24 GMT
content-encoding
gzip
vary
Accept-Encoding
age
224656
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000
access-control-allow-origin
https://ask.fm
last-modified
Mon, 20 Sep 2021 08:56:03 GMT
server
Ask.FM Web Service
etag
W/"61484ca3-33492"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
via
1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
QLHM1IPypS1-xVVpNk3-FbfN3euHkDS1aiHVC7E2tB3_YcvR5u5s3g==
expires
Thu, 31 Dec 2037 23:55:55 GMT
application-f82948a8cf5896011175c1fbf42c5b3ad45aaa9cfae7d60fa0f42812eb0e410e.js
d3r6ceqp4shltl.cloudfront.net/assets/
216 KB
68 KB
Script
General
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/application-f82948a8cf5896011175c1fbf42c5b3ad45aaa9cfae7d60fa0f42812eb0e410e.js
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f600:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
68bbd771eecb76f98639a65674facba6df78abad6550a712aff0d30fefe11c71
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:00:23 GMT
content-encoding
gzip
vary
Accept-Encoding
age
224657
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000
access-control-allow-origin
https://ask.fm
last-modified
Mon, 20 Sep 2021 08:56:04 GMT
server
Ask.FM Web Service
etag
W/"61484ca4-35fe0"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
_9MZdQvhiuzh2NR93_qpDHHpJufErpYHfijCJmk2GQCQhfFIJOpTzg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
askfm_4249.js
ads.vidoomy.com/
6 KB
6 KB
Script
General
Full URL
https://ads.vidoomy.com/askfm_4249.js
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.129.250.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-129-250-65.us-east-2.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash
7cb4560c15852d4f239dbe2b2fb095b3e1dcd15086b7a4307d42ae1e6c20c139

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:40 GMT
Server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By
PHP/7.0.33
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
Content-Length
5794
account-suspended.gif
d3r6ceqp4shltl.cloudfront.net/images/errors/
380 KB
381 KB
Image
General
Full URL
https://d3r6ceqp4shltl.cloudfront.net/images/errors/account-suspended.gif
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f600:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
b570d38ee9fb9d3c62cdd3395021b23cf0c1b8d6e55aa0f4c31496723a30c202
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 15:38:28 GMT
via
1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
age
3051972
x-cache
Hit from cloudfront
content-length
388641
last-modified
Wed, 18 Aug 2021 12:19:47 GMT
server
Ask.FM Web Service
etag
"611cfae3-5ee21"
strict-transport-security
max-age=63072000
content-type
image/gif
cache-control
max-age=315360000, public
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
1ITEngjgBUjSp8d2VJN3jfC3ixsmUMXt91MS2D5xYuvh0WOZMFvsjw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
v2doydDDr7mj6NrgHnAK5ak-qxBmJSRZTUAYuHM-2FpCgUsDt2NNH9aFlN0Jtm2lc
colossalcoat.com/
103 KB
30 KB
Script
General
Full URL
https://colossalcoat.com/v2doydDDr7mj6NrgHnAK5ak-qxBmJSRZTUAYuHM-2FpCgUsDt2NNH9aFlN0Jtm2lc
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
de69013632e3fa8cedea3a81fdeb42add94c60cd24b30f5bde0c289b0f6f549c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"7796c0b3069549379f0bb7e2e12b057a0e4c4c779190a66b7178ee145e3c6d43"
vary
Accept-Encoding, Accept-Language
x-hostname
0586a9fb
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Wed, 22 Sep 2021 23:24:40 GMT
timing-allow-origin
*
scripts
esputnik.com/scripts/v1/public/
36 KB
11 KB
Script
General
Full URL
https://esputnik.com/scripts/v1/public/scripts?apiKey=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI0NTI0ZWZhYTJkYzI2MGRmYTM4YTE1NDBlMWFlYmU1M2QxYjUyMDE3MzM0OWZhOTIxZGExMGU3OWRmYzEwMDRmMjJhOGU1MzE1ZmJlYTIyZTBhMDMzY2FhODU3ZDgzNTY1MGFhYTM0NjEwNjUzNGMxZTcyMjRhOTU2ODVlYmQ0N2JkZDhlYjZkNmIyMDc0NWFhNDY3YjIyMWI0ODI0NTE2MGY4ZmU1OTY5MDU3In0.G6LVcfCiI7Js2CYtqG0BsrNJdgaviLhvqlodAVkkBkzVwQmSlSOsrIkTvP_QNoXGzaogwOdqcjtaXPMKvwWD0A&domain=1152F29B-9126-4F22-869C-ECC03B33FB2B
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:ac8:b920:9466:f230:a20d:7fc0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0df33bbf056c61ab7c3c2d0bbfe612a27d73899ff4e9379a65592d3894209531
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 22 Sep 2021 23:24:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=300
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Expires
Wed, 22 Sep 2021 23:29:40 GMT
tag.js
mc.yandex.ru/metrika/
191 KB
65 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-f82948a8cf5896011175c1fbf42c5b3ad45aaa9cfae7d60fa0f42812eb0e410e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8a9820e7a05173822b9285ee2c2815e16b058bd2c40bc7ca8ba5387f7a6840ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:40 GMT
content-encoding
br
last-modified
Wed, 22 Sep 2021 17:36:09 GMT
etag
"614b3f59-1031b"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
66331
expires
Thu, 23 Sep 2021 00:24:40 GMT
1012352.jpg
d16vsmxl4d5tw1.cloudfront.net/355/d88f5/a692/4d1c/8fd9/9b6de4a31224/thumb/
5 KB
5 KB
Image
General
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/355/d88f5/a692/4d1c/8fd9/9b6de4a31224/thumb/1012352.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:0:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32303ccaadd9a7b47bc29334d09dee7bce4f405625148103fae44e831fee6384

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 02:17:19 GMT
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
last-modified
Mon, 21 Jan 2019 14:20:31 GMT
server
AmazonS3
age
76041
etag
"42d6b4a444f21603cbf57f7b95939e43"
x-edge-origin-shield-skipped
0
x-amz-version-id
tJPLFlrYgzX2qnhzdCBxQhhLfcJ60wM5
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/jpeg
content-length
4954
x-amz-cf-id
fz_8Gvw-dUB3otO9Ol7RP6BMLt8biY7UwHOncKGfU4hI2gKI0Hk90w==
81604.jpg
d16vsmxl4d5tw1.cloudfront.net/f96/40637/cc56/4a02/afeb/3538926436ac/thumb/
2 KB
3 KB
Image
General
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/f96/40637/cc56/4a02/afeb/3538926436ac/thumb/81604.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:0:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f1333d06c7b7c309055933a296cbcc51db3e0ac6455aa893499b44e90a4f8660

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 22:04:43 GMT
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
last-modified
Mon, 13 Aug 2018 12:26:44 GMT
server
AmazonS3
age
4798
etag
"90c68a5f3a4e28947054805b7bccf399"
x-edge-origin-shield-skipped
0
x-amz-version-id
kjy5F_OfwWs5LSBu3a.fYJYrI3N4BzjO
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/jpeg
content-length
2474
x-amz-cf-id
xVfUnM_Ithus_VC9RUxzduZj43ydAkE8gBRy5__J-uWj8utoUpn5Hg==
10074.jpg
d16vsmxl4d5tw1.cloudfront.net/0fe/86202/b4bc/4b12/961f/952d680d9000/thumb/
3 KB
3 KB
Image
General
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/0fe/86202/b4bc/4b12/961f/952d680d9000/thumb/10074.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:0:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
57018bdfea5f2c7c7e38e3aac19da8880512db7f1f121b21fed1ea41e3021b58

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 22:05:03 GMT
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
last-modified
Sun, 21 Oct 2018 15:29:04 GMT
server
AmazonS3
age
4778
etag
"54d6facc606174d6928c10bfaee7d414"
x-edge-origin-shield-skipped
0
x-amz-version-id
UE_V7Tw_bSFzPOfzIfMXDlts4Y0IPzRE
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/jpeg
content-length
3102
x-amz-cf-id
4eoYyMt9VSWEvbu9fnpEYJzp0JqU7_tb6zkHuXOhosvNUVHHtbx_WQ==
991735.jpg
d16vsmxl4d5tw1.cloudfront.net/1e0/80e25/2305/4a90/922d/3117578b2f49/thumb/
2 KB
2 KB
Image
General
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/1e0/80e25/2305/4a90/922d/3117578b2f49/thumb/991735.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:0:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0453226709ae7d3bc65bc7fe005bc6bd69bf17590c3b0396d6bf64a016226b44

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 22:45:26 GMT
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
last-modified
Wed, 31 Jan 2018 02:17:20 GMT
server
AmazonS3
age
2355
etag
"5b0ee2bb95c549cc865d0c2f18fab49d"
x-edge-origin-shield-skipped
0
x-amz-version-id
XEi3OEaqgMn2esST5v_INGYEZUZz0tDO
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/jpeg
content-length
1806
x-amz-cf-id
bsxtShYE4KJfYaacJihn9PqRoiukAGxEX_o1DX6-kWmT1P-W0MUXEQ==
153129.jpg
dbq8hrmshvuto.cloudfront.net/c8d/86792/78af/4eeb/beec/0acee2cd64b2/thumb/
3 KB
4 KB
Image
General
Full URL
https://dbq8hrmshvuto.cloudfront.net/c8d/86792/78af/4eeb/beec/0acee2cd64b2/thumb/153129.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:b200:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ae85aa49d4acbc64c9b1b76252d301ce65961fe727c4b6b78e43ab5e16f9c440

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 22:28:46 GMT
via
1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
last-modified
Thu, 26 Mar 2020 23:57:11 GMT
server
AmazonS3
age
3355
etag
"2d0cfc53635e5c5d6dcdf500f4cc70a8"
x-edge-origin-shield-skipped
0
x-amz-version-id
ZTVDfOXE9e0sUdGrWSEbxgPDZw6AISpC
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
3298
x-amz-cf-id
ofCLmgjoacnY1nTpMvgLpFd1RRpqD-MGsms3RF69SpCo9on7ObZRAw==
91078.jpg
d16vsmxl4d5tw1.cloudfront.net/10b/53eeb/1f78/4f3c/96b0/a448d936fb70/thumb/
3 KB
4 KB
Image
General
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/10b/53eeb/1f78/4f3c/96b0/a448d936fb70/thumb/91078.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:0:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3c5025aec0774ec6504613b641c28ea07a125675ed934e842b55512705d1953e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 22:51:58 GMT
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
last-modified
Sat, 20 Jul 2019 02:14:17 GMT
server
AmazonS3
age
1962
etag
"7425929cb543a1a203401ba903defe52"
x-edge-origin-shield-skipped
0
x-amz-version-id
T15oRArfjGV19hCYRhnAeik.aCNROjX6
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/jpeg
content-length
3465
x-amz-cf-id
RRVd2UgZ4Z8t2t_3h0Ip3IWUodfruyTkL-oBeVoY-Jw29HT8fdEzDg==
65904.jpg
dbq8hrmshvuto.cloudfront.net/2cb/ace25/ffb5/4af6/8cd8/1884967defa2/thumb/
6 KB
7 KB
Image
General
Full URL
https://dbq8hrmshvuto.cloudfront.net/2cb/ace25/ffb5/4af6/8cd8/1884967defa2/thumb/65904.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:b200:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7d686d177219cc6723399b79208b78f7d3d39403d39ee4ad9bcdb69227613598

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:59:59 GMT
via
1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
last-modified
Mon, 11 May 2020 18:19:49 GMT
server
AmazonS3
age
12282
etag
"cd5192f64a4a712a2501c685b0353486"
x-edge-origin-shield-skipped
0
x-amz-version-id
kzmcqJTucnUaSHjMW4lFdRRpPruk.9cF
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
6565
x-amz-cf-id
2DfCckctZO2EfddVc-zvsX5YOhA2xiMfdOiwX5C4Y1yvUQ9MkBJI7A==
50982.jpg
d16vsmxl4d5tw1.cloudfront.net/066/7b080/0ac0/4c09/8616/c7da18d5053d/thumb/
3 KB
3 KB
Image
General
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/066/7b080/0ac0/4c09/8616/c7da18d5053d/thumb/50982.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:0:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f155465a57aa2c4f24e404151482ddd419ef393fa2ce9894402ad10d5c240fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 22:04:43 GMT
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
last-modified
Sun, 29 Apr 2018 04:43:47 GMT
server
AmazonS3
age
4798
etag
"f1b56d43540c5b14474f26ae151d2ea4"
x-edge-origin-shield-skipped
0
x-amz-version-id
7bCW_CHXCLvykWqDYiOHbxZmOqQBmTlP
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/jpeg
content-length
2793
x-amz-cf-id
qbR8PM-jxO5PYZ4KSkMom-Q_4Tv36XheHiyVnmyfN2PLHbREk0jdxQ==
43159.jpg
d16vsmxl4d5tw1.cloudfront.net/fc9/b9abf/357f/4f34/839a/eaf11f6865f8/thumb/
4 KB
4 KB
Image
General
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/fc9/b9abf/357f/4f34/839a/eaf11f6865f8/thumb/43159.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:0:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e8b5778c20e28c6fd30311dcb2028a7025cbd8c1dfcab239c384c56788cad59d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 21:55:26 GMT
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
last-modified
Tue, 25 Jun 2019 17:59:39 GMT
server
AmazonS3
age
5355
etag
"3d49e113f624093063b1e080f0a9ef72"
x-edge-origin-shield-skipped
0
x-amz-version-id
M2iCVuUikCVLq7jmK8.PWTuCQWVQMes9
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/jpeg
content-length
3744
x-amz-cf-id
GrZGMm7Mfk0edSvFICbZTAcvWvJu5ZdLQdHVvKrbXlhafRlp-PBNhA==
19586.jpg
d16vsmxl4d5tw1.cloudfront.net/42e/7a334/0a16/42f8/ab5d/d63f59b5f81d/thumb/
2 KB
3 KB
Image
General
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/42e/7a334/0a16/42f8/ab5d/d63f59b5f81d/thumb/19586.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:0:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5bba4b0aa8b59105315db5767384353a717d2d7b11ce667bfe579c5f3a0e8f6e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 07:07:08 GMT
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
last-modified
Fri, 05 Jul 2019 02:55:06 GMT
server
AmazonS3
age
58653
etag
"37a7ec3822b3c5db54ca011f08cf2765"
x-edge-origin-shield-skipped
0
x-amz-version-id
o27e5pNQx11dpQ8Yn..Z8ma.okFNfIBX
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/jpeg
content-length
2453
x-amz-cf-id
dZhQ1KvbBbF7SO8ojfIm0lnsKUJwyk3LYLn9ATrMnQkheftYIMn1KQ==
202325.jpg
d16vsmxl4d5tw1.cloudfront.net/e6f/dcda3/4b9a/4a8b/90ed/f38437132912/thumb/
5 KB
5 KB
Image
General
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/e6f/dcda3/4b9a/4a8b/90ed/f38437132912/thumb/202325.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:0:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
98ebc5056d4a6a2df96e2494f95e23b1c8c4f8835b0d981464797e1a1d25517f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 07:34:35 GMT
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
last-modified
Wed, 26 Dec 2018 20:42:38 GMT
server
AmazonS3
age
57006
etag
"1ed48bcb956b3e439cac46750019f1a2"
x-edge-origin-shield-skipped
0
x-amz-version-id
YVVtvbSa8VZXl23BiT5g37dRfIGIwrzD
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/jpeg
content-length
4620
x-amz-cf-id
PflkC3qz_7Yqcqcwy8jrlT_ooz5HSPezqqjLS8xibViZ5NSoOQxZUw==
87612.jpg
d16vsmxl4d5tw1.cloudfront.net/c7e/0278e/d608/4824/b574/cdd7a54688da/thumb/
2 KB
2 KB
Image
General
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/c7e/0278e/d608/4824/b574/cdd7a54688da/thumb/87612.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:0:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b96436cae2acbe0c0bb91cab4ae9f63ba699afa4b81b8fcba9789caae688b88e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 08:03:35 GMT
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
last-modified
Sat, 01 Dec 2018 05:18:45 GMT
server
AmazonS3
age
55266
etag
"4462509e6dd395d4504ef0472ad176fe"
x-edge-origin-shield-skipped
0
x-amz-version-id
4rgTsjO5xRrB73lYtDK5ZzDOHo3kZEAG
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/jpeg
content-length
1927
x-amz-cf-id
jlLfrHbiAOzl26WKL1BxERiATmJDy_bHdWGDLZzvPg2JmnZn5KfyUA==
133282.jpg
d16vsmxl4d5tw1.cloudfront.net/35e/218b1/1136/4df8/9f9d/a817d99e1262/thumb/
5 KB
6 KB
Image
General
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/35e/218b1/1136/4df8/9f9d/a817d99e1262/thumb/133282.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:0:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b5818cd490a65e90196944d943da9e0778cba66c35eb65fdc90591d3dff41bd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 21:57:58 GMT
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jun 2018 17:51:49 GMT
server
AmazonS3
age
5202
etag
"b7a41d78c90e2377898bb99a9bd6281f"
x-edge-origin-shield-skipped
0
x-amz-version-id
E9ppTEX3wl4lr0bxz0IB3YeI.GhYefaV
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/jpeg
content-length
5416
x-amz-cf-id
d86g1NcoL6odjSeY0ORKqURDUKlytwp07LRwYEfRGhbSnmFxLfK3Gg==
244886.jpg
d16vsmxl4d5tw1.cloudfront.net/e0a/4ac0d/47e4/48f8/bde8/771b0513cb5d/thumb/
6 KB
7 KB
Image
General
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/e0a/4ac0d/47e4/48f8/bde8/771b0513cb5d/thumb/244886.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:0:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
15c441afe891dac008a38a4b2c7a38cfb08b20ba3f54eff52171314d0f806b97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 22:08:38 GMT
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
last-modified
Sat, 29 Dec 2018 17:23:30 GMT
server
AmazonS3
age
4563
etag
"13849ff52bf631118b9b79050f6dc89f"
x-edge-origin-shield-skipped
0
x-amz-version-id
Rbtst4mRWpCdTEWlxcPC3XlyVJgTR6Su
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/jpeg
content-length
6444
x-amz-cf-id
5lKegsb3_X6ZcabQNmdzFlx6GyDzrtK-ke1S1UrzYsqlOYoewtSBUg==
53822.jpg
dbq8hrmshvuto.cloudfront.net/c1b/3ad73/7a7b/4f95/b128/bfccb3f8f4b0/thumb/
2 KB
3 KB
Image
General
Full URL
https://dbq8hrmshvuto.cloudfront.net/c1b/3ad73/7a7b/4f95/b128/bfccb3f8f4b0/thumb/53822.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:b200:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2e49befdf2448b77fbb6122a7168995c325fd7c9f2edf7251f643eb6b388f6f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 21:55:13 GMT
via
1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
last-modified
Sun, 10 May 2020 18:42:40 GMT
server
AmazonS3
age
5368
etag
"f401b96c731b21e5580632d14cb5abff"
x-edge-origin-shield-skipped
0
x-amz-version-id
H4ws2iLj.9.WOp71wDDPzVoX7Yf2pWhT
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
2224
x-amz-cf-id
U3459ZLjT6l9mUkWKS4DF6s9ctq-H7BkwNCamcRidiA1CAVXYbhwcw==
290775.jpg
d16vsmxl4d5tw1.cloudfront.net/28a/e17bd/fad6/46ba/badb/10c638b49ca1/thumb/
2 KB
2 KB
Image
General
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/28a/e17bd/fad6/46ba/badb/10c638b49ca1/thumb/290775.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:0:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d3e882427c0e2024329dcdf2db8bf2f25aaf5b0f89f9ec59323dcd2a76dc2db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:06:52 GMT
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
last-modified
Fri, 11 May 2018 11:15:21 GMT
server
AmazonS3
age
1069
etag
"85fa6273a6c7b81daa484f7a05174dff"
x-edge-origin-shield-skipped
0
x-amz-version-id
TSqFFlsngopP5FUsKqFIyBosY9w5fDPq
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/jpeg
content-length
1741
x-amz-cf-id
FAIVfF3B0UBjpAOB_IfHFb4swvCvwaHP7lOQA1ivnweLY3PEK0VQ4Q==
606956.png
d16vsmxl4d5tw1.cloudfront.net/b1f/68485/b564/4330/b25c/932929659b49/thumb/
5 KB
5 KB
Image
General
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/b1f/68485/b564/4330/b25c/932929659b49/thumb/606956.png
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:0:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
777b5a7942082fbcc8bf04339c0cbb8dfa861c02d2efd413cff931b8d6d0c51b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 21:55:27 GMT
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
last-modified
Sun, 27 May 2018 23:34:46 GMT
server
AmazonS3
age
5354
etag
"26e568d69e86685f1f75f14bdd637c0e"
x-edge-origin-shield-skipped
0
x-amz-version-id
_dHK8vf8idhZLqerLm98mHCC0GvbRrb2
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
4770
x-amz-cf-id
aGdqqF3QcqZwzcTPk4-syL7W9L1C5XjJyquuPpzS2JJuiBI5OpOEOQ==
45087.jpg
d16vsmxl4d5tw1.cloudfront.net/9a0/9872f/c2c7/4c75/9f61/7df3bedf745b/thumb/
2 KB
3 KB
Image
General
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/9a0/9872f/c2c7/4c75/9f61/7df3bedf745b/thumb/45087.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:0:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d7e29017de0f9ded0d6919e5995b51dfb18cfd91f1100b410124bcf97d39b780

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 21:57:33 GMT
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
last-modified
Mon, 22 Oct 2018 11:06:22 GMT
server
AmazonS3
age
5228
etag
"22ee20377a7e4f2a67bdcbf75d6734e4"
x-edge-origin-shield-skipped
0
x-amz-version-id
4Z8bxhdelXy2hMG6aGnR5PMB8fk92O.6
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/jpeg
content-length
2219
x-amz-cf-id
uoxXF45CJwv8EhfFVocFWAYtvNY5WZph7T2X8F0UyLUuMvaSE30-4g==
487004.jpg
d16vsmxl4d5tw1.cloudfront.net/407/acf96/a572/4222/bb09/81f48a14aee0/thumb/
3 KB
3 KB
Image
General
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/407/acf96/a572/4222/bb09/81f48a14aee0/thumb/487004.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:0:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
35a151bdd06b1ff2746faf02664bf25f5e1a59015a0253d77cbce9f0725be843

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 22:28:34 GMT
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
last-modified
Sat, 08 Dec 2018 05:23:18 GMT
server
AmazonS3
age
3367
etag
"a7e90429af8c05d9ec725051182afffe"
x-edge-origin-shield-skipped
0
x-amz-version-id
GT0veKMGFzncAheYEO6QY9pzDw6ehzGo
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/jpeg
content-length
2736
x-amz-cf-id
SQ4ZU3kV4AUp4pf5Dia3-abvpe7xOo4AVoucJPPNTiUD5yshiOrYXQ==
8163.jpg
dbq8hrmshvuto.cloudfront.net/204/a0cc5/be8b/49cd/8c09/bc8aeb1e9131/thumb/
6 KB
6 KB
Image
General
Full URL
https://dbq8hrmshvuto.cloudfront.net/204/a0cc5/be8b/49cd/8c09/bc8aeb1e9131/thumb/8163.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:b200:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06ab2c1c3e2f2494ae924555e59993dd56c8abb4a5abf2dc40193986f085ab0b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 11:03:31 GMT
via
1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
last-modified
Mon, 01 Jun 2020 12:35:18 GMT
server
AmazonS3
age
44470
etag
"0817e7f8e56a2707989c07112aec76b4"
x-edge-origin-shield-skipped
0
x-amz-version-id
bmPVH.64_8eGvdI9jExWFXV1Nr_xueL3
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
5667
x-amz-cf-id
tyM_GD29awp9idqWep6DLbStAS6YF0DRsktnyzyvKwjwpD6V6EROAA==
115780.jpg
d16vsmxl4d5tw1.cloudfront.net/93b/73004/f240/4a12/8bcd/d239dd8d89ed/thumb/
3 KB
4 KB
Image
General
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/93b/73004/f240/4a12/8bcd/d239dd8d89ed/thumb/115780.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:0:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cede43a773a43b17bcce6ed2367c3869fe530ea19099336375bae0dec7d3916a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 21:55:43 GMT
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
last-modified
Sat, 27 Oct 2018 02:38:40 GMT
server
AmazonS3
age
5338
etag
"897d405b7cdcbd2e6249262950757c6d"
x-edge-origin-shield-skipped
0
x-amz-version-id
i7rv5STwxfeCcZk_P7FUDR6veV0X3Nhu
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/jpeg
content-length
3163
x-amz-cf-id
nwG-4pJHhJUfx5FmcBGnhoTcFUXf0lbMxhkYmEdOGeoIGfSyrzag9w==
271741.jpg
d16vsmxl4d5tw1.cloudfront.net/c2b/e3999/a231/4b6f/8f70/40096863f3cc/thumb/
2 KB
3 KB
Image
General
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/c2b/e3999/a231/4b6f/8f70/40096863f3cc/thumb/271741.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:0:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b1bb7130be997a146f6c1b497f88c741747fbcd102efd919bfb9049828c42de5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 10:56:22 GMT
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
last-modified
Thu, 10 May 2018 11:33:28 GMT
server
AmazonS3
age
44898
etag
"4b8c753d2951bc7e8b1fc8dde727bfff"
x-edge-origin-shield-skipped
0
x-amz-version-id
4CLZd87Ifk3w2Lqn5.l0.PMbWuZYJ0Bm
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/jpeg
content-length
2475
x-amz-cf-id
cU-pqpqFtI-3cO6e_-c3STV4hqAydckh237ToGJsX4jRwES0cnlcIQ==
1381827.jpg
d16vsmxl4d5tw1.cloudfront.net/149/0114c/37bc/422e/bd7e/da5c9e9742b5/thumb/
4 KB
4 KB
Image
General
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/149/0114c/37bc/422e/bd7e/da5c9e9742b5/thumb/1381827.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:0:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a23127d32a72715f9b5b0b80166f174cfc9dbc260e2f74b3ba0409eef0775f6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 02:50:45 GMT
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
last-modified
Sun, 23 Dec 2018 15:54:47 GMT
server
AmazonS3
age
74036
etag
"fcf4ca0fe54f269a3a79ea8f660f0fb6"
x-edge-origin-shield-skipped
0
x-amz-version-id
9FiotQG3j4A69VNYjjTdSXI34FPBSSWF
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/jpeg
content-length
4047
x-amz-cf-id
MMJsyKw2Ht_wX0xgCO2bGynrsZ4H7e3-XE9mpQyeKVb9xQgGxCO0RA==
4904.png
d16vsmxl4d5tw1.cloudfront.net/270/83495/15f0/45b0/8fdd/550dcae163d9/thumb/
17 KB
18 KB
Image
General
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/270/83495/15f0/45b0/8fdd/550dcae163d9/thumb/4904.png
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:0:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
53772b3cc2cd0066aadb4d6a62462fe9feead36293fb78729a84bef8ed1b9144

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 21:56:31 GMT
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
last-modified
Mon, 06 Aug 2018 20:22:52 GMT
server
AmazonS3
age
5290
etag
"7547e7f1f389aa4dd5b582859013efb2"
x-edge-origin-shield-skipped
0
x-amz-version-id
2M3UFeeHt8obN4eI6MAMp511sMAQcMi4
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
17599
x-amz-cf-id
MNPBNfgQ3tHfPJA53vrse2o0AL6q0SvXv4S41OXog4cBdAdwbnrmrA==
6239.jpg
d16vsmxl4d5tw1.cloudfront.net/430/7636d/7a1a/4b15/a390/980882da0fa8/thumb/
4 KB
5 KB
Image
General
Full URL
https://d16vsmxl4d5tw1.cloudfront.net/430/7636d/7a1a/4b15/a390/980882da0fa8/thumb/6239.jpg
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:0:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
888568d90e0919bf891083279832a974635909bf86acf91270ec02ccad5323aa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 20:55:08 GMT
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
last-modified
Mon, 22 Apr 2019 22:14:31 GMT
server
AmazonS3
age
8973
etag
"cd803e99bced2da0bf0f001b44e05b2a"
x-edge-origin-shield-skipped
0
x-amz-version-id
hRjWm7n1gInRRbtkYkaVMAQL5kUlyRb9
x-amz-storage-class
REDUCED_REDUNDANCY
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/jpeg
content-length
4224
x-amz-cf-id
35MX9eputP5T8wHQu8E3PxsdReg0e3aBEABKTVGu90qKhMJbwOwBoQ==
fontello-6de8dcc952e62df3b6c6537122b71ee61f92674b1ae412f27efae801f9d65884.woff2
d3r6ceqp4shltl.cloudfront.net/assets/
17 KB
18 KB
Font
General
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/fontello-6de8dcc952e62df3b6c6537122b71ee61f92674b1ae412f27efae801f9d65884.woff2
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-e431b1b76f357244f36acf55909bf2867bff80742139afe7b2313cff66aa5d39.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f600:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-e431b1b76f357244f36acf55909bf2867bff80742139afe7b2313cff66aa5d39.css
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:34:09 GMT
via
1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)
age
1075831
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
17880
last-modified
Fri, 10 Sep 2021 12:31:15 GMT
server
Ask.FM Web Service
etag
"613b5013-45d8"
strict-transport-security
max-age=63072000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://ask.fm
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
vqr2v1m1CqhxrIKiC9zQIoVz1VW5_5A9DgbDlPPVAEMDml29Idxnmg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
proximanova-semibold-a2a83f94ebfbd8389d8941dd31fce0d6de92ab5054d892a53d3cf495980ce7de.woff2
d3r6ceqp4shltl.cloudfront.net/assets/
25 KB
25 KB
Font
General
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/proximanova-semibold-a2a83f94ebfbd8389d8941dd31fce0d6de92ab5054d892a53d3cf495980ce7de.woff2
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-e431b1b76f357244f36acf55909bf2867bff80742139afe7b2313cff66aa5d39.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f600:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-e431b1b76f357244f36acf55909bf2867bff80742139afe7b2313cff66aa5d39.css
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:34:09 GMT
via
1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)
age
1075831
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
25400
last-modified
Fri, 10 Sep 2021 12:31:22 GMT
server
Ask.FM Web Service
etag
"613b501a-6338"
strict-transport-security
max-age=63072000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://ask.fm
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
ouYMlt4zQYXbUXyNhEndX9U2H5b-ZR9x02Czn2jlBrp2Li8Q_qnYlQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
proximanovareg-160969822c078cfce7f0e80a45d30a168b9e4b202f5c2480a520bd09e47df7de.woff2
d3r6ceqp4shltl.cloudfront.net/assets/
51 KB
52 KB
Font
General
Full URL
https://d3r6ceqp4shltl.cloudfront.net/assets/proximanovareg-160969822c078cfce7f0e80a45d30a168b9e4b202f5c2480a520bd09e47df7de.woff2
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-e431b1b76f357244f36acf55909bf2867bff80742139afe7b2313cff66aa5d39.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f600:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-e431b1b76f357244f36acf55909bf2867bff80742139afe7b2313cff66aa5d39.css
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 12:34:09 GMT
via
1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)
age
1075831
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
52204
last-modified
Fri, 10 Sep 2021 12:31:15 GMT
server
Ask.FM Web Service
etag
"613b5013-cbec"
strict-transport-security
max-age=63072000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://ask.fm
cache-control
public, max-age=315360000, immutable
content-security-policy
frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
_YDVjdEViFl7fSKCB61iT_QU1IidrBW8g9sj6l7_zlUddsmWYPkEUQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
skeleton.gif
static.adsafeprotected.com/
43 B
259 B
Image
General
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.141.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-141-213.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:40 GMT
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
nginx/1.16.1
age
18558990
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-cache-status
HIT
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
content-length
43
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9404.sL5XyQcRcY18kO_aKdiq7Zx1H6C0eCrthg46vjfsbhwzFoDRjoADS6J9A46X5q-n.wrxX4RvgKQY7MwDRv8icleVhx1Q%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9404._fozvwKigEs6A9TfWYJsshu78BZ0hsz_wJQE1dhptiMhrdPNoJGLpexs5nVqnkH91Tvmb6dHbBRUrZIpuihXKA%2C%2C.-4TC2aOwKQ68e416m5clAhikfCs%2C
75 B
75 B
Image
General
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9404._fozvwKigEs6A9TfWYJsshu78BZ0hsz_wJQE1dhptiMhrdPNoJGLpexs5nVqnkH91Tvmb6dHbBRUrZIpuihXKA%2C%2C.-4TC2aOwKQ68e416m5clAhikfCs%2C
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:40 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9404._fozvwKigEs6A9TfWYJsshu78BZ0hsz_wJQE1dhptiMhrdPNoJGLpexs5nVqnkH91Tvmb6dHbBRUrZIpuihXKA%2C%2C.-4TC2aOwKQ68e416m5clAhikfCs%2C
date
Wed, 22 Sep 2021 23:24:40 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/
43 B
112 B
Image
General
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:40 GMT
last-modified
Wed, 22 Sep 2021 17:36:09 GMT
etag
"614b3f59-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Thu, 23 Sep 2021 00:24:40 GMT
formats.js
ad.lkqd.net/vpaid/ Frame B303
118 KB
35 KB
Script
General
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:40 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1632353080.cds056.fr8.hn,1632353080.cds289.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
formats.js
ad.lkqd.net/vpaid/ Frame FB6E
118 KB
35 KB
Script
General
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:40 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1632353080.cds056.fr8.hn,1632353080.cds289.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
cookie
a.vidoomy.com/api/rtbserver/ Frame 75DA
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
  • https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
43 B
289 B
Document
General
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.90.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-90-134.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

:method
GET
:authority
a.vidoomy.com
:scheme
https
:path
/api/rtbserver/cookie?i=CEN&uid=no-consent
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

date
Wed, 22 Sep 2021 23:24:40 GMT
content-type
image/gif
content-length
43
content-encoding
none
set-cookie
vidoomy-uids=eyJ1aWRzIjp7IkNFTiI6eyJ1aWQiOiJuby1jb25zZW50IiwiZXhwaXJlcyI6MTYzNDk0NTA4MH19fQ==; Path=/; Domain=vidoomy.com; Expires=Thu, 22 Sep 2022 23:24:40 GMT; Secure; SameSite=None
vary
Origin

Redirect headers

cache-control
max-age=0,no-cache,no-store
pragma
no-cache
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
content-length
0
date
Wed, 22 Sep 2021 23:24:39 GMT
server
AC1.1
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=419301798.84164991883755049.304036
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=419301798.84164991883755049.304036
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=vidoomy&bsw_custom_parameter=e330c04b-dea3-4b7e-bf6a-438dd4f0a607&gdpr=&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=vidoomy&user_id=csonata_5a70c2eb-e98b-4260-b67b-785e24f71eeb&bsw_param=e330c04b-dea3-4b7e-bf6a-438dd4f0a607&expires=10
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=e330c04b-dea3-4b7e-bf6a-438dd4f0a607
43 B
319 B
Image
General
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=e330c04b-dea3-4b7e-bf6a-438dd4f0a607
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.90.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-90-134.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:40 GMT
content-encoding
none
content-length
43
vary
Origin
content-type
image/gif

Redirect headers

location
//a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=e330c04b-dea3-4b7e-bf6a-438dd4f0a607
date
Wed, 22 Sep 2021 23:24:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://sync.1rx.io/usersync2/vidoomy?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7038772573
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7038772573
  • https://sync.1rx.io/usersync/tradedesk/19e8b32c-8184-4af2-85b7-bc7580dd7727
  • https://sync.targeting.unrulymedia.com/csync/RX-376acdc3-5507-46a4-89e4-19c62868c632-003?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3DRX-376acdc3-5507-46a4-89e4-19c...
  • https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-376acdc3-5507-46a4-89e4-19c62868c632-003
43 B
375 B
Image
General
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-376acdc3-5507-46a4-89e4-19c62868c632-003
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.90.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-90-134.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:40 GMT
content-encoding
none
content-length
43
vary
Origin
content-type
image/gif

Redirect headers

location
https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=RX-376acdc3-5507-46a4-89e4-19c62868c632-003
date
Wed, 22 Sep 2021 23:24:40 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX376acdc3550746a489e419c62868c632003
content-type
text/html
auto-user-sync
ads.stickyadstv.com/
43 B
600 B
Image
General
Full URL
https://ads.stickyadstv.com/auto-user-sync
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:40 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1632353080316050-349
Expires
Wed, 22 Sep 2021 23:24:40 GMT
1
mc.yandex.com/watch/48953915/
Redirect Chain
  • https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Ffrancecoil85&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A682%3Afu%3A0%3Aen%3Autf-8%3A...
  • https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Ffrancecoil85&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A682%3Afu%3A0%3Aen%3Autf-8%...
383 B
465 B
XHR
General
Full URL
https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Ffrancecoil85&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A682%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A644%3Acn%3A1%3Adp%3A0%3Als%3A790637425521%3Ahid%3A603935308%3Az%3A0%3Ai%3A20210922232440%3Aet%3A1632353080%3Ac%3A1%3Arn%3A114828792%3Arqn%3A1%3Au%3A1632353080310271983%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632353079519%3Ads%3A23%2C319%2C154%2C106%2C0%2C0%2C%2C127%2C4%2C%2C%2C%2C626%3Adsn%3A22%2C320%2C154%2C106%2C0%2C0%2C%2C22%2C5%2C%2C%2C%2C625%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632353081%3At%3AAccount%20Suspended%20-%20Ask.fm
Requested by
Host: ask.fm
URL: https://ask.fm/francecoil85
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
10003e6f48a02cfdf3276a92f4dd34975ebcec93f257b37a33a0ae939251a2d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 23:24:40 GMT
x-content-type-options
nosniff
last-modified
Wed, 22-Sep-2021 23:24:40 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
383
x-xss-protection
1; mode=block
expires
Wed, 22-Sep-2021 23:24:40 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 Sep 2021 23:24:40 GMT
last-modified
Wed, 22-Sep-2021 23:24:40 GMT
location
/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Ffrancecoil85&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A682%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A644%3Acn%3A1%3Adp%3A0%3Als%3A790637425521%3Ahid%3A603935308%3Az%3A0%3Ai%3A20210922232440%3Aet%3A1632353080%3Ac%3A1%3Arn%3A114828792%3Arqn%3A1%3Au%3A1632353080310271983%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632353079519%3Ads%3A23%2C319%2C154%2C106%2C0%2C0%2C%2C127%2C4%2C%2C%2C%2C626%3Adsn%3A22%2C320%2C154%2C106%2C0%2C0%2C%2C22%2C5%2C%2C%2C%2C625%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632353081%3At%3AAccount%20Suspended%20-%20Ask.fm
strict-transport-security
max-age=31536000
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Wed, 22-Sep-2021 23:24:40 GMT
usync.html
ad.lkqd.net/cookie-sync/ Frame 2745
4 KB
2 KB
Document
General
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 22 Sep 2021 23:24:40 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1632353080.cds056.fr8.hn,1632353080.cds226.fr8.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame B303
2 KB
2 KB
XHR
General
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Ffrancecoil85&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=71122963&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
8d2f1c23a5b4e02e2c94eb9b82ed3fed778178500765076ae8e9dc0e125fcb7d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:40 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1359
usync.html
ad.lkqd.net/cookie-sync/ Frame FA5B
4 KB
2 KB
Document
General
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 22 Sep 2021 23:24:40 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1632353080.cds056.fr8.hn,1632353080.cds226.fr8.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame FB6E
180 B
348 B
XHR
General
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148643&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Ffrancecoil85&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=23885069&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:40 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
150
cs
cs.lkqd.net/ Frame 2745
43 B
309 B
Image
General
Full URL
https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.160 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:40 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 2745
43 B
308 B
Image
General
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.160 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:40 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 2745
43 B
308 B
Image
General
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.160 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:40 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 2745
43 B
308 B
Image
General
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.160 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:40 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 2745
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3311340378148549493
43 B
308 B
Image
General
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3311340378148549493
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.160 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:40 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3311340378148549493
pragma
no-cache
date
Wed, 22 Sep 2021 23:24:40 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame FA5B
43 B
308 B
Image
General
Full URL
https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.160 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:40 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame FA5B
43 B
308 B
Image
General
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.160 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:40 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame FA5B
43 B
308 B
Image
General
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.160 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:40 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame FA5B
43 B
308 B
Image
General
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.160 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:40 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame FA5B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2518706843731342197
43 B
308 B
Image
General
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2518706843731342197
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.160 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:40 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2518706843731342197
pragma
no-cache
date
Wed, 22 Sep 2021 23:24:40 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
t
t.lkqd.net/ Frame
0
0
Preflight
General
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.73 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 22 Sep 2021 23:24:41 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 9E5F
0
158 B
XHR
General
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.73 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Wed, 22 Sep 2021 23:24:41 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid.js
ad.lkqd.net/vpaid/ Frame 1E2C
230 KB
61 KB
Script
General
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:40 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 16:09:54 GMT
etag
"18431b5d583ab7507824ab63424fc76a"
x-hw
1632353080.cds056.fr8.hn,1632353080.cds107.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62012
t
t.lkqd.net/ Frame
0
0
Preflight
General
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.73 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 22 Sep 2021 23:24:41 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame DE8B
0
0

sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-f82948a8cf5896011175c1fbf42c5b3ad45aaa9cfae7d60fa0f42812eb0e410e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d45ba86a06644cb3e41c59e719bf70a455ac24bfb0eddad5a5955c63e6788740
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
6h83onBi8ZRDDJGNp8ge+g==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1688
x-fb-rlafr
0
x-fb-debug
9bUrnuLiDwZMrADMn6+1hvWrhwYuEUnZaaW1rLc/Yn4RRioAnfg5vUI2MAw2hmdBrgAf4wWXeL23/YF7NJpOag==
x-fb-trip-id
686109401
x-fb-content-md5
1a41dfbbf3138ab267018738a8c379f3
x-frame-options
DENY
date
Wed, 22 Sep 2021 23:24:41 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"3d0d17df742efe82f779265b7b4165ed"
timing-allow-origin
*
priority
u=3,i
expires
Wed, 22 Sep 2021 23:28:52 GMT
gtm.js
www.googletagmanager.com/
101 KB
40 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NDJVZHZ
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-f82948a8cf5896011175c1fbf42c5b3ad45aaa9cfae7d60fa0f42812eb0e410e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e0171ea50b3dff13a6c0317353872cd4ef94a0667da030e5eeb86ff893e5e553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:41 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40295
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 22:34:27 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 22 Sep 2021 23:24:41 GMT
3eb3366e-65c3-4a24-90f5-0026136a4131.min.js
cmp.optad360.io/items/
2 B
362 B
Script
General
Full URL
https://cmp.optad360.io/items/3eb3366e-65c3-4a24-90f5-0026136a4131.min.js
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-f82948a8cf5896011175c1fbf42c5b3ad45aaa9cfae7d60fa0f42812eb0e410e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:ac00:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 22:58:08 GMT
via
1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
last-modified
Wed, 28 Apr 2021 09:49:58 GMT
server
AmazonS3
age
1594
etag
"99914b932bd37a50b983c5e7c90ae93b"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
2
x-amz-cf-id
uw4JItAkHKH3t95XD2_DkOLZyVpA3CXJ9XZNYj8_aTJm_Yw-eEvd4w==
plugin.min.js
get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/
276 KB
72 KB
Script
General
Full URL
https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js
Requested by
Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-f82948a8cf5896011175c1fbf42c5b3ad45aaa9cfae7d60fa0f42812eb0e410e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4400:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a76103406e7e58113441df8f2771a0f85544abb8f4abbf2ada5639b7326b659

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 22:39:46 GMT
content-encoding
gzip
last-modified
Wed, 15 Sep 2021 14:22:28 GMT
server
AmazonS3
age
2696
etag
W/"4074a1126a14c337156303ffa83e7e61"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
yDNinhSsAFIFd9GeRkj1kTxxr5CnqfEmVfIbZwqB1ArHvRI8iI4XnQ==
v2iwyZnJGtZlZYVXU0KysxRJ0Az6Z9W233HDXiG3EIJ89Vo0Hp1lOvxvslxX4cDkXdV-vVippH1uHPaJD3g
colossalcoat.com/
216 B
607 B
Fetch
General
Full URL
https://colossalcoat.com/v2iwyZnJGtZlZYVXU0KysxRJ0Az6Z9W233HDXiG3EIJ89Vo0Hp1lOvxvslxX4cDkXdV-vVippH1uHPaJD3g
Requested by
Host: colossalcoat.com
URL: https://colossalcoat.com/v2doydDDr7mj6NrgHnAK5ak-qxBmJSRZTUAYuHM-2FpCgUsDt2NNH9aFlN0Jtm2lc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
d511af9ecc642252f58fdc72fe1f870e9f25c4389f71dde8ff3b1f665bafc140
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Wed, 22 Sep 2021 23:24:41 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
0586a9fb
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
216
expires
Wed, 22 Sep 2021 23:24:40 GMT
usync.html
ad.lkqd.net/cookie-sync/ Frame 93F5
4 KB
2 KB
Document
General
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 22 Sep 2021 23:24:41 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1632353081.cds056.fr8.hn,1632353081.cds226.fr8.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame
0
0
Preflight
General
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Ffrancecoil85&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=71122963&m=&rtv=1&thost=ask.fm
Protocol
H2
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 22 Sep 2021 23:24:41 GMT
content-length
0
access-control-allow-origin
https://ask.fm
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
ad
v.lkqd.net/ Frame 1E2C
122 KB
8 KB
XHR
General
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Ffrancecoil85&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=71122963&m=&rtv=1&thost=ask.fm
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
496eb4a87bf6b117befbf1052e89db57866e2e8a310411611ee1fa28cfbee6d3

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 22 Sep 2021 23:24:41 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
7850
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sdk.js
connect.facebook.net/en_US/
228 KB
67 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=7c2110b22b4d5e674b39cb584e8979a6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8f332abf668560fb91ed8e3d090a5f4562c73f087a5aa01b7625795a8f12214f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
SEI8QVDe7yuV8uAV7xOkBQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
68450
x-fb-rlafr
0
x-fb-debug
VIxQJfridy/RkuqMW+K6YedM+6xuN0szKyUtOGc0J3waJT394efO2c/PUzPVUhcVPMT7M+WczFoH8dPpRX4yYA==
x-fb-trip-id
686109401
x-fb-content-md5
6d925a2d126b7603572f9a30fb0c6e1c
x-frame-options
DENY
date
Wed, 22 Sep 2021 23:24:41 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"69f91f2c875acd4ff7f5673bd12d903f"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 22 Sep 2022 23:02:09 GMT
v2yjc3Mq8TNatKiaFLZkGALMUfQqC6M6idO1GsCsFZYcCTQhrpenq_PGBhA2OYJHvBQcFpN0b0V6BAquzOQ
colossalcoat.com/
3 B
36 B
Fetch
General
Full URL
https://colossalcoat.com/v2yjc3Mq8TNatKiaFLZkGALMUfQqC6M6idO1GsCsFZYcCTQhrpenq_PGBhA2OYJHvBQcFpN0b0V6BAquzOQ
Requested by
Host: colossalcoat.com
URL: https://colossalcoat.com/v2doydDDr7mj6NrgHnAK5ak-qxBmJSRZTUAYuHM-2FpCgUsDt2NNH9aFlN0Jtm2lc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.96.201.35.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Wed, 22 Sep 2021 23:24:41 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
x-hostname
0586a9fb
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
3
analytics.js
www.google-analytics.com/
48 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDJVZHZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
1961
date
Wed, 22 Sep 2021 22:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Thu, 23 Sep 2021 00:52:00 GMT
cs
cs.lkqd.net/ Frame 93F5
43 B
308 B
Image
General
Full URL
https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.160 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:41 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 93F5
43 B
308 B
Image
General
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.160 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:41 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 93F5
43 B
308 B
Image
General
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.160 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:41 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 93F5
43 B
308 B
Image
General
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.160 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:41 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 93F5
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2518706843731342197
43 B
308 B
Image
General
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2518706843731342197
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.160 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:41 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2518706843731342197
pragma
no-cache
date
Wed, 22 Sep 2021 23:24:40 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
/
www.facebook.com/tr/
44 B
313 B
Image
General
Full URL
https://www.facebook.com/tr/?id=129215213762342&ev=fb_page_view&dl=https%3A%2F%2Fask.fm%2Ffrancecoil85&rl=&if=false&ts=1632353081109&sw=1600&sh=1200&at=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 22 Sep 2021 23:24:41 GMT
collect
www.google-analytics.com/j/
2 B
201 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1063540668&t=pageview&_s=1&dl=https%3A%2F%2Fask.fm%2Ffrancecoil85&ul=en-us&de=UTF-8&dt=Account%20Suspended%20-%20Ask.fm&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1016898457&gjid=518870074&cid=781557306.1632353081&tid=UA-12308109-15&_gid=1341908820.1632353081&_r=1&gtm=2wg9m0NDJVZHZ&z=478118516
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 23:24:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
454 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-12308109-15&cid=781557306.1632353081&jid=1016898457&gjid=518870074&_gid=1341908820.1632353081&_u=YEBAAEAAAAAAAC~&z=1751299219
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 22 Sep 2021 23:24:41 GMT
content-type
text/plain
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid4.39.0.js
get.optad360.io/sf/
492 KB
493 KB
Script
General
Full URL
https://get.optad360.io/sf/prebid4.39.0.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4400:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
86a90b183aecfa70018125329bdc860971b2f20123c0f40e68bac0a1dcb58645

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 09:46:29 GMT
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
last-modified
Thu, 13 May 2021 10:44:35 GMT
server
AmazonS3
age
4282693
etag
"e020700f5effdce1f4be56434553da72"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=360000000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
503605
x-amz-cf-id
5mw5pHgyNJOPziFLD-g8U5wtbRfYU52W4Dz6RXOV6n27RxUj9H1vlQ==
t
t.lkqd.net/ Frame 7819
0
158 B
XHR
General
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.73 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Wed, 22 Sep 2021 23:24:41 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame
0
0
Preflight
General
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.73 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 22 Sep 2021 23:24:41 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1&lsw=1
Protocol
H2
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://ask.fm
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1837
date
Wed, 22 Sep 2021 23:24:41 GMT
content-encoding
gzip
vary
Accept-Encoding
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
1 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210922
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0056fc70e9e9ef6b04d00a0efc1fec72609bfbe74c1e26c447562dc735961288
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
28572
x-jsd-version
1.0.1108
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
844
etag
W/"695-AbH7hrEzIyBCXMXtoWbffudOrPk"
x-served-by
cache-fra19126-FRA
x-jsd-version-type
version
date
Wed, 22 Sep 2021 23:24:41 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
localstore.js
script.4dex.io/
483 B
711 B
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fa1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:41 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 09 Sep 2021 12:35:55 GMT
server
cloudflare
age
1162108
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
692f49c63a1963b9-FRA
x-amz-request-id
TD3DS9YZ8440AKDY
x-amz-id-2
M2Q7mY6rdpzXw/sL0fa+n0BFIJ9kCQCZ5Pu3Nfv1fXbLplIOJnLEBWCmKKKxSvug0l8dkcZHDP0=
expires
Wed, 22 Sep 2021 23:54:41 GMT
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=RycPNHxpNUVyVnZsUGRnR3ppS3V3RXdIaU9Yb0tnOVlrOEkyeDVudzNnU2RiMHdUZ09kdktKcGRMc0lJVG5ibloyVXhZbnB4Q29CQWVicG9lK25hTnA2VTlITFVKbDZzL2sxRjhoNk94eVEvVHpnMVV4am5wVEJaRkFERF...
323 B
590 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=RycPNHxpNUVyVnZsUGRnR3ppS3V3RXdIaU9Yb0tnOVlrOEkyeDVudzNnU2RiMHdUZ09kdktKcGRMc0lJVG5ibloyVXhZbnB4Q29CQWVicG9lK25hTnA2VTlITFVKbDZzL2sxRjhoNk94eVEvVHpnMVV4am5wVEJaRkFERFptVVZ5V2xINk1JQnEvNzlpc2Jrd3dSYUhsUFl5eVplWERWbG5TanZ0TnlvVjhjSjFqS0NkL05TamdNWThmbXo3QWdqdWhiblZIa2lUam11SFM0VG11Wk5MVGtrWk5ZU0RtNGxlOElZY2VwMzVOcmgvZThNPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
a477391460d58218d6158b3d40326e3a77d491439f7a97f2cb9c68fbc59d5882
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Wed, 22 Sep 2021 23:24:40 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4379
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 22 Sep 2021 23:24:41 GMT
location
https://mug.criteo.com/sid?cpp=RycPNHxpNUVyVnZsUGRnR3ppS3V3RXdIaU9Yb0tnOVlrOEkyeDVudzNnU2RiMHdUZ09kdktKcGRMc0lJVG5ibloyVXhZbnB4Q29CQWVicG9lK25hTnA2VTlITFVKbDZzL2sxRjhoNk94eVEvVHpnMVV4am5wVEJaRkFERFptVVZ5V2xINk1JQnEvNzlpc2Jrd3dSYUhsUFl5eVplWERWbG5TanZ0TnlvVjhjSjFqS0NkL05TamdNWThmbXo3QWdqdWhiblZIa2lUam11SFM0VG11Wk5MVGtrWk5ZU0RtNGxlOElZY2VwMzVOcmgvZThNPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2216
content-length
482
expires
0
prebid
ib.adnxs.com/ut/v3/
19 B
690 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:41 GMT
X-Proxy-Origin
136.243.198.85; 136.243.198.85; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
75da54e7-9e6f-40b7-abc0-2dbac0152c50
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/
0
314 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 23:24:41 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://ask.fm
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
c
prebid.a-mo.net/a/
0
164 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Wed, 22 Sep 2021 23:24:41 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
prebid
ib.adnxs.com/ut/v3/
19 B
690 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:41 GMT
X-Proxy-Origin
136.243.198.85; 136.243.198.85; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
a12e1885-7786-4426-9b4c-a48198639208
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v2
i.connectad.io/api/
0
0

prebid-request
onetag-sys.com/
15 B
362 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://ask.fm
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
cygnus
htlb.casalemedia.com/
25 B
368 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=425272&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213816434e254acd%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fask.fm%2Ffrancecoil85%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.39.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22144b62b7cf2c4f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22144b62b7cf2c4f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22750x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A750%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22144b62b7cf2c4f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
181ee422e7d9bc51c286621ef54e25f0768c594e44fb622d83fcd6c6771057ca

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 23:24:41 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[SN], CN:[EU], CIP:[136.243.198.85], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://ask.fm
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Wed, 22 Sep 2021 23:24:41 GMT
adjson
ads.betweendigital.com/
2 B
902 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.212.252.2 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
apacdex
useast.quantumdex.io/auction/
0
332 B
XHR
General
Full URL
https://useast.quantumdex.io/auction/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Sep 2021 23:24:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
cf-ray
692f49c65f0a4a8c-FRA
/
adx.adform.net/adx/
5 B
443 B
XHR
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTg2NTI1MyZ0cmFuc2FjdGlvbklkPTUzYjJiMzZiLTJhOGEtNDJiYy05MDUxLTQyZTdlOWQ4YzRlZSZyY3VyPVBMTg%3D%3D&pt=gross&stid=cccb1423-92fd-415c-83d2-0de2d038b618&gdpr=0&gdpr_consent=undefined&fd=1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 23:24:41 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
adagio.js
script.4dex.io/
71 KB
22 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fa1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d13b828524033b9a73c68df3bf063d050d264b970d6292f5a177f885a27e6792

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:41 GMT
content-encoding
gzip
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
1162099
x-amz-request-id
4EJZWQSPYJN0KPZG
x-amz-id-2
YC9klwmqqfwQDVFSMHtow4Ja5sHZlojW2QWsGiGTWvJc04JtRiK3mdot7Og40EhxdWPEzb01nLQ=
last-modified
Thu, 09 Sep 2021 12:35:54 GMT
server
cloudflare
etag
W/"80a6d470c029b1acfca7d8abeb00b240"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
cf-ray
692f49c67ca46407-FRA
expires
Wed, 22 Sep 2021 23:54:41 GMT
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=RycPNHxpNUVyVnZsUGRnR3ppS3V3RXdIaU9Yb0tnOVlrOEkyeDVudzNnU2RiMHdUZ09kdktKcGRMc0lJVG5ibloyVXhZbnB4Q29CQWVicG9lK25hTnA2VTlITFVKbDZzL2sxRjhoNk94eVEvVHpnMVV4am5wVEJaRkFERFptVVZ5V2xINk1JQnEvNzlpc2Jrd3dSYUhsUFl5eVplWERWbG5TanZ0TnlvVjhjSjFqS0NkL05TamdNWThmbXo3QWdqdWhiblZIa2lUam11SFM0VG11Wk5MVGtrWk5ZU0RtNGxlOElZY2VwMzVOcmgvZThNPXw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1153
date
Wed, 22 Sep 2021 23:24:41 GMT
content-encoding
gzip
vary
Accept-Encoding
/
adx.adform.net/adx/
65 B
642 B
XHR
General
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fask.fm%2Ffrancecoil85
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:41 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
218945
search.spotxchange.com/vast/2.0/
67 B
1 KB
XHR
General
Full URL
https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fask.fm%2Ffrancecoil85&cb=84253094&player_width=400&player_height=225&regs[gdpr]=0&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C8227901967654445023570242914%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 22 Sep 2021 23:24:41 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000269
X-SpotX-Timing-SpotMarket
0.009927
X-SpotX-Timing-Page-Mux
0.000211
X-SpotX-Timing-Page-Require
0.000321
X-fe
093
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000028
Content-Length
77
X-SpotX-Timing-Page
0.013630
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000280
Last-Modified
Wed, 22 Sep 2021 23:24:41 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.009927
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
X-SpotX-Timing-Page-Misc
0.002586
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000008
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=
ads.adaptv.advertising.com/a/h/
249 B
536 B
XHR
General
Full URL
https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1256823686&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Ffrancecoil85&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.240.81 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-240-81.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fask.fm%2Ffrancecoil85&cb=642062698&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C8227901967654445023453366442,,
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fask.fm%2Ffrancecoil85&cb=642062698&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C8227901967654445023453366442,,
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
0
0

/
adx.adform.net/adx/
65 B
642 B
XHR
General
Full URL
https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fask.fm%2Ffrancecoil85&t=2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:41 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=
ads.adaptv.advertising.com/a/h/
249 B
536 B
XHR
General
Full URL
https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=2144425953&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Ffrancecoil85&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.240.81 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-240-81.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
swfIndex.php
ads.stickyadstv.com/www/delivery/
67 B
711 B
XHR
General
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C82279019676544450232122848099,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:41 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1632353081292024-549
Expires
Wed, 22 Sep 2021 23:24:41 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/
992 B
862 B
XHR
General
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Ffrancecoil85&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C20104624678227901967654445023%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
d9d7bfe4c571e203ca7209b5f2b3b77ae353f3d9358af9744c274a884b3f0c1a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 23:24:41 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
611
expires
Wed, 22 Sep 2021 23:24:41 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/
1 KB
2 KB
XHR
General
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C6984184958227901967654445023,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3931e36b90e13975a9dfb599579200c9f51945c6d8ec10c34e22f1b472e006c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:41 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1156
x-sticky-vk
1632353081374014-356
Expires
Wed, 22 Sep 2021 23:24:41 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/
1 KB
2 KB
XHR
General
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=0&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C82279019676544450231769692836%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b68dfa543c3d1a3035a19bc67f4c3d7b686c7474553c3cd70f35fc634550cfc1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:41 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1192
x-sticky-vk
1632353081222030-539
Expires
Wed, 22 Sep 2021 23:24:41 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/
1 KB
2 KB
XHR
General
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=0&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C8227901967654445023481010231%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
dd9d02dadb5cf247f8cae2585eee2209464d8eeae7d6cf15062d728b8c23aad0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:41 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1190
x-sticky-vk
1632353081011073-383
Expires
Wed, 22 Sep 2021 23:24:41 GMT
vg8w_5FE244+r7CJB_4mkZ3_YehF4CBX
ads.adaptv.advertising.com/a/h/
2 KB
1 KB
XHR
General
Full URL
https://ads.adaptv.advertising.com/a/h/vg8w_5FE244+r7CJB_4mkZ3_YehF4CBX?cb=38374293&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Ffrancecoil85&eov=eov
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.240.81 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-240-81.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
cc62a4792338944e995f53c92fab8a92c657d8e3ce98d8b9dc96c86f9cf540e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
908
expires
0
7585793
ads.stickyadstv.com/vast/vpaid-adapter/
1 KB
2 KB
XHR
General
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C12564302218227901967654445023,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0e81856bddf17fea14e54812715224c95b0466813a4212f76dea03cb86eaff05

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:41 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1158
x-sticky-vk
1632353080890077-538
Expires
Wed, 22 Sep 2021 23:24:41 GMT
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=
ads.adaptv.advertising.com/a/h/
249 B
536 B
XHR
General
Full URL
https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1873048352&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Ffrancecoil85&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.240.81 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-240-81.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0
av
vidoomy-d.openx.net/v/1.0/
Redirect Chain
  • https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fask.fm%2Ffrancecoil85&cb=642062698&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C8227901967654445023453366442,,
  • https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fask.fm%2Ffrancecoil85&cb=642062698&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C8227901967654445023453366442,,
48 B
332 B
XHR
General
Full URL
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fask.fm%2Ffrancecoil85&cb=642062698&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C8227901967654445023453366442,,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 23:24:41 GMT
content-encoding
gzip
server
OXGW/16.216.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ask.fm
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Wed, 22 Sep 2021 23:24:41 GMT
via
1.1 google
server
OXGW/16.216.0
location
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fask.fm%2Ffrancecoil85&cb=642062698&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C8227901967654445023453366442,,
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
alt-svc
clear
content-length
0
t
t.lkqd.net/ Frame
0
0
Preflight
General
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.73 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 22 Sep 2021 23:24:41 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 7819
0
158 B
XHR
General
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.73 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Wed, 22 Sep 2021 23:24:41 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid_68c68ea6.js
vpaid.springserve.com/production/ Frame 32C7
491 KB
87 KB
Script
General
Full URL
https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:f600:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a54b6501010a2a11a342b7f1459a10336ce2b96a98c523c015de676203f1e282

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:36:21 GMT
content-encoding
br
last-modified
Wed, 22 Sep 2021 17:34:44 GMT
server
AmazonS3
age
20901
etag
W/"c41b3f31e617ac05abbd6b79785bd64a"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
8VsH_5q99x30yacc2J9ScvJEIf_2ikRLYzHM1EJ3xsOXqWPwXPlaIw==
truncated
/
35 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
t
t.lkqd.net/ Frame 7819
0
158 B
XHR
General
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.73 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Wed, 22 Sep 2021 23:24:41 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame
0
0
Preflight
General
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.73 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 22 Sep 2021 23:24:41 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
async_usersync.html
acdn.adnxs.com/dmp/ Frame ED71
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Thu, 23 Sep 2021 23:24:43 GMT
Date
Wed, 22 Sep 2021 23:24:41 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 011F
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Thu, 23 Sep 2021 23:24:43 GMT
Date
Wed, 22 Sep 2021 23:24:41 GMT
Connection
keep-alive
Vary
Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ Frame 32C7
19 B
690 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:41 GMT
X-Proxy-Origin
136.243.198.85; 136.243.198.85; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
a1b7b80f-f659-4d80-8919-b305a6e50e78
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame 32C7
0
207 B
XHR
General
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.240.81 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-240-81.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ Frame 32C7
19 B
690 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:41 GMT
X-Proxy-Origin
136.243.198.85; 136.243.198.85; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
a856e510-60ba-4df7-903e-f333548afb24
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 32C7
67 B
711 B
XHR
General
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&playerSize=400x225&loc=https%3A%2F%2Fask.fm%2Ffrancecoil85&_fw_gdpr=&_fw_gdpr_consent=&cb=1632353081357&width=400&height=225&dnt=&ip=146.20.128.52&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&schain=1.0,1!vidoomy.com,54345,1,1632353081357,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:41 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1632353081336050-587
Expires
Wed, 22 Sep 2021 23:24:41 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 32C7
962 B
842 B
XHR
General
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Ffrancecoil85&schain=1.0,1!vidoomy.com,54345,1,1632353081357,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
45c5980d46277eb350f2603772ffba4259692167bfde84c2182a2a6d081f797b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 23:24:41 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
590
expires
Wed, 22 Sep 2021 23:24:41 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 6E0C
152 KB
36 KB
Script
General
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Ffrancecoil85&schain=1.0,1!vidoomy.com,54345,1,1632353081357,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:41 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
bounce
ib.adnxs.com/ Frame ED71
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
805 B
Script
General
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:41 GMT
X-Proxy-Origin
136.243.198.85; 136.243.198.85; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
c1e60a4b-36a4-408f-8cd2-0f8a5ff2f809
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:41 GMT
X-Proxy-Origin
136.243.198.85; 136.243.198.85; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
a19cfb17-be61-49be-a58e-269c8302dea6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
ib.adnxs.com/ Frame 011F
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
805 B
Script
General
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:41 GMT
X-Proxy-Origin
136.243.198.85; 136.243.198.85; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
e7112a39-5ad5-4f14-b5ad-5621d2a006ce
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:41 GMT
X-Proxy-Origin
136.243.198.85; 136.243.198.85; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
ee779397-42fd-46d2-8c8e-e583a89814f5
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 6A44
38 KB
14 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Ffrancecoil85&schain=1.0,1!vidoomy.com,54345,1,1632353081357,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=164490
expires
Fri, 24 Sep 2021 21:06:11 GMT
date
Wed, 22 Sep 2021 23:24:41 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 6E0C
38 KB
14 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Ffrancecoil85&schain=1.0,1!vidoomy.com,54345,1,1632353081357,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:41 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:07:52 GMT
server
Apache/2.2.15 (CentOS)
etag
"13006b6-974e-5c4c7cb53d8cb"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=164490
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13946
expires
Fri, 24 Sep 2021 21:06:11 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 6A44
2 KB
3 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=44716319&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
8d8c6fdb6ad6f5f45d6d585294e84c2d6248f982c168f5120655e70f37720173

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:40 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame BB87
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=453853BE-622D-4C70-AEBC-AD98526478D1
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=453853BE-622D-4C70-AEBC-AD98526478D1
35 B
467 B
Document
General
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=453853BE-622D-4C70-AEBC-AD98526478D1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=453853BE-622D-4C70-AEBC-AD98526478D1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 22 Sep 2021 23:24:42 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=6541243606412439021; expires=Sun, 21 Nov 2021 23:24:42 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Wed, 22 Sep 2021 23:24:42 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=453853BE-622D-4C70-AEBC-AD98526478D1
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Fri, 22 Oct 2021 23:24:42 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 52A5
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6377988007333069753
42 B
210 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6377988007333069753
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6377988007333069753
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=453853BE-622D-4C70-AEBC-AD98526478D1; chkChromeAb67Sec=1; DPSync3=1633478400%3A197_219_201%7C1632355200%3A174; SyncRTB3=1633478400%3A54_161_56_8_220_13_3_21_7%7C1633564800%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 22 Sep 2021 23:24:42 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-6377988007333069753; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 22-Oct-2021 23:24:42 GMT; path=/ PugT=1632353082; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 22-Oct-2021 23:24:42 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 21-Dec-2021 23:24:42 GMT; path=/
x-lat
lhrpug020:0:362
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6377988007333069753
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 01C7
43 B
334 B
Document
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 22 Sep 2021 23:24:41 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Wed, 22 Sep 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
461578
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6A44
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RThTvmItTHCuvK2YUmR40Q%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RThTvmItTHCuvK2YUmR40Q%3D%3D&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:42 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=86629
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Thu, 23 Sep 2021 23:28:31 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 Sep 2021 23:24:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 6A44
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3df0614b-bb3a-4400-9cf5-acab53100f8d
0
260 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3df0614b-bb3a-4400-9cf5-acab53100f8d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:41 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 22 Sep 2021 23:24:42 GMT
Server
MT3 3984 0e3af3b master zrh-pixel-x5 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3df0614b-bb3a-4400-9cf5-acab53100f8d
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 22 Sep 2021 23:24:41 GMT
/
loada.exelator.com/load/ Frame 6A44
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=453853BE-622D-4C70-AEBC-AD98526478D1
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
0
0

Pug
image2.pubmatic.com/AdServer/ Frame 6A44
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDUzODUzQkUtNjIyRC00QzcwLUFFQkMtQUQ5ODUyNjQ3OEQx&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDUzODUzQkUtNjIyRC00QzcwLUFFQkMtQUQ5ODUyNjQ3OEQx&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
340 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:42 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug019:0:381
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 22 Sep 2021 23:24:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 6A44
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJH7b30vTh0uCVEX7_hqgZc&google_cver=1
42 B
282 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJH7b30vTh0uCVEX7_hqgZc&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:42 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug018:0:404
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 22 Sep 2021 23:24:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJH7b30vTh0uCVEX7_hqgZc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 6A44
43 B
610 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:42 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 21 Sep 2021 23:24:42 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 6A44
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=19e8b32c-8184-4af2-85b7-bc7580dd7727
42 B
602 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=19e8b32c-8184-4af2-85b7-bc7580dd7727
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:42 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:432
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 22 Sep 2021 23:24:42 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=19e8b32c-8184-4af2-85b7-bc7580dd7727
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 6A44
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5121012387558385027
42 B
233 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5121012387558385027
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:42 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug009:0:421
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 22 Sep 2021 23:24:42 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5121012387558385027
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 6A44
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:230b614b-bb39-4300-b04d-1511c93daab7&gdpr=0&gdpr_consent=
42 B
340 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:230b614b-bb39-4300-b04d-1511c93daab7&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:42 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug010:0:415
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 22 Sep 2021 23:24:42 GMT
Server
MT3 3984 0e3af3b master zrh-pixel-x26 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:230b614b-bb39-4300-b04d-1511c93daab7&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 22 Sep 2021 23:24:41 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 6A44
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7636156164787956838&gdpr=0&gdpr_consent=
42 B
289 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7636156164787956838&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:42 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug013:0:427
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:42 GMT
X-Proxy-Origin
136.243.198.85; 136.243.198.85; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
4b54e6c6-84f0-443c-b1b0-582336049284
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7636156164787956838&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 6A44
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=CqjSwF771cMRrd6TDfvLm1780ZER-NaQWa_WUhU1
42 B
272 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=CqjSwF771cMRrd6TDfvLm1780ZER-NaQWa_WUhU1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:42 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:399
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 22 Sep 2021 23:24:42 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=CqjSwF771cMRrd6TDfvLm1780ZER-NaQWa_WUhU1
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 6E0C
27 B
0
XHR
General
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Ffrancecoil85&schain=1.0,1!vidoomy.com,54345,1,1632353081357,,&us_privacy=&cb=1632353081940&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fask.fm%252Ffrancecoil85&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fask.fm%252Ffrancecoil85&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-9-22%2023:24:42&ranreq=0.05069684378028394&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Ffrancecoil85&schain=1.0,1!vidoomy.com,54345,1,1632353081357,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:42 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://ask.fm
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
i
vid-io-cle.springserve.com/vd/ Frame 32C7
0
111 B
XHR
General
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=3331da17&ps_id=487310&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.12.29.116 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-12-29-116.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ask.fm
date
Wed, 22 Sep 2021 23:24:42 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
track
aktrack.pubmatic.com/ Frame 32C7
0
61 B
Image
General
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1632353081&wa=0&e=96&ier=901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:42 GMT
content-length
0
content-type
text/html
async_usersync
ib.adnxs.com/ Frame ED71
0
733 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:42 GMT
X-Proxy-Origin
136.243.198.85; 136.243.198.85; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
2df673ea-043d-43ab-ab94-a2245b34ccaf
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 011F
0
733 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:42 GMT
X-Proxy-Origin
136.243.198.85; 136.243.198.85; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
050ce764-f616-4f3e-aff2-97c8d7043f5c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 1E2C
35 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
vpaid_68c68ea6.js
vpaid.springserve.com/production/ Frame 1F84
491 KB
87 KB
Script
General
Full URL
https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:f600:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a54b6501010a2a11a342b7f1459a10336ce2b96a98c523c015de676203f1e282

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:36:21 GMT
content-encoding
br
last-modified
Wed, 22 Sep 2021 17:34:44 GMT
server
AmazonS3
age
20903
etag
W/"c41b3f31e617ac05abbd6b79785bd64a"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
P3XHaLgnrDkKX42kIqg4zX9Cwc5Zu1InyIQ4lZtKf1CUcJXyOzGVyw==
t
t.lkqd.net/ Frame 7819
0
158 B
XHR
General
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.73 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Wed, 22 Sep 2021 23:24:43 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame
0
0
Preflight
General
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.73 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 22 Sep 2021 23:24:43 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 1F84
962 B
842 B
XHR
General
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Ffrancecoil85&schain=1.0,1!vidoomy.com,54345,1,1632353081358,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
fc1e645bcaec183f74c84792f412e1914ec917593254f6434d0d19aa3decd2ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 23:24:43 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
590
expires
Wed, 22 Sep 2021 23:24:43 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame 1F84
0
207 B
XHR
General
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.240.81 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-240-81.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ Frame 1F84
19 B
845 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:43 GMT
X-Proxy-Origin
136.243.198.85; 136.243.198.85; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
8a74578e-d12b-4a01-ac42-ea16b62363bc
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 1F84
19 B
845 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:43 GMT
X-Proxy-Origin
136.243.198.85; 136.243.198.85; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
f00696bc-e107-422f-a29a-d96d062e6275
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
48953915
mc.yandex.com/webvisor/
43 B
145 B
XHR
General
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=603935308&page-url=https%3A%2F%2Fask.fm%2Ffrancecoil85&rn=1009354236&wv-type=5&browser-info=gdpr%3A14%3Aet%3A1632353083%3Aw%3A1600x1200%3Av%3A644%3Az%3A0%3Ai%3A20210922232443%3Au%3A1632353080310271983%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1632353083
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 23:24:43 GMT
last-modified
Wed, 22-Sep-2021 23:24:43 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 22-Sep-2021 23:24:43 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 75F4
152 KB
36 KB
Script
General
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Ffrancecoil85&schain=1.0,1!vidoomy.com,54345,1,1632353081358,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:43 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
showad.js
ads.pubmatic.com/AdServer/js/ Frame 9193
38 KB
14 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Ffrancecoil85&schain=1.0,1!vidoomy.com,54345,1,1632353081358,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=453853BE-622D-4C70-AEBC-AD98526478D1; chkChromeAb67Sec=1; DPSync3=1633478400%3A197_219_201%7C1632355200%3A174; SyncRTB3=1633478400%3A54_161_56_8_220_13_3_21_7%7C1633564800%3A35; PUBMDCID=3; KRTBCOOKIE_57=22776-7636156164787956838; PugT=1632353082; KRTBCOOKIE_153=19420-CqjSwF771cMRrd6TDfvLm1780ZER-NaQWa_WUhU1&KRTB&22979-CqjSwF771cMRrd6TDfvLm1780ZER-NaQWa_WUhU1; KRTBCOOKIE_80=22987-CAESEJH7b30vTh0uCVEX7_hqgZc&KRTB&16514-CAESEJH7b30vTh0uCVEX7_hqgZc&KRTB&23025-CAESEJH7b30vTh0uCVEX7_hqgZc; KRTBCOOKIE_377=6810-19e8b32c-8184-4af2-85b7-bc7580dd7727&KRTB&22918-19e8b32c-8184-4af2-85b7-bc7580dd7727&KRTB&23031-19e8b32c-8184-4af2-85b7-bc7580dd7727; KRTBCOOKIE_27=16735-uid:230b614b-bb39-4300-b04d-1511c93daab7&KRTB&16736-uid:230b614b-bb39-4300-b04d-1511c93daab7&KRTB&23019-uid:230b614b-bb39-4300-b04d-1511c93daab7&KRTB&23114-uid:230b614b-bb39-4300-b04d-1511c93daab7; KRTBCOOKIE_391=22924-5121012387558385027&KRTB&23263-5121012387558385027; KRTBCOOKIE_336=5844-6377988007333069753; SPugT=1632353081; pp=156498; PMDTSHR=cat:
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=164488
expires
Fri, 24 Sep 2021 21:06:11 GMT
date
Wed, 22 Sep 2021 23:24:43 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 75F4
38 KB
14 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Ffrancecoil85&schain=1.0,1!vidoomy.com,54345,1,1632353081358,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:43 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:07:52 GMT
server
Apache/2.2.15 (CentOS)
etag
"13006b6-974e-5c4c7cb53d8cb"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=164488
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13946
expires
Fri, 24 Sep 2021 21:06:11 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 9193
2 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=34084350&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
cd3f2a0f1eb95e969b0df1d57c23a7ec825c98288f6798b63449ebb41cb81d6e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:42 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame E5CA
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7010903107011868822
42 B
210 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7010903107011868822
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7010903107011868822
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=453853BE-622D-4C70-AEBC-AD98526478D1; PUBMDCID=3; KRTBCOOKIE_57=22776-7636156164787956838; KRTBCOOKIE_153=19420-CqjSwF771cMRrd6TDfvLm1780ZER-NaQWa_WUhU1&KRTB&22979-CqjSwF771cMRrd6TDfvLm1780ZER-NaQWa_WUhU1; KRTBCOOKIE_80=22987-CAESEJH7b30vTh0uCVEX7_hqgZc&KRTB&16514-CAESEJH7b30vTh0uCVEX7_hqgZc&KRTB&23025-CAESEJH7b30vTh0uCVEX7_hqgZc; KRTBCOOKIE_377=6810-19e8b32c-8184-4af2-85b7-bc7580dd7727&KRTB&22918-19e8b32c-8184-4af2-85b7-bc7580dd7727&KRTB&23031-19e8b32c-8184-4af2-85b7-bc7580dd7727; KRTBCOOKIE_27=16735-uid:230b614b-bb39-4300-b04d-1511c93daab7&KRTB&16736-uid:230b614b-bb39-4300-b04d-1511c93daab7&KRTB&23019-uid:230b614b-bb39-4300-b04d-1511c93daab7&KRTB&23114-uid:230b614b-bb39-4300-b04d-1511c93daab7; KRTBCOOKIE_391=22924-5121012387558385027&KRTB&23263-5121012387558385027; KRTBCOOKIE_336=5844-6377988007333069753; SPugT=1632353081; pp=156498; PMDTSHR=cat:; chkChromeAb67Sec=2; DPSync3=1633478400%3A201_221_226_227_235_197_219%7C1632355200%3A174; SyncRTB3=1633564800%3A35%7C1633478400%3A3_21_22_55_8_220_7_71_166_161_56_81_54_13%7C1633132800%3A63%7C1632873600%3A223_2_15%7C1634860800%3A203; KRTBCOOKIE_22=14911-2518706843731342197; PugT=1632353083
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 22 Sep 2021 23:24:43 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-7010903107011868822; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 22-Oct-2021 23:24:43 GMT; path=/ PugT=1632353083; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 22-Oct-2021 23:24:43 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 21-Dec-2021 23:24:43 GMT; path=/
x-lat
lhrpug018:0:289
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Wed, 22 Sep 2021 23:24:43 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=7010903107011868822; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7010903107011868822
adx
match.prod.bidr.io/cookie-sync/ Frame ED3B
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDSGMwN0NsM1lBQUFoWGt3dFJSdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B
Document
General
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.198.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-198-95.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Host
match.prod.bidr.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Cookie
bito=AACHc07Cl3YAAAhXkwtRRw; bitoIsSecure=ok
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Wed, 22 Sep 2021 23:24:43 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date
Wed, 22 Sep 2021 23:24:43 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
355
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Artemis
aud.pubmatic.com/AdServer/ Frame 9193
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=453853BE-622D-4C70-AEBC-AD98526478D1&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=453853BE-622D-4C70-AEBC-AD98526478D1&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=453853BE-622D-4C70-AEBC-AD98526478D1&addseg=19,36,42
43 B
43 B
Image
General
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=453853BE-622D-4C70-AEBC-AD98526478D1&addseg=19,36,42
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:43 GMT
content-length
43
content-type
text/plain; charset=utf-8

Redirect headers

date
Wed, 22 Sep 2021 23:24:43 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=453853BE-622D-4C70-AEBC-AD98526478D1&addseg=19,36,42
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 9193
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=453853BE-622D-4C70-AEBC-AD98526478D1&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=453853BE-622D-4C70-AEBC-AD98526478D1&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B
Image
General
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=453853BE-622D-4C70-AEBC-AD98526478D1&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 23:24:43 GMT
frontend-id
2
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 Sep 2021 23:24:43 GMT
frontend-id
3
location
/pubmatic/1/info2?sType=sync&sExtCookieId=453853BE-622D-4C70-AEBC-AD98526478D1&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 9193
95 B
455 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=453853BE-622D-4C70-AEBC-AD98526478D1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:43 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
692f49d1e8cd974e-FRA
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame 9193
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=453853BE-622D-4C70-AEBC-AD98526478D1
  • https://a.audrte.com/p
68 B
942 B
Image
General
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.248.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-248-174.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 22 Sep 2021 23:24:43 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 22 Sep 2021 23:24:43 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
SPug
image4.pubmatic.com/AdServer/ Frame 9193
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=453853BE-622D-4C70-AEBC-AD98526478D1&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=453853BE-622D-4C70-AEBC-AD98526478D1&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ema40KJE2uVtGrTJ.lnwbAryE8FbFwM-~A&gdpr=0&gdpr_consent=
0
128 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ema40KJE2uVtGrTJ.lnwbAryE8FbFwM-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:43 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 22 Sep 2021 23:24:43 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ema40KJE2uVtGrTJ.lnwbAryE8FbFwM-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
453853BE-622D-4C70-AEBC-AD98526478D1
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 9193
43 B
839 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/453853BE-622D-4C70-AEBC-AD98526478D1?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:43 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9193
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=875739029850004032&expires=30&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e330c04b-dea3-4b7e-bf6a-438dd4f0a607&gdpr=&gdpr_consent=&gdpr_pd=
1 B
180 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e330c04b-dea3-4b7e-bf6a-438dd4f0a607&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:43 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug017:0:417
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e330c04b-dea3-4b7e-bf6a-438dd4f0a607&gdpr=&gdpr_consent=&gdpr_pd=
date
Wed, 22 Sep 2021 23:24:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 9193
0
104 B
Image
General
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=453853BE-622D-4C70-AEBC-AD98526478D1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 23:24:43 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 9193
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YUu7OwADldn0ewAR&gdpr=0&gdpr_consent=&_test=YUu7OwADldn0ewAR
1 B
235 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YUu7OwADldn0ewAR&gdpr=0&gdpr_consent=&_test=YUu7OwADldn0ewAR
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:43 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug018:0:404
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 22 Sep 2021 23:24:43 GMT
via
1.1 varnish
server
Varnish
x-timer
S1632353083.415463,VS0,VE0
x-served-by
cache-fra19161-FRA
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YUu7OwADldn0ewAR&gdpr=0&gdpr_consent=&_test=YUu7OwADldn0ewAR
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame 9193
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2518706843731342197&gdpr=0&gdpr_consent=&us_privacy=
1 B
341 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2518706843731342197&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:43 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug020:0:409
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2518706843731342197&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 22 Sep 2021 23:24:42 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame 9193
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
359 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:43 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug018:0:395
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 22 Sep 2021 23:24:42 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9193
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:8adb45b7-4333-46c1-98a0-198a286cc8fc&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
110 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:8adb45b7-4333-46c1-98a0-198a286cc8fc&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:43 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:326
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:8adb45b7-4333-46c1-98a0-198a286cc8fc&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Wed, 22 Sep 2021 23:24:43 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
48953915
mc.yandex.com/webvisor/
43 B
73 B
XHR
General
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=603935308&page-url=https%3A%2F%2Fask.fm%2Ffrancecoil85&rn=59777487&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1632353083%3Aw%3A1600x1200%3Av%3A644%3Az%3A0%3Ai%3A20210922232443%3Au%3A1632353080310271983%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1632353083
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 23:24:43 GMT
last-modified
Wed, 22-Sep-2021 23:24:43 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 22-Sep-2021 23:24:43 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 75F4
27 B
0
XHR
General
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Ffrancecoil85&schain=1.0,1!vidoomy.com,54345,1,1632353081358,,&us_privacy=&cb=1632353083099&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fask.fm%252Ffrancecoil85&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fask.fm%252Ffrancecoil85&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-9-22%2023:24:43&ranreq=0.32418220642472284&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Ffrancecoil85&schain=1.0,1!vidoomy.com,54345,1,1632353081358,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:43 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://ask.fm
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 1F84
67 B
711 B
XHR
General
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&playerSize=400x225&loc=https%3A%2F%2Fask.fm%2Ffrancecoil85&_fw_gdpr=&_fw_gdpr_consent=&cb=1632353081358&width=400&height=225&dnt=&ip=146.20.128.52&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&schain=1.0,1!vidoomy.com,54345,1,1632353081358,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:43 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1632353083211049-592
Expires
Wed, 22 Sep 2021 23:24:43 GMT
track
aktrack.pubmatic.com/ Frame 1F84
0
61 B
Image
General
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1632353083&wa=0&e=96&ier=901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:43 GMT
content-length
0
content-type
text/html
i
vid-io-cle.springserve.com/vd/ Frame 1F84
0
110 B
XHR
General
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=e363e6cc&ps_id=357265&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.12.29.116 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-12-29-116.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ask.fm
date
Wed, 22 Sep 2021 23:24:43 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 8D8E
152 KB
36 KB
Script
General
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Ffrancecoil85&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C20104624678227901967654445023%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:43 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
showad.js
ads.pubmatic.com/AdServer/js/ Frame 6D17
38 KB
14 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Ffrancecoil85&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C20104624678227901967654445023%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=453853BE-622D-4C70-AEBC-AD98526478D1; PUBMDCID=3; KRTBCOOKIE_57=22776-7636156164787956838; KRTBCOOKIE_153=19420-CqjSwF771cMRrd6TDfvLm1780ZER-NaQWa_WUhU1&KRTB&22979-CqjSwF771cMRrd6TDfvLm1780ZER-NaQWa_WUhU1; KRTBCOOKIE_80=22987-CAESEJH7b30vTh0uCVEX7_hqgZc&KRTB&16514-CAESEJH7b30vTh0uCVEX7_hqgZc&KRTB&23025-CAESEJH7b30vTh0uCVEX7_hqgZc; KRTBCOOKIE_377=6810-19e8b32c-8184-4af2-85b7-bc7580dd7727&KRTB&22918-19e8b32c-8184-4af2-85b7-bc7580dd7727&KRTB&23031-19e8b32c-8184-4af2-85b7-bc7580dd7727; KRTBCOOKIE_27=16735-uid:230b614b-bb39-4300-b04d-1511c93daab7&KRTB&16736-uid:230b614b-bb39-4300-b04d-1511c93daab7&KRTB&23019-uid:230b614b-bb39-4300-b04d-1511c93daab7&KRTB&23114-uid:230b614b-bb39-4300-b04d-1511c93daab7; KRTBCOOKIE_391=22924-5121012387558385027&KRTB&23263-5121012387558385027; KRTBCOOKIE_336=5844-6377988007333069753; pp=156498; PMDTSHR=cat:; chkChromeAb67Sec=2; DPSync3=1633478400%3A201_221_226_227_235_197_219%7C1632355200%3A174; SyncRTB3=1633564800%3A35%7C1633478400%3A3_21_22_55_8_220_7_71_166_161_56_81_54_13%7C1633132800%3A63%7C1632873600%3A223_2_15%7C1634860800%3A203; KRTBCOOKIE_22=14911-2518706843731342197; PugT=1632353083; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1101=23040-7010903107011868822; SPugT=1632353083; KRTBCOOKIE_466=16530-e330c04b-dea3-4b7e-bf6a-438dd4f0a607; KRTBCOOKIE_218=22978-YUu7OwADldn0ewAR&KRTB&23194-YUu7OwADldn0ewAR&KRTB&23209-YUu7OwADldn0ewAR&KRTB&23244-YUu7OwADldn0ewAR
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=164488
expires
Fri, 24 Sep 2021 21:06:11 GMT
date
Wed, 22 Sep 2021 23:24:43 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 8D8E
38 KB
14 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Ffrancecoil85&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C20104624678227901967654445023%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:44 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:07:52 GMT
server
Apache/2.2.15 (CentOS)
etag
"13006b6-974e-5c4c7cb53d8cb"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=164487
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13946
expires
Fri, 24 Sep 2021 21:06:11 GMT
t
t.lkqd.net/ Frame 7819
0
158 B
XHR
General
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.73 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Wed, 22 Sep 2021 23:24:44 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame
0
0
Preflight
General
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.73 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 22 Sep 2021 23:24:44 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
PugMaster
image6.pubmatic.com/AdServer/ Frame 6D17
2 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=96117776&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
3e7b9152d32734b5c103b914373802fb284954be73b0669814be4999a7d52dc0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1646
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame B9FB
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
88 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=453853BE-622D-4C70-AEBC-AD98526478D1; PUBMDCID=3; KRTBCOOKIE_57=22776-7636156164787956838; KRTBCOOKIE_153=19420-CqjSwF771cMRrd6TDfvLm1780ZER-NaQWa_WUhU1&KRTB&22979-CqjSwF771cMRrd6TDfvLm1780ZER-NaQWa_WUhU1; KRTBCOOKIE_80=22987-CAESEJH7b30vTh0uCVEX7_hqgZc&KRTB&16514-CAESEJH7b30vTh0uCVEX7_hqgZc&KRTB&23025-CAESEJH7b30vTh0uCVEX7_hqgZc; KRTBCOOKIE_377=6810-19e8b32c-8184-4af2-85b7-bc7580dd7727&KRTB&22918-19e8b32c-8184-4af2-85b7-bc7580dd7727&KRTB&23031-19e8b32c-8184-4af2-85b7-bc7580dd7727; KRTBCOOKIE_27=16735-uid:230b614b-bb39-4300-b04d-1511c93daab7&KRTB&16736-uid:230b614b-bb39-4300-b04d-1511c93daab7&KRTB&23019-uid:230b614b-bb39-4300-b04d-1511c93daab7&KRTB&23114-uid:230b614b-bb39-4300-b04d-1511c93daab7; KRTBCOOKIE_391=22924-5121012387558385027&KRTB&23263-5121012387558385027; KRTBCOOKIE_336=5844-6377988007333069753; pp=156498; PMDTSHR=cat:; DPSync3=1633478400%3A201_221_226_227_235_197_219%7C1632355200%3A174; KRTBCOOKIE_22=14911-2518706843731342197; PugT=1632353083; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1101=23040-7010903107011868822; SPugT=1632353083; KRTBCOOKIE_466=16530-e330c04b-dea3-4b7e-bf6a-438dd4f0a607; KRTBCOOKIE_218=22978-YUu7OwADldn0ewAR&KRTB&23194-YUu7OwADldn0ewAR&KRTB&23209-YUu7OwADldn0ewAR&KRTB&23244-YUu7OwADldn0ewAR; chkChromeAb67Sec=3; SyncRTB3=1633478400%3A99_161_81_13_21_22_55_3_230_165_231_8_88_189_176_220_234_222_7_71_54_204_166_56%7C1633132800%3A63%7C1632873600%3A223_15_2%7C1634860800%3A203%7C1633564800%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 22 Sep 2021 23:24:44 GMT
content-type
text/html; charset=utf-8
x-lat
lhrpug002:2:277
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

set-cookie
viewer_token=316d1ff6-02e7-4c3a-9ee0-9bfb776be99f; path=/; domain=csync.loopme.me; Expires=Fri, 22-Oct-2021 23:24:44 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Wed, 22 Sep 2021 23:24:44 GMT
server
_
sync
x.bidswitch.net/ Frame 9B9B
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-376acdc3-5507-46a4-89e4-19c62868c632-003&rndcb=3064578312
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=adconductor&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=adconductor&gdpr=1&user_id=-8Rygq-XdYHgwX7R_Jdr2a-QcdPglHbSqMNXhRmq
43 B
145 B
Document
General
Full URL
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=adconductor&gdpr=1&user_id=-8Rygq-XdYHgwX7R_Jdr2a-QcdPglHbSqMNXhRmq
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.48.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-48-21.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

:method
GET
:authority
x.bidswitch.net
:scheme
https
:path
/sync?dsp_id=76&user_group=2&ssp=adconductor&gdpr=1&user_id=-8Rygq-XdYHgwX7R_Jdr2a-QcdPglHbSqMNXhRmq
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
tuuid=e330c04b-dea3-4b7e-bf6a-438dd4f0a607; c=1632353080; tuuid_lu=1632353080
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 22 Sep 2021 23:24:44 GMT
content-type
image/gif
content-length
43
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Wed, 22 Sep 2021 23:24:44 GMT
content-length
0
cache-control
private, no-cache, no-store, proxy-revalidate
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=adconductor&gdpr=1&user_id=-8Rygq-XdYHgwX7R_Jdr2a-QcdPglHbSqMNXhRmq
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
set-cookie
d=EOQBEgGnJPijD9r7EA; expires=Tue, 21-Dec-2021 23:24:44 GMT; path=/; domain=.quantserve.com; SameSite=None; Secure
strict-transport-security
max-age=86400
dpe
ad4m.at/ad/ Frame 1E2B
42 B
974 B
Document
General
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 22 Sep 2021 23:24:44 GMT
content-type
image/gif
content-length
42
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-wmp3
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
692f49d77f166967-FRA
bridge
cm.adgrx.com/ Frame 2497
43 B
408 B
Document
General
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Date
Wed, 22 Sep 2021 23:24:44 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-1
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Pug
image2.pubmatic.com/AdServer/ Frame AF1A
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=a9oCQGlL7RfDx96AlSbvXhu8
42 B
371 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=a9oCQGlL7RfDx96AlSbvXhu8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=a9oCQGlL7RfDx96AlSbvXhu8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=453853BE-622D-4C70-AEBC-AD98526478D1; PUBMDCID=3; KRTBCOOKIE_57=22776-7636156164787956838; KRTBCOOKIE_153=19420-CqjSwF771cMRrd6TDfvLm1780ZER-NaQWa_WUhU1&KRTB&22979-CqjSwF771cMRrd6TDfvLm1780ZER-NaQWa_WUhU1; KRTBCOOKIE_80=22987-CAESEJH7b30vTh0uCVEX7_hqgZc&KRTB&16514-CAESEJH7b30vTh0uCVEX7_hqgZc&KRTB&23025-CAESEJH7b30vTh0uCVEX7_hqgZc; KRTBCOOKIE_377=6810-19e8b32c-8184-4af2-85b7-bc7580dd7727&KRTB&22918-19e8b32c-8184-4af2-85b7-bc7580dd7727&KRTB&23031-19e8b32c-8184-4af2-85b7-bc7580dd7727; KRTBCOOKIE_27=16735-uid:230b614b-bb39-4300-b04d-1511c93daab7&KRTB&16736-uid:230b614b-bb39-4300-b04d-1511c93daab7&KRTB&23019-uid:230b614b-bb39-4300-b04d-1511c93daab7&KRTB&23114-uid:230b614b-bb39-4300-b04d-1511c93daab7; KRTBCOOKIE_391=22924-5121012387558385027&KRTB&23263-5121012387558385027; KRTBCOOKIE_336=5844-6377988007333069753; pp=156498; PMDTSHR=cat:; DPSync3=1633478400%3A201_221_226_227_235_197_219%7C1632355200%3A174; KRTBCOOKIE_22=14911-2518706843731342197; PugT=1632353083; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1101=23040-7010903107011868822; SPugT=1632353083; KRTBCOOKIE_466=16530-e330c04b-dea3-4b7e-bf6a-438dd4f0a607; KRTBCOOKIE_218=22978-YUu7OwADldn0ewAR&KRTB&23194-YUu7OwADldn0ewAR&KRTB&23209-YUu7OwADldn0ewAR&KRTB&23244-YUu7OwADldn0ewAR; chkChromeAb67Sec=3; SyncRTB3=1633478400%3A99_161_81_13_21_22_55_3_230_165_231_8_88_189_176_220_234_222_7_71_54_204_166_56%7C1633132800%3A63%7C1632873600%3A223_15_2%7C1634860800%3A203%7C1633564800%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 22 Sep 2021 23:24:44 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_409=22966-a9oCQGlL7RfDx96AlSbvXhu8; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 22-Oct-2021 23:24:44 GMT; path=/ PugT=1632353084; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 22-Oct-2021 23:24:44 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 21-Dec-2021 23:24:44 GMT; path=/
x-lat
lhrpug011:0:402
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Wed, 22 Sep 2021 23:24:44 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=a9oCQGlL7RfDx96AlSbvXhu8; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=a9oCQGlL7RfDx96AlSbvXhu8
strict-transport-security
max-age=0; includeSubDomains;
i.match
s.tribalfusion.com/z/ Frame 3100
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
414 B
Document
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
ANON_ID=aJnoeUp26Ur8e4OEaRZakZccCbjwTcPrB9s1XdAXv5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 22 Sep 2021 23:24:44 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aVnseFpyXagbqiVREFmMRM9Zc7YtiHguqFF4sY6ncywxrQgMd3hMk834wiIOSpdZcE8Ma3rqUZcrt1tM9ekfI5b; path=/; domain=.tribalfusion.com; expires=Tue, 21-Dec-2021 23:24:44 GMT; SameSite=None; Secure; ANON_ID_old=aVnseFpyXagbqiVREFmMRM9Zc7YtiHguqFF4sY6ncywxrQgMd3hMk834wiIOSpdZcE8Ma3rqUZcrt1tM9ekfI5b; path=/; domain=.tribalfusion.com; expires=Tue, 21-Dec-2021 23:24:44 GMT;
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
692f49d8bb9868fd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Wed, 22 Sep 2021 23:24:44 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
4342
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aJnoeUp26Ur8e4OEaRZakZccCbjwTcPrB9s1XdAXv5; path=/; domain=.tribalfusion.com; expires=Tue, 21-Dec-2021 23:24:44 GMT; SameSite=None; Secure; ANON_ID_old=aJnoeUp26Ur8e4OEaRZakZccCbjwTcPrB9s1XdAXv5; path=/; domain=.tribalfusion.com; expires=Tue, 21-Dec-2021 23:24:44 GMT;
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
692f49d78a2b68fd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 78C5
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=04bcb178-9cdd-4520-a8ea-d4849b09b8df-tuct84540bc&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
147 B
Document
General
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=04bcb178-9cdd-4520-a8ea-d4849b09b8df-tuct84540bc&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=04bcb178-9cdd-4520-a8ea-d4849b09b8df-tuct84540bc&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
t_gid=04bcb178-9cdd-4520-a8ea-d4849b09b8df-tuct84540bc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Wed, 22 Sep 2021 23:24:44 GMT
via
1.1 varnish
x-served-by
cache-fra19181-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1632353084.154290,VS0,VE8
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=04bcb178-9cdd-4520-a8ea-d4849b09b8df-tuct84540bc;Version=1;Path=/;Domain=.taboola.com;Expires=Thu, 22-Sep-2022 23:24:44 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=04bcb178-9cdd-4520-a8ea-d4849b09b8df-tuct84540bc&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Wed, 22 Sep 2021 23:24:44 GMT
via
1.1 varnish
x-served-by
cache-fra19133-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1632353084.081998,VS0,VE9
x-vcl-time-ms
9
content-length
0
141
match.deepintent.com/usersync/ Frame EEB2
0
44 B
Document
General
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Wed, 22 Sep 2021 23:24:43 GMT
server
a
Pug
simage2.pubmatic.com/AdServer/ Frame 6D17
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7636156164787956838
42 B
186 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7636156164787956838
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:44 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:352
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:44 GMT
X-Proxy-Origin
136.243.198.85; 136.243.198.85; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
924fec84-d9ab-46ed-9a1b-df556ca12840
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7636156164787956838
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
d1ba4609
rtb.gumgum.com/getuid/ Frame 6D17
35 B
238 B
Image
General
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 23:24:44 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
optad360.js
serving.stat-rock.com/player/
307 KB
96 KB
Script
General
Full URL
https://serving.stat-rock.com/player/optad360.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.120.254 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap15.adplayer.pro
Software
nginx /
Resource Hash
dec9b1658814521902f86d8ba736b2e32de4fc3642069815e0a7d852f0ca9383

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:44 GMT
content-encoding
gzip
last-modified
Mon, 06 Sep 2021 07:45:44 GMT
server
nginx
etag
W/"6135c728-4caf3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600
/
adx.adform.net/adx/
5 B
534 B
XHR
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTgwMjYyMCZ0cmFuc2FjdGlvbklkPTQ1MTE1MjFhLTI2NDYtNDMxMC04YmZlLWRmYzhiYjY1MjA4NiZyY3VyPVBMTg%3D%3D&pt=gross&stid=b1b259a8-72de-444e-bf65-90ff6f994d05&gdpr=0&gdpr_consent=undefined&fd=1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 23:24:44 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
prebid
ib.adnxs.com/ut/v3/
19 B
845 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:44 GMT
X-Proxy-Origin
136.243.198.85; 136.243.198.85; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
134cd52d-2180-4e4f-a3dc-3c2bc0eb3275
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/
19 B
845 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:44 GMT
X-Proxy-Origin
136.243.198.85; 136.243.198.85; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
e3a33586-bf50-4401-93fe-b7ce033740e4
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 8D8E
27 B
347 B
XHR
General
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Ffrancecoil85&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C20104624678227901967654445023%2C%2C&us_privacy=&cb=1632353083989&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fask.fm%252Ffrancecoil85&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fask.fm%252Ffrancecoil85&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-9-22%2023:24:44&ranreq=0.5801085327839643&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Ffrancecoil85&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C20104624678227901967654445023%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:44 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://ask.fm
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
truncated
/
630 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
Cookie set francecoil85
ask.fm/
13 KB
14 KB
XHR
General
Full URL
https://ask.fm/francecoil85
Requested by
Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/optad360.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.138.77.140 , Latvia, ASN395754 (ASK-FM, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
fcce7f405cb29f7e894f85e2243224134721ed82780f5767f2e06e7927c56747
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://ask.fm/francecoil85
Cookie
locale=de; uuid=32c41fc8-bdf5-4dd5-8592-9237e7aa5f39; country=DE; _m_ask_fm_session=VHgrVGpWZ0hJa3I0OEhGR1ZyUXh3akI4Mlg3aGJZcThkeHhLR0FHT0tDckhLRGZzZDNMQk1DRlZUQkNDU1VlRmF2YkJIM1d0NGhrdE1TVzJ6Vi94WEZLVS9lQjRFakp2NEkvY2JsTk81K1R2NDlReG1BdzBWYUhHZ3dhdTNKOGVBaEdhTHgzeHFwSFl2SUUrZURpTDRraEcvV0lDaE5CcWtpeWtkVytNZjduWWNmQ3FtMzVWYjM3bmVzOVFLMTJTY1JFSHh4SXRtb3hVM211dWZWQ2hiNVI4a2tYS3Z6WFJQejlReEdnUjdYcEJPQncwV1ZiNXZEWWxvMWh3VSs2MC0tQWxRek5YcjhzS0JBUGo1OXd2N1BnUT09--8c5bdc40ce3814a4628afe7ce6b2b356ef3e20e5; _ym_uid=1632353080310271983; _ym_d=1632353080; _ym_isad=2; _ym_visorc=w; _awl=2.1632353081.0.4-2bd826b9-2f1896cc1d071bd3729b8e886e516ead-6763652d6575726f70652d7765737431-614bbb39-0; _ga=GA1.2.781557306.1632353081; _gid=GA1.2.1341908820.1632353081; _gat_UA-12308109-15=1; _pbjs_userid_consent_data=6683316680106290; cto_bidid=LngGWF91TTN4Z1RncDRrNDRONjl0RzAwbmd5WVFHSllmc2J3aDQwZSUyQjg2MFkwbHVkcW1SbGpCN1pSJTJGTnBDSGd6ak5SVXVjYWw1N1hGblV6eDV0V2pUTmxsWGclM0QlM0Q; cto_bundle=2X8AGl9jRlVyYXc4QlI2bTJBVnlWazhlYVlSTENvMWhQUHVlRjFuWER4bG03TlhtM1dIVVNaJTJCMVA4VE1TNElPQlQzMWRBJTJCbHNxRXJUWCUyQmkzQ3RoMiUyRktPaUhKdmlmRUljZ0Nrbk5IeDQ1cDlRc3hnJTNE
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/francecoil85
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 22 Sep 2021 23:24:44 GMT
X-Content-Type-Options
nosniff
Server
Ask.FM Web Service
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=63072000
Content-Type
text/html; charset=utf-8
Status
410 Gone
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Security-Policy
frame-ancestors 'self' https://askfm.adspirit.de
Set-Cookie
locale=de; path=/; expires=Fri, 23 Sep 2022 05:24:44 GMT _m_ask_fm_session=UExtckVaSjVTZktWOTZLbWRwSDdNN0FGR0JweG9LVS9ENzZQVUhmeHhtSEwxa1ZJMFdoSmQ0UENRdTJad2xNWFFEQ2ZUTEQ3eG81TnIvK29LTzltWjRXR09nY1k5MWRsRmRvZ1lKaUtQTjRQNTdXVGNEWVlTN0ZLdmUrRk5DejNOWll5MUpzb0k1OHFhOGk2VFpnYUk3Q1hDbVo0MERVWXdFdzBNbmxDRTl2dzZqYnlwSlo3eEVWRmp5T05haEdTYXRqTDYwOXNoczE5ZjJNUElZVjU3NVRpVTJ3ZHlKNHVoaW05ZWtuc0RSTWlCUE51dCtTRGQ2QXNDS3A5NmpQNC0tSjh3V2VFUVZuN0ZTN3hWT0F3NklGdz09--876bbb0f35f50faed19456c68d121811fc453d99; path=/; expires=Sat, 25 Sep 2021 23:24:44 GMT; secure; HttpOnly
X-XSS-Protection
1; mode=block
1
serving.stat-rock.com/v1/log/js/
35 B
163 B
Image
General
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1632353084514.196&type=INIT&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Ffrancecoil85&t=261&v=96&width=528&z=p%3Adf%3Bv%3AinView%3B&r=0.4673410572010759
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.120.254 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap15.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Wed, 22 Sep 2021 23:24:44 GMT
srvf
144.76.120.254
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
1
serving.stat-rock.com/v1/log/js/
35 B
162 B
Image
General
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1632353084514.196&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Ffrancecoil85&t=266&v=96&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.2070986136711661
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.120.254 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap15.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Wed, 22 Sep 2021 23:24:44 GMT
srvf
144.76.120.254
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
t
t.lkqd.net/ Frame
0
0
Preflight
General
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.73 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 22 Sep 2021 23:24:44 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 7819
0
158 B
XHR
General
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.73 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Wed, 22 Sep 2021 23:24:44 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
track
aktrack.pubmatic.com/ Frame 8D8E
0
61 B
Image
General
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1632353085&wa=0&e=95&vc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:44 GMT
content-length
0
content-type
text/html
/
onetag-sys.com/usync/ Frame 6579
2 KB
823 B
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1632353081330
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?cb=1632353081330
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 97B3
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ask.fm/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=7636156164787956838
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Thu, 23 Sep 2021 23:24:46 GMT
Date
Wed, 22 Sep 2021 23:24:44 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame D71C
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ask.fm/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=7636156164787956838
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Thu, 23 Sep 2021 23:24:46 GMT
Date
Wed, 22 Sep 2021 23:24:44 GMT
Connection
keep-alive
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame EAB3
2 KB
1 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ask.fm/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Wed, 22 Sep 2021 23:24:44 GMT
Connection
keep-alive
/
onetag-sys.com/usync/ Frame FE34
2 KB
823 B
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1632353084207
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?cb=1632353084207
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
apacdex
sync.quantumdex.io/usersync/ Frame FEF6
3 KB
888 B
Document
General
Full URL
https://sync.quantumdex.io/usersync/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faa6940b83430b780923c2b4332706ae7e518ce9e567ac2699c14c778417c317

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/apacdex
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
cookie
uid=a4d96b2c-e3af-4af1-83f0-764b60049336
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

date
Wed, 22 Sep 2021 23:24:44 GMT
content-type
text/html
set-cookie
uid=a4d96b2c-e3af-4af1-83f0-764b60049336; expires=Tue, 12 Oct 2021 23:24:44 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
692f49db4ac74a8c-FRA
content-encoding
gzip
connectmyusers.php
cdn.connectad.io/ Frame F338
0
0
Document
General
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
cdn.connectad.io
:scheme
https
:path
/connectmyusers.php?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

date
Wed, 22 Sep 2021 23:24:44 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
referrer-policy
same-origin
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
692f49db5dab2bc2-FRA
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
sspmatch-iframe
ads.betweendigital.com/ Frame 69CC
658 B
837 B
Document
General
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.212.252.2 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
dd9a6f5f079397ea8ea098ab4d56b53a2130d72ecc1e8a582638e0a4a5653cb4

Request headers

:method
GET
:authority
ads.betweendigital.com
:scheme
https
:path
/sspmatch-iframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ask.fm/
accept-encoding
gzip, deflate, br
cookie
dc=mow1; tuuid=3ace5b13-1f9d-510a-ada6-7ea4ccedc59d; ut=YUu7OQAGozisoawsb2fZ3orcpXFB3SZprQixVQ==; ss=1; unm=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
set-cookie
unm=; Max-Age=0; Expires=Wed, 22 Sep 2021 23:24:44 GMT; Path=/; SameSite=None; Secure
content-length
658
/
onetag-sys.com/usync/
0
52 B
Image
General
Full URL
https://onetag-sys.com/usync/?tag=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
async_usersync
ib.adnxs.com/ Frame 97B3
0
733 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:44 GMT
X-Proxy-Origin
136.243.198.85; 136.243.198.85; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
5f37c600-2af9-4776-8eda-21dc33c3c59c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame D71C
0
733 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:44 GMT
X-Proxy-Origin
136.243.198.85; 136.243.198.85; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
0b958a5c-8e16-4fbf-8093-4f2ae434deb5
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 7C74
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4b5fa020544018ad790c68df754874d918d3afd87445af487d5b8e069b7ae9f

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Cookie
CMID=YUu7PDFHrsWDWEQng1By6AAA; CMPS=5237
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|241|39|45|31|8|88|238
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1745
Expires
Wed, 22 Sep 2021 23:24:44 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:44 GMT
Connection
keep-alive
Set-Cookie
CMID=YUu7PDFHrsWDWEQng1By6AAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 22 Sep 2022 23:24:44 GMT CMPS=5237;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 21 Dec 2021 23:24:44 GMT CMPRO=1199;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 21 Dec 2021 23:24:44 GMT CMST=YUu7PGFLuzwA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 23 Sep 2021 23:24:44 GMT CMRUM3=08614bbb3c05a00&1f614bbb3c05a00&ee614bbb3c2760&27614bbb3c0b40&58614bbb3c05a0&e6614bbb3c2760&f1614bbb3c05a0&2d614bbb3c05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 22 Sep 2022 23:24:44 GMT

Redirect headers

Server
Apache
Content-Length
329
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Wed, 22 Sep 2021 23:24:44 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:44 GMT
Connection
keep-alive
Set-Cookie
CMID=YUu7PDFHrsWDWEQng1By6AAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 22 Sep 2022 23:24:44 GMT CMPS=5237;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 21 Dec 2021 23:24:44 GMT
match
ads.betweendigital.com/ Frame 69CC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=e330c04b-dea3-4b7e-bf6a-438dd4f0a607
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=e330c04b-dea3-4b7e-bf6a-438dd4f0a607
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=05865562-f166-4d74-b724-1e510ee18879&ssp=between&expires=30&user_group=5&bsw_param=e330c04b-dea3-4b7e-bf6a-438dd4f0a607
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=e330c04b-dea3-4b7e-bf6a-438dd4f0a607
68 B
607 B
Image
General
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=e330c04b-dea3-4b7e-bf6a-438dd4f0a607
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.212.252.2 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=e330c04b-dea3-4b7e-bf6a-438dd4f0a607
date
Wed, 22 Sep 2021 23:24:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
match
ads.betweendigital.com/ Frame 69CC
Redirect Chain
  • https://px.adhigh.net/p/cm/btw
  • https://px.adhigh.net/p/cm/btw?bounced=1
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=Mml1rvnRJE8.AikABlF8D9Nlzg
68 B
607 B
Image
General
Full URL
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=Mml1rvnRJE8.AikABlF8D9Nlzg
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.212.252.2 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 22 Sep 2021 23:24:44 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f4-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=Mml1rvnRJE8.AikABlF8D9Nlzg
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
match
ads.betweendigital.com/ Frame 69CC
Redirect Chain
  • https://sync.bumlam.com/?src=bw1&uid=3ace5b13-1f9d-510a-ada6-7ea4ccedc59d
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABi89q6KBlIFvp7KygpiJDNhY2U1YjEzLTFmOWQtNTEwYS1hZGE2LTdlYTRjY2VkYzU5ZA**
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARi89q6KBlIFvp7KygpiJDNhY2U1YjEzLTFmOWQtNTEwYS1hZGE2LTdlYTRjY2VkYzU5ZKIBEEU8Vb4b_BHshuAAJZDAZHw*
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQABi89q6KBmIkM2FjZTViMTMtMWY5ZC01MTBhLWFkYTYtN2VhNGNjZWRjNTlkogEQRTxVvhv8EeyG4AAlkMBkfA**
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQARi89q6KBmIkM2FjZTViMTMtMWY5ZC01MTBhLWFkYTYtN2VhNGNjZWRjNTlkogEQRTxVvhv8EeyG4AAlkMBkfA**
  • https://ads.betweendigital.com/match?bidder_id=18&external_user_id=453c55be-1bfc-11ec-86e0-002590c0647c
68 B
607 B
Image
General
Full URL
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=453c55be-1bfc-11ec-86e0-002590c0647c
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.212.252.2 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Date
Wed, 22 Sep 2021 23:24:44 GMT
Server
nginx
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=453c55be-1bfc-11ec-86e0-002590c0647c
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
match
ads.betweendigital.com/ Frame 69CC
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true
  • https://ads.betweendigital.com/match?bidder_id=114&external_user_id=cf49f7aed0b0044759579798
68 B
607 B
Image
General
Full URL
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=cf49f7aed0b0044759579798
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.212.252.2 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Date
Wed, 22 Sep 2021 23:24:44 GMT
Server
nginx
Location
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=cf49f7aed0b0044759579798
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
bidder_18.html
cache.betweendigital.com/code/ Frame B91A
4 KB
1 KB
Document
General
Full URL
https://cache.betweendigital.com/code/bidder_18.html?USER_ID=3ace5b13-1f9d-510a-ada6-7ea4ccedc59d&CACHEBUSTER=698889
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.71.146 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

:method
GET
:authority
cache.betweendigital.com
:scheme
https
:path
/code/bidder_18.html?USER_ID=3ace5b13-1f9d-510a-ada6-7ea4ccedc59d&CACHEBUSTER=698889
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.betweendigital.com/
accept-encoding
gzip, deflate, br
cookie
dc=mow1; tuuid=3ace5b13-1f9d-510a-ada6-7ea4ccedc59d; ut=YUu7OQAGozisoawsb2fZ3orcpXFB3SZprQixVQ==; ss=1; unm=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/

Response headers

server
nginx
date
Wed, 22 Sep 2021 23:24:45 GMT
content-type
text/html
last-modified
Tue, 08 Jun 2021 15:45:03 GMT
etag
W/"60bf907f-ee9"
content-encoding
gzip
Cookie set francecoil85
ask.fm/
13 KB
14 KB
XHR
General
Full URL
https://ask.fm/francecoil85
Requested by
Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/optad360.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.138.77.140 , Latvia, ASN395754 (ASK-FM, US),
Reverse DNS
Software
Ask.FM Web Service /
Resource Hash
3829084b56b71e2042822542dd4498849ab63dd2306ee402e8ff000d6d091c8a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://ask.fm/francecoil85
Cookie
locale=de; uuid=32c41fc8-bdf5-4dd5-8592-9237e7aa5f39; country=DE; _ym_uid=1632353080310271983; _ym_d=1632353080; _ym_isad=2; _ym_visorc=w; _awl=2.1632353081.0.4-2bd826b9-2f1896cc1d071bd3729b8e886e516ead-6763652d6575726f70652d7765737431-614bbb39-0; _ga=GA1.2.781557306.1632353081; _gid=GA1.2.1341908820.1632353081; _gat_UA-12308109-15=1; _pbjs_userid_consent_data=6683316680106290; cto_bidid=LngGWF91TTN4Z1RncDRrNDRONjl0RzAwbmd5WVFHSllmc2J3aDQwZSUyQjg2MFkwbHVkcW1SbGpCN1pSJTJGTnBDSGd6ak5SVXVjYWw1N1hGblV6eDV0V2pUTmxsWGclM0QlM0Q; cto_bundle=2X8AGl9jRlVyYXc4QlI2bTJBVnlWazhlYVlSTENvMWhQUHVlRjFuWER4bG03TlhtM1dIVVNaJTJCMVA4VE1TNElPQlQzMWRBJTJCbHNxRXJUWCUyQmkzQ3RoMiUyRktPaUhKdmlmRUljZ0Nrbk5IeDQ1cDlRc3hnJTNE; _m_ask_fm_session=UExtckVaSjVTZktWOTZLbWRwSDdNN0FGR0JweG9LVS9ENzZQVUhmeHhtSEwxa1ZJMFdoSmQ0UENRdTJad2xNWFFEQ2ZUTEQ3eG81TnIvK29LTzltWjRXR09nY1k5MWRsRmRvZ1lKaUtQTjRQNTdXVGNEWVlTN0ZLdmUrRk5DejNOWll5MUpzb0k1OHFhOGk2VFpnYUk3Q1hDbVo0MERVWXdFdzBNbmxDRTl2dzZqYnlwSlo3eEVWRmp5T05haEdTYXRqTDYwOXNoczE5ZjJNUElZVjU3NVRpVTJ3ZHlKNHVoaW05ZWtuc0RSTWlCUE51dCtTRGQ2QXNDS3A5NmpQNC0tSjh3V2VFUVZuN0ZTN3hWT0F3NklGdz09--876bbb0f35f50faed19456c68d121811fc453d99
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/francecoil85
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 22 Sep 2021 23:24:44 GMT
X-Content-Type-Options
nosniff
Server
Ask.FM Web Service
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=63072000
Content-Type
text/html; charset=utf-8
Status
410 Gone
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Security-Policy
frame-ancestors 'self' https://askfm.adspirit.de
Set-Cookie
locale=de; path=/; expires=Fri, 23 Sep 2022 05:24:44 GMT _m_ask_fm_session=ellRT1NBR0pLT1lDVUxtVWJmVFFwRCs4OVNqeWp0QmNDaEV2Y1Uzd2xITjUwakNQQmZraVBTVW5SbTM2R0dNcURiUERuOG1Gbmh6NFFwRDJuZC9UN0o1b3lvMVZWeDVDRDVnZy9GQ0ZMT2ltb0Y2Zzd4Y0pRdW8vNmE2RVlBVDJvU25SaUtxZGpPV2pNNjljNUJzZE4wZitWaTlIYlU5azE1Y0pKakEvNnZ6QURoaXJwRkZIdmhYOWJtamx0L1NNU293a1hXVUMxQ0NuWWtkaFVwTXp0M0ZjeXBhdXFjM25FVTJZamIrYUpyYkpXRWhGZDNUR0lKMlB6WGRyY0M4ei0tak9YdE42ZFc5NlBXQ0VYSzFKcEFBQT09--5fdc1142c72ebc816536a26fec91cdb66b0958af; path=/; expires=Sat, 25 Sep 2021 23:24:44 GMT; secure; HttpOnly
X-XSS-Protection
1; mode=block
1
serving.stat-rock.com/v1/log/js/
35 B
162 B
Image
General
Full URL
https://serving.stat-rock.com/v1/log/js/1?d=1&id=1632353084514.196&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Ffrancecoil85&t=527&v=96&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.12236322820806844
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.120.254 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap15.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Wed, 22 Sep 2021 23:24:44 GMT
srvf
144.76.120.254
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
usermatchredir
ssum-sec.casalemedia.com/ Frame 7C74
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YUu7PDFHrsWDWEQng1By6AAABK8AAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKNkQ6hQn_d53MTHkTxBuxY&google_cver=1
43 B
315 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKNkQ6hQn_d53MTHkTxBuxY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 22 Sep 2021 23:24:44 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 Sep 2021 23:24:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKNkQ6hQn_d53MTHkTxBuxY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 7C74
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YUu7PDFHrsWDWEQng1By6AAABK8AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YUu7PDFHrsWDWEQng1By6AAABK8AAAAB&dcc=t
43 B
645 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YUu7PDFHrsWDWEQng1By6AAABK8AAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:45 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
JAWTRNRCR9AVTMFA1W2Z
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:45 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
VBGWS7ZKDP6K05TM9G3G
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YUu7PDFHrsWDWEQng1By6AAABK8AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 7C74
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 23:24:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 7C74
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YUu7PDFHrsWDWEQng1By6AAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHHcj_ZTyDWN74UsEbw7OaU&google_cver=1&gdpr=1
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHHcj_ZTyDWN74UsEbw7OaU&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 22 Sep 2021 23:24:44 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 Sep 2021 23:24:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHHcj_ZTyDWN74UsEbw7OaU&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
noop
px.owneriq.net/ Frame 7C74
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6856394842015386902&uid=Q6856394842015386902&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B
Image
General
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 22 Sep 2021 23:24:44 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Wed, 22 Sep 2021 23:24:44 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 7C74
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=4307ec3c-db09-48c2-bf06-76aeaa61b3a5&expiration=1663889085
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=4307ec3c-db09-48c2-bf06-76aeaa61b3a5&expiration=1663889085
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 22 Sep 2021 23:24:45 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=4307ec3c-db09-48c2-bf06-76aeaa61b3a5&expiration=1663889085
date
Wed, 22 Sep 2021 23:24:45 GMT
server
Kestrel
content-length
0
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 7C74
85 B
259 B
Image
General
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 23:24:44 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1632353085.800776,VS0,VE92
x-served-by
cache-fra19161-FRA
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
461886.gif
idsync.rlcdn.com/ Frame 7C74
0
0
Image
General
Full URL
https://idsync.rlcdn.com/461886.gif?partner_uid=YUu7PDFHrsWDWEQng1By6AAA%261199&&gdpr_consent=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

htw-pixel.gif
js-sec.indexww.com/ht/ Frame 7C74
43 B
425 B
Image
General
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YUu7PDFHrsWDWEQng1By6AAA%261199
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 22 Sep 2021 23:24:44 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1382
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Wed, 22 Sep 2021 23:47:46 GMT
setuid
sync.quantumdex.io/ Frame FEF6
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ym2eS9hE2uHNM7KHG1jnKHR7.E9wcM32q7l1dB8-~A
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ym2eS9hE2uHNM7KHG1jnKHR7.E9wcM32q7l1dB8-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
692f49dc6c0a4a8c-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Wed, 22 Sep 2021 23:24:44 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ym2eS9hE2uHNM7KHG1jnKHR7.E9wcM32q7l1dB8-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame FEF6
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=cf49f7aed0b0044759579798
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=cf49f7aed0b0044759579798
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
692f49dc5c014a8c-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Wed, 22 Sep 2021 23:24:44 GMT
Server
nginx
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=cf49f7aed0b0044759579798
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
sync.quantumdex.io/ Frame FEF6
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-376acdc3-5507-46a4-89e4-19c62868c632-003&rndcb=3434185476
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=e330c04b-dea3-4b7e-bf6a-438dd4f0a607&google_hm=ZTMzMGMwNGItZGVhMy00YjdlLWJmNmEtNDM4ZGQ0ZjBh...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEG1_trK-zeNWJzB7eM4nkkQ&google_cver=1&ssp=adconductor&bsw_param=e330c04b-dea3-4b7e-bf6a-438dd4f0a607
  • https://sync.1rx.io/usersync/bidswitch/e330c04b-dea3-4b7e-bf6a-438dd4f0a607?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-376acdc3-5507-46a4-89e4-19c62868c632-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-376acdc3-5507-46a4-89e4-19c6286...
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-376acdc3-5507-46a4-89e4-19c62868c632-003
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-376acdc3-5507-46a4-89e4-19c62868c632-003
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
692f49dcec984a8c-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-376acdc3-5507-46a4-89e4-19c62868c632-003
date
Wed, 22 Sep 2021 23:24:44 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX376acdc3550746a489e419c62868c632003
content-type
text/html
setuid
sync.quantumdex.io/ Frame FEF6
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7636156164787956838
43 B
106 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7636156164787956838
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
692f49dc3bd24a8c-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:44 GMT
X-Proxy-Origin
136.243.198.85; 136.243.198.85; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
c843c039-7643-49ef-8686-23cb27f5f01d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7636156164787956838
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame FEF6
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=46bfd5b7-139e-46f5-a8b4-20e8c9e3df44
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=46bfd5b7-139e-46f5-a8b4-20e8c9e3df44
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
692f49dceca14a8c-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=46bfd5b7-139e-46f5-a8b4-20e8c9e3df44
date
Wed, 22 Sep 2021 23:24:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
692f49dc5bf24a8c-FRA
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
setuid
sync.quantumdex.io/ Frame FEF6
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=060d8968-fd4b-4137-9107-abbbd6ab2e42
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=060d8968-fd4b-4137-9107-abbbd6ab2e42
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
692f49dc9c3e4a8c-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=060d8968-fd4b-4137-9107-abbbd6ab2e42
date
Wed, 22 Sep 2021 23:24:44 GMT
content-length
0
1.gif
id5-sync.com/c/495/0/0/ Frame FEF6
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
43 B
1 KB
Image
General
Full URL
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.156 , France, ASN16276 (OVH, FR),
Reverse DNS
p07.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 22 Sep 2021 23:24:41 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Location
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date
Wed, 22 Sep 2021 23:24:41 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
us
sync.go.sonobi.com/ Frame FEF6
0
478 B
Image
General
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:44 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame FEF6
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7636156164787956838
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7636156164787956838
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
692f49dc3bd34a8c-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:44 GMT
X-Proxy-Origin
136.243.198.85; 136.243.198.85; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
8b624fb8-8e86-4c83-82be-d75e5f46fdd1
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7636156164787956838
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame FEF6
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP453c7018-1bfc-11ec-b823-02d121a62cd4
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP453c7018-1bfc-11ec-b823-02d121a62cd4
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP453c7018-1bfc-11ec-b823-02d121a62cd4
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
692f49dccc784a8c-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Wed, 22 Sep 2021 23:24:44 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP453c7018-1bfc-11ec-b823-02d121a62cd4
Connection
keep-alive
Content-Length
0
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 5176
1 KB
3 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b1b6b2b9feb08819c49aa5970e262efcabc881ddb6535ae1cfc27f03e40d79c

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Cookie
CMID=YUu7PDFHrsWDWEQng1By6AAA; CMPS=5237; CMPRO=1199; CMST=YUu7PGFLuzwA; CMRUM3=08614bbb3c05a00&1f614bbb3c05a00&ee614bbb3c2760&27614bbb3c0b40&58614bbb3c05a0&e6614bbb3c2760&f1614bbb3c05a0&2d614bbb3c05a0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|46|3|4|111|221|152|123
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1466
Expires
Wed, 22 Sep 2021 23:24:44 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:44 GMT
Connection
keep-alive
Set-Cookie
CMID=YUu7PDFHrsWDWEQng1By6AAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 22 Sep 2022 23:24:44 GMT CMPS=5237;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 21 Dec 2021 23:24:44 GMT CMPRO=1199;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 21 Dec 2021 23:24:44 GMT CMRUM3=1f614bbb3c05a00&49614bbb3c05a0&2e614bbb3c05a0&04614bbb3c05a0&dd614bbb3c2760&03614bbb3c05a0&08614bbb3c05a00&98614bbb3c05a00&e6614bbb3c2760&ee614bbb3c2760&27614bbb3c0b40&58614bbb3c05a0&6f614bbb3c05a0&f1614bbb3c05a0&7b614bbb3c05a00&2d614bbb3c05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 22 Sep 2022 23:24:44 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D76E
14 KB
5 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=453853BE-622D-4C70-AEBC-AD98526478D1; PUBMDCID=3; KRTBCOOKIE_57=22776-7636156164787956838; KRTBCOOKIE_153=19420-CqjSwF771cMRrd6TDfvLm1780ZER-NaQWa_WUhU1&KRTB&22979-CqjSwF771cMRrd6TDfvLm1780ZER-NaQWa_WUhU1; KRTBCOOKIE_80=22987-CAESEJH7b30vTh0uCVEX7_hqgZc&KRTB&16514-CAESEJH7b30vTh0uCVEX7_hqgZc&KRTB&23025-CAESEJH7b30vTh0uCVEX7_hqgZc; KRTBCOOKIE_377=6810-19e8b32c-8184-4af2-85b7-bc7580dd7727&KRTB&22918-19e8b32c-8184-4af2-85b7-bc7580dd7727&KRTB&23031-19e8b32c-8184-4af2-85b7-bc7580dd7727; KRTBCOOKIE_27=16735-uid:230b614b-bb39-4300-b04d-1511c93daab7&KRTB&16736-uid:230b614b-bb39-4300-b04d-1511c93daab7&KRTB&23019-uid:230b614b-bb39-4300-b04d-1511c93daab7&KRTB&23114-uid:230b614b-bb39-4300-b04d-1511c93daab7; KRTBCOOKIE_391=22924-5121012387558385027&KRTB&23263-5121012387558385027; KRTBCOOKIE_336=5844-6377988007333069753; pp=156498; PMDTSHR=cat:; DPSync3=1633478400%3A201_221_226_227_235_197_219%7C1632355200%3A174; KRTBCOOKIE_22=14911-2518706843731342197; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1101=23040-7010903107011868822; SPugT=1632353083; KRTBCOOKIE_466=16530-e330c04b-dea3-4b7e-bf6a-438dd4f0a607; KRTBCOOKIE_218=22978-YUu7OwADldn0ewAR&KRTB&23194-YUu7OwADldn0ewAR&KRTB&23209-YUu7OwADldn0ewAR&KRTB&23244-YUu7OwADldn0ewAR; chkChromeAb67Sec=3; SyncRTB3=1633478400%3A99_161_81_13_21_22_55_3_230_165_231_8_88_189_176_220_234_222_7_71_54_204_166_56%7C1633132800%3A63%7C1632873600%3A223_15_2%7C1634860800%3A203%7C1633564800%3A35; KRTBCOOKIE_409=22966-a9oCQGlL7RfDx96AlSbvXhu8; PugT=1632353084
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=86627
expires
Thu, 23 Sep 2021 23:28:31 GMT
date
Wed, 22 Sep 2021 23:24:44 GMT
vary
Accept-Encoding
Cookie set uc.html
sync.go.sonobi.com/ Frame 694B
43 B
555 B
Document
General
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Date
Wed, 22 Sep 2021 23:24:44 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s57129|YUu7P; path=/; domain=.go.sonobi.com
/
onetag-sys.com/usync/ Frame 6046
2 KB
823 B
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
PugMaster
image6.pubmatic.com/AdServer/ Frame D76E
980 B
1 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=79474904&p=156498&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
78a50a8e91ef6cb72f2b97237cd71f199b209cead43db8ce1b1c06d129a0951e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
980
content-type
text/html; charset=UTF-8
YUu7PDFHrsWDWEQng1By6AAABK8AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5176
43 B
652 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YUu7PDFHrsWDWEQng1By6AAABK8AAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:44 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
getuid
secure.adnxs.com/ Frame 5176
0
0
Image
General
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

crum
dsum-sec.casalemedia.com/ Frame 5176
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3df0614b-bb3a-4400-9cf5-acab53100f8d&gdpr=1&gdpr_consent=
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3df0614b-bb3a-4400-9cf5-acab53100f8d&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 22 Sep 2021 23:24:44 GMT

Redirect headers

Date
Wed, 22 Sep 2021 23:24:44 GMT
Server
MT3 3984 0e3af3b master zrh-pixel-x28 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3df0614b-bb3a-4400-9cf5-acab53100f8d&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 22 Sep 2021 23:24:43 GMT
rum
dsum-sec.casalemedia.com/ Frame 5176
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2518706843731342197
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2518706843731342197
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 22 Sep 2021 23:24:44 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2518706843731342197
pragma
no-cache
date
Wed, 22 Sep 2021 23:24:44 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
match
c1.adform.net/serving/cookie/ Frame 5176
0
330 B
Image
General
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 23:24:44 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
tpid=YUu7PDFHrsWDWEQng1By6AAA%261199
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame 5176
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YUu7PDFHrsWDWEQng1By6AAA%261199?gdpr_consent=&us_privacy=&gdpr=1
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YUu7PDFHrsWDWEQng1By6AAA%261199?gdpr_consent=&us_privacy=&gdpr=1
49 B
737 B
Image
General
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YUu7PDFHrsWDWEQng1By6AAA%261199?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 23:24:45 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.13.95
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 22 Sep 2021 23:24:44 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YUu7PDFHrsWDWEQng1By6AAA%261199?gdpr_consent=&us_privacy=&gdpr=1
cache-control
no-cache
x-server
10.45.14.204
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 5176
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=6fd15022-8490-46a7-b109-2f7efe80b185
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=6fd15022-8490-46a7-b109-2f7efe80b185
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 22 Sep 2021 23:24:45 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:45 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=6fd15022-8490-46a7-b109-2f7efe80b185
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5176
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=NKSuwpdrS0JncvTc5evsKYjzxlU
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=NKSuwpdrS0JncvTc5evsKYjzxlU
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 22 Sep 2021 23:24:45 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=NKSuwpdrS0JncvTc5evsKYjzxlU
Date
Wed, 22 Sep 2021 23:24:45 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
setuid
sync.quantumdex.io/ Frame 5176
43 B
95 B
Image
General
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YUu7PDFHrsWDWEQng1By6AAABK8AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
692f49dc7c164a8c-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
Pug
simage2.pubmatic.com/AdServer/ Frame DD9B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=D7absBiISqtshCr1N-La1YjzxlU
42 B
374 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=D7absBiISqtshCr1N-La1YjzxlU
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=D7absBiISqtshCr1N-La1YjzxlU
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=453853BE-622D-4C70-AEBC-AD98526478D1; PUBMDCID=3; KRTBCOOKIE_57=22776-7636156164787956838; KRTBCOOKIE_153=19420-CqjSwF771cMRrd6TDfvLm1780ZER-NaQWa_WUhU1&KRTB&22979-CqjSwF771cMRrd6TDfvLm1780ZER-NaQWa_WUhU1; KRTBCOOKIE_80=22987-CAESEJH7b30vTh0uCVEX7_hqgZc&KRTB&16514-CAESEJH7b30vTh0uCVEX7_hqgZc&KRTB&23025-CAESEJH7b30vTh0uCVEX7_hqgZc; KRTBCOOKIE_377=6810-19e8b32c-8184-4af2-85b7-bc7580dd7727&KRTB&22918-19e8b32c-8184-4af2-85b7-bc7580dd7727&KRTB&23031-19e8b32c-8184-4af2-85b7-bc7580dd7727; KRTBCOOKIE_27=16735-uid:230b614b-bb39-4300-b04d-1511c93daab7&KRTB&16736-uid:230b614b-bb39-4300-b04d-1511c93daab7&KRTB&23019-uid:230b614b-bb39-4300-b04d-1511c93daab7&KRTB&23114-uid:230b614b-bb39-4300-b04d-1511c93daab7; KRTBCOOKIE_391=22924-5121012387558385027&KRTB&23263-5121012387558385027; KRTBCOOKIE_336=5844-6377988007333069753; pp=156498; PMDTSHR=cat:; DPSync3=1633478400%3A201_221_226_227_235_197_219%7C1632355200%3A174; KRTBCOOKIE_22=14911-2518706843731342197; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1101=23040-7010903107011868822; SPugT=1632353083; KRTBCOOKIE_466=16530-e330c04b-dea3-4b7e-bf6a-438dd4f0a607; KRTBCOOKIE_218=22978-YUu7OwADldn0ewAR&KRTB&23194-YUu7OwADldn0ewAR&KRTB&23209-YUu7OwADldn0ewAR&KRTB&23244-YUu7OwADldn0ewAR; KRTBCOOKIE_409=22966-a9oCQGlL7RfDx96AlSbvXhu8; PugT=1632353084; chkChromeAb67Sec=4; SyncRTB3=1637452800%3A69%7C1633478400%3A7_13_231_176_55_233_99_161_230_21_165_56_88_71_189_234_81_22_8_104_3_166_204_5_57_220_222_54%7C1634860800%3A203%7C1632873600%3A2_15_223%7C1633564800%3A35%7C1633132800%3A63; KRTBCOOKIE_107=1471-uid:2u4omhjK1MtbBy5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 22 Sep 2021 23:24:45 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_860=16335-D7absBiISqtshCr1N-La1YjzxlU; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 21-Dec-2021 23:24:45 GMT; path=/ PugT=1632353085; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 22-Oct-2021 23:24:45 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 21-Dec-2021 23:24:45 GMT; path=/
x-lat
lhrpug006:0:465
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Wed, 22 Sep 2021 23:24:45 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=D7absBiISqtshCr1N-La1YjzxlU
Set-Cookie
sa-user-id=s%3A0-0fb69bb0-1888-4aab-6c84-2af537e2dad5.6H5%2FmbPRjyhtq1iBOBGx4BYAo8S0JwoC60Lm0A%2F6nVo; Max-Age=31536000; Secure; SameSite=None sa-user-id-v2=s%3A0-0fb69bb0-1888-4aab-6c84-2af537e2dad5%24ip%24136.243.198.85.l7lBMs1ssaJVfKNDu4CxrbVVJzmNlxXuKdRVv9PLkro; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length
159
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 0A46
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:2u4omhjK1MtbBy5&gdpr=0&gdpr_consent=
42 B
290 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:2u4omhjK1MtbBy5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:2u4omhjK1MtbBy5&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=453853BE-622D-4C70-AEBC-AD98526478D1; PUBMDCID=3; KRTBCOOKIE_57=22776-7636156164787956838; KRTBCOOKIE_153=19420-CqjSwF771cMRrd6TDfvLm1780ZER-NaQWa_WUhU1&KRTB&22979-CqjSwF771cMRrd6TDfvLm1780ZER-NaQWa_WUhU1; KRTBCOOKIE_80=22987-CAESEJH7b30vTh0uCVEX7_hqgZc&KRTB&16514-CAESEJH7b30vTh0uCVEX7_hqgZc&KRTB&23025-CAESEJH7b30vTh0uCVEX7_hqgZc; KRTBCOOKIE_377=6810-19e8b32c-8184-4af2-85b7-bc7580dd7727&KRTB&22918-19e8b32c-8184-4af2-85b7-bc7580dd7727&KRTB&23031-19e8b32c-8184-4af2-85b7-bc7580dd7727; KRTBCOOKIE_27=16735-uid:230b614b-bb39-4300-b04d-1511c93daab7&KRTB&16736-uid:230b614b-bb39-4300-b04d-1511c93daab7&KRTB&23019-uid:230b614b-bb39-4300-b04d-1511c93daab7&KRTB&23114-uid:230b614b-bb39-4300-b04d-1511c93daab7; KRTBCOOKIE_391=22924-5121012387558385027&KRTB&23263-5121012387558385027; KRTBCOOKIE_336=5844-6377988007333069753; pp=156498; PMDTSHR=cat:; DPSync3=1633478400%3A201_221_226_227_235_197_219%7C1632355200%3A174; KRTBCOOKIE_22=14911-2518706843731342197; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1101=23040-7010903107011868822; SPugT=1632353083; KRTBCOOKIE_466=16530-e330c04b-dea3-4b7e-bf6a-438dd4f0a607; KRTBCOOKIE_218=22978-YUu7OwADldn0ewAR&KRTB&23194-YUu7OwADldn0ewAR&KRTB&23209-YUu7OwADldn0ewAR&KRTB&23244-YUu7OwADldn0ewAR; KRTBCOOKIE_409=22966-a9oCQGlL7RfDx96AlSbvXhu8; PugT=1632353084; chkChromeAb67Sec=4; SyncRTB3=1637452800%3A69%7C1633478400%3A7_13_231_176_55_233_99_161_230_21_165_56_88_71_189_234_81_22_8_104_3_166_204_5_57_220_222_54%7C1634860800%3A203%7C1632873600%3A2_15_223%7C1633564800%3A35%7C1633132800%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 22 Sep 2021 23:24:44 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_107=1471-uid:2u4omhjK1MtbBy5; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 21-Dec-2021 23:24:44 GMT; path=/ PugT=1632353084; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 22-Oct-2021 23:24:44 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 21-Dec-2021 23:24:44 GMT; path=/
x-lat
lhrpug018:0:453
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Wed, 22 Sep 2021 23:24:44 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:2u4omhjK1MtbBy5&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/8a430fa#rel-ec2-master i-0f1a9d8b7eed06fb2@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=2u4omhjK1MtbBy5; Domain=.w55c.net; Expires=Sat, 22-Oct-2022 23:24:44 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Fri, 22-Oct-2021 23:24:44 GMT; Path=/; SameSite=None; Secure
Strict-Transport-Security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
usersync
match.bnmla.com/ Frame 16E9
0
114 B
Document
General
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.158 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
match.bnmla.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Wed, 22 Sep 2021 23:24:45 GMT
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 6D88
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A8C392066AB6478785FFF212652982AF
1 B
69 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A8C392066AB6478785FFF212652982AF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A8C392066AB6478785FFF212652982AF
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=453853BE-622D-4C70-AEBC-AD98526478D1; PUBMDCID=3; KRTBCOOKIE_57=22776-7636156164787956838; KRTBCOOKIE_153=19420-CqjSwF771cMRrd6TDfvLm1780ZER-NaQWa_WUhU1&KRTB&22979-CqjSwF771cMRrd6TDfvLm1780ZER-NaQWa_WUhU1; KRTBCOOKIE_80=22987-CAESEJH7b30vTh0uCVEX7_hqgZc&KRTB&16514-CAESEJH7b30vTh0uCVEX7_hqgZc&KRTB&23025-CAESEJH7b30vTh0uCVEX7_hqgZc; KRTBCOOKIE_377=6810-19e8b32c-8184-4af2-85b7-bc7580dd7727&KRTB&22918-19e8b32c-8184-4af2-85b7-bc7580dd7727&KRTB&23031-19e8b32c-8184-4af2-85b7-bc7580dd7727; KRTBCOOKIE_27=16735-uid:230b614b-bb39-4300-b04d-1511c93daab7&KRTB&16736-uid:230b614b-bb39-4300-b04d-1511c93daab7&KRTB&23019-uid:230b614b-bb39-4300-b04d-1511c93daab7&KRTB&23114-uid:230b614b-bb39-4300-b04d-1511c93daab7; KRTBCOOKIE_391=22924-5121012387558385027&KRTB&23263-5121012387558385027; KRTBCOOKIE_336=5844-6377988007333069753; pp=156498; PMDTSHR=cat:; DPSync3=1633478400%3A201_221_226_227_235_197_219%7C1632355200%3A174; KRTBCOOKIE_22=14911-2518706843731342197; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1101=23040-7010903107011868822; SPugT=1632353083; KRTBCOOKIE_466=16530-e330c04b-dea3-4b7e-bf6a-438dd4f0a607; KRTBCOOKIE_218=22978-YUu7OwADldn0ewAR&KRTB&23194-YUu7OwADldn0ewAR&KRTB&23209-YUu7OwADldn0ewAR&KRTB&23244-YUu7OwADldn0ewAR; KRTBCOOKIE_409=22966-a9oCQGlL7RfDx96AlSbvXhu8; PugT=1632353084; chkChromeAb67Sec=4; SyncRTB3=1637452800%3A69%7C1633478400%3A7_13_231_176_55_233_99_161_230_21_165_56_88_71_189_234_81_22_8_104_3_166_204_5_57_220_222_54%7C1634860800%3A203%7C1632873600%3A2_15_223%7C1633564800%3A35%7C1633132800%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 22 Sep 2021 23:24:44 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 21-Dec-2021 23:24:44 GMT; path=/
x-lat
lhrpug015:0:377
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Wed, 22 Sep 2021 23:24:44 GMT
content-type
text/html
content-length
142
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A8C392066AB6478785FFF212652982AF
expires
Tue, 21 Sep 2021 23:24:44 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
setuid
sync.quantumdex.io/ Frame AAEA
43 B
118 B
Document
General
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=453853BE-622D-4C70-AEBC-AD98526478D1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/setuid?bidder=pubmatic&uid=453853BE-622D-4C70-AEBC-AD98526478D1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
uid=a4d96b2c-e3af-4af1-83f0-764b60049336
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 22 Sep 2021 23:24:45 GMT
content-type
image/gif
content-length
43
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
692f49dc9c3a4a8c-FRA
Pug
simage2.pubmatic.com/AdServer/ Frame D76E
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=45744966-1bfc-11ec-98c4-1112683929aa&gdpr=0&gdpr_consent=
1 B
215 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=45744966-1bfc-11ec-98c4-1112683929aa&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:45 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug010:0:503
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=45744966-1bfc-11ec-98c4-1112683929aa&gdpr=0&gdpr_consent=
Date
Wed, 22 Sep 2021 23:24:44 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
45744967-1bfc-11ec-98c4-1112683929aa
1
serving.stat-rock.com/v1/log/js/
35 B
162 B
Image
General
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1632353084514.196&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Ffrancecoil85&t=679&v=96&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.5840636548437903
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.120.254 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap15.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Wed, 22 Sep 2021 23:24:44 GMT
srvf
144.76.120.254
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
1
serving.stat-rock.com/v1/log/js/
35 B
162 B
Image
General
Full URL
https://serving.stat-rock.com/v1/log/js/1?d=1&id=1632353084514.196&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Ffrancecoil85&t=680&v=96&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.5949566450896187
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.120.254 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap15.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://ask.fm/
Origin
https://ask.fm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ask.fm
date
Wed, 22 Sep 2021 23:24:44 GMT
srvf
144.76.120.254
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
match
ads.betweendigital.com/ Frame B91A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=e330c04b-dea3-4b7e-bf6a-438dd4f0a607
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mk30b3deb7-33ac-4f8c-bc1f-1ee58c550adc&expires=7&user_group=5&ssp=between&bsw_param=e330c04b-dea3-4b7e-bf6a-438dd4f0a607
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=e330c04b-dea3-4b7e-bf6a-438dd4f0a607
68 B
607 B
Image
General
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=e330c04b-dea3-4b7e-bf6a-438dd4f0a607
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.212.252.2 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=e330c04b-dea3-4b7e-bf6a-438dd4f0a607
date
Wed, 22 Sep 2021 23:24:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
ad
v.lkqd.net/ Frame B303
2 KB
2 KB
XHR
General
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Ffrancecoil85&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=47647588&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
16a0a337aa0948de6ab461a2f2d54e129e5750f2a5dc9a90560f4fcf0978ef9d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:45 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1358
48953915
mc.yandex.com/webvisor/
43 B
145 B
XHR
General
Full URL
https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=2&wv-hit=603935308&page-url=https%3A%2F%2Fask.fm%2Ffrancecoil85&rn=272631847&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1632353085%3Aw%3A1600x1200%3Av%3A644%3Az%3A0%3Ai%3A20210922232445%3Au%3A1632353080310271983%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1632353085
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ask.fm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 23:24:45 GMT
last-modified
Wed, 22-Sep-2021 23:24:45 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ask.fm
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 22-Sep-2021 23:24:45 GMT
vpaid.js
ad.lkqd.net/vpaid/ Frame 6FA3
230 KB
61 KB
Script
General
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:45 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 16:09:54 GMT
etag
"18431b5d583ab7507824ab63424fc76a"
x-hw
1632353085.cds056.fr8.hn,1632353085.cds107.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62012
usync.html
ad.lkqd.net/cookie-sync/ Frame 72B2
4 KB
2 KB
Document
General
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 22 Sep 2021 23:24:45 GMT
content-encoding
gzip
content-length
1868
content-type
text/html
last-modified
Thu, 29 Jul 2021 21:50:27 GMT
accept-ranges
bytes
etag
"81f08e6987a7c8675462207e3514d72e"
cache-control
public, max-age=1209600
x-hw
1632353085.cds056.fr8.hn,1632353085.cds226.fr8.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame
0
0
Preflight
General
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Ffrancecoil85&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=47647588&m=&rtv=1&thost=ask.fm
Protocol
H2
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 22 Sep 2021 23:24:45 GMT
content-length
0
access-control-allow-origin
https://ask.fm
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
ad
v.lkqd.net/ Frame 6FA3
122 KB
7 KB
XHR
General
Full URL
https://v.lkqd.net/ad?pid=430&sid=1148642&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fask.fm%2Ffrancecoil85&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C54345%2C1%2C&c5=&c6=54345&rnd=47647588&m=&rtv=1&thost=ask.fm
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.61 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e1beb0870393589f1f1508599939202caee7d904ee7d8b0cd620f2fa4612f3ea

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 22 Sep 2021 23:24:45 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
7397
cs
cs.lkqd.net/ Frame 72B2
43 B
308 B
Image
General
Full URL
https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_cm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.160 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:45 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 72B2
43 B
308 B
Image
General
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.160 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:45 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 72B2
43 B
308 B
Image
General
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.160 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:45 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 72B2
43 B
308 B
Image
General
Full URL
https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.160 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:45 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 72B2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2518706843731342197
43 B
308 B
Image
General
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2518706843731342197
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.160 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:45 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2518706843731342197
pragma
no-cache
date
Wed, 22 Sep 2021 23:24:44 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
t
t.lkqd.net/ Frame 3914
0
158 B
XHR
General
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.73 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ask.fm
date
Wed, 22 Sep 2021 23:24:45 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame
0
0
Preflight
General
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.73 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 22 Sep 2021 23:24:45 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
fe1dafd4982a309e
an.yandex.ru/setud/adsniper/ Frame B91A
Redirect Chain
  • https://sync.bumlam.com/?src=aid0
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=453c55be-1bfc-11ec-86e0-002590c0647c
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=453c55be-1bfc-11ec-86e0-002590c0647c&bounce=1
  • https://sync.bumlam.com/?src=aid1&uid=PnH0LS5CiWZEC6ONmwVlMA&
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=PnH0LS5CiWZEC6ONmwVlMA&extra2=aidata
  • https://sync3.sniperlog.ru/?src=ggl&extra1=PnH0LS5CiWZEC6ONmwVlMA&extra2=aidata&google_gid=CAESELXLyTDX1-tsZJMBUgLvRdQ&google_cver=1
  • https://sync.bumlam.com/?src=ggl&extra1=PnH0LS5CiWZEC6ONmwVlMA&extra2=aidata&google_gid=CAESELXLyTDX1-tsZJMBUgLvRdQ&google_cver=1
  • https://an.yandex.ru/setud/adsniper/fe1dafd4982a309e?sign=3279833605
0
0

/
adx.adform.net/adx/
65 B
734 B
XHR
General
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fask.fm%2Ffrancecoil85
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:45 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
88k_nHSg_6XSp1263gyM+iSSVC+nZNMH
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1985563784&gdpr=0&gdpr_consent=&pageUrl=https%3A%2F%2Fask.fm%2Ffrancecoil85&eov=eov&pi.width=400&pi.height=225&pi.viewable...
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1985563784&gdpr=0&gdpr_consent=&pageUrl=https%3A%2F%2Fask.fm%2Ffrancecoil85&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&s...
249 B
529 B
XHR
General
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1985563784&gdpr=0&gdpr_consent=&pageUrl=https%3A%2F%2Fask.fm%2Ffrancecoil85&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=9a7daa03-3f90-42c2-85a9-e941c9f77f00&a.is_yahoo=3&redirect_y=dHM9MTYzMjM1MzA4NTU0NS40OTY4MjY6YXBpZD1VUDQ1M2M3MDE4LTFiZmMtMTFlYy1iODIzLTAyZDEyMWE2MmNkNDpyZXF1ZXN0X2lkPTlhN2RhYTAzLTNmOTAtNDJjMi04NWE5LWU5NDFjOWY3N2YwMA==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.33.143 -, , ASN (),
Reverse DNS
Software
ATS/7.1.2.138 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:45 GMT
content-encoding
gzip
server
ATS/7.1.2.138
Age
0
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://ask.fm
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1985563784&gdpr=0&gdpr_consent=&pageUrl=https%3A%2F%2Fask.fm%2Ffrancecoil85&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=9a7daa03-3f90-42c2-85a9-e941c9f77f00&a.is_yahoo=3&redirect_y=dHM9MTYzMjM1MzA4NTU0NS40OTY4MjY6YXBpZD1VUDQ1M2M3MDE4LTFiZmMtMTFlYy1iODIzLTAyZDEyMWE2MmNkNDpyZXF1ZXN0X2lkPTlhN2RhYTAzLTNmOTAtNDJjMi04NWE5LWU5NDFjOWY3N2YwMA==
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1184215378&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Ffrancecoil85&eov=eov&pi.width=400&p...
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1184215378&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Ffrancecoil85&eov=eov&pi.width=400&pi.he...
249 B
529 B
XHR
General
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1184215378&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Ffrancecoil85&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=766d7f3d-a40c-495b-bfb0-40813e2c0719&a.is_yahoo=3&redirect_y=dHM9MTYzMjM1MzA4NTU0NS4zNzUwMDA6YXBpZD1VUDQ1M2M3MDE4LTFiZmMtMTFlYy1iODIzLTAyZDEyMWE2MmNkNDpyZXF1ZXN0X2lkPTc2NmQ3ZjNkLWE0MGMtNDk1Yi1iZmIwLTQwODEzZTJjMDcxOQ==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.33.143 -, , ASN (),
Reverse DNS
Software
ATS/7.1.2.138 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:45 GMT
content-encoding
gzip
server
ATS/7.1.2.138
Age
0
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://ask.fm
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1184215378&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Ffrancecoil85&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=766d7f3d-a40c-495b-bfb0-40813e2c0719&a.is_yahoo=3&redirect_y=dHM9MTYzMjM1MzA4NTU0NS4zNzUwMDA6YXBpZD1VUDQ1M2M3MDE4LTFiZmMtMTFlYy1iODIzLTAyZDEyMWE2MmNkNDpyZXF1ZXN0X2lkPTc2NmQ3ZjNkLWE0MGMtNDk1Yi1iZmIwLTQwODEzZTJjMDcxOQ==
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
av
vidoomy-d.openx.net/v/1.0/
48 B
251 B
XHR
General
Full URL
https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fask.fm%2Ffrancecoil85&cb=2018459150&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C53672732835792950551027339630,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 23:24:45 GMT
content-encoding
gzip
server
OXGW/16.216.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ask.fm
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
adx.adform.net/adx/
65 B
734 B
XHR
General
Full URL
https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fask.fm%2Ffrancecoil85&t=2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:45 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
content-length
173
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
88k_nHSg_6XSp1263gyM+iSSVC+nZNMH
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1530863467&gdpr=0&gdpr_consent=&pageUrl=https%3A%2F%2Fask.fm%2Ffrancecoil85&eov=eov&pi.width=400&pi.height=225&pi.viewable...
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1530863467&gdpr=0&gdpr_consent=&pageUrl=https%3A%2F%2Fask.fm%2Ffrancecoil85&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&s...
249 B
529 B
XHR
General
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1530863467&gdpr=0&gdpr_consent=&pageUrl=https%3A%2F%2Fask.fm%2Ffrancecoil85&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=3306de59-3a99-458d-8dfc-d571df1b19b7&a.is_yahoo=3&redirect_y=dHM9MTYzMjM1MzA4NTU0Ny4zMzQ5NjE6YXBpZD1VUDQ1M2M3MDE4LTFiZmMtMTFlYy1iODIzLTAyZDEyMWE2MmNkNDpyZXF1ZXN0X2lkPTMzMDZkZTU5LTNhOTktNDU4ZC04ZGZjLWQ1NzFkZjFiMTliNw==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.33.143 -, , ASN (),
Reverse DNS
Software
ATS/7.1.2.138 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:45 GMT
content-encoding
gzip
server
ATS/7.1.2.138
Age
0
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://ask.fm
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1530863467&gdpr=0&gdpr_consent=&pageUrl=https%3A%2F%2Fask.fm%2Ffrancecoil85&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=3306de59-3a99-458d-8dfc-d571df1b19b7&a.is_yahoo=3&redirect_y=dHM9MTYzMjM1MzA4NTU0Ny4zMzQ5NjE6YXBpZD1VUDQ1M2M3MDE4LTFiZmMtMTFlYy1iODIzLTAyZDEyMWE2MmNkNDpyZXF1ZXN0X2lkPTMzMDZkZTU5LTNhOTktNDU4ZC04ZGZjLWQ1NzFkZjFiMTliNw==
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=26848116&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Ffrancecoil85&eov=eov&pi.width=400&pi....
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=26848116&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Ffrancecoil85&eov=eov&pi.width=400&pi.heig...
249 B
529 B
XHR
General
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=26848116&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Ffrancecoil85&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=8aac3a0a-786b-4233-915c-9c0594160313&a.is_yahoo=3&redirect_y=dHM9MTYzMjM1MzA4NTU0Ny42MDgxNTQ6YXBpZD1VUDQ1M2M3MDE4LTFiZmMtMTFlYy1iODIzLTAyZDEyMWE2MmNkNDpyZXF1ZXN0X2lkPThhYWMzYTBhLTc4NmItNDIzMy05MTVjLTljMDU5NDE2MDMxMw==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.33.143 -, , ASN (),
Reverse DNS
Software
ATS/7.1.2.138 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:45 GMT
content-encoding
gzip
server
ATS/7.1.2.138
Age
0
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://ask.fm
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=26848116&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Ffrancecoil85&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=8aac3a0a-786b-4233-915c-9c0594160313&a.is_yahoo=3&redirect_y=dHM9MTYzMjM1MzA4NTU0Ny42MDgxNTQ6YXBpZD1VUDQ1M2M3MDE4LTFiZmMtMTFlYy1iODIzLTAyZDEyMWE2MmNkNDpyZXF1ZXN0X2lkPThhYWMzYTBhLTc4NmItNDIzMy05MTVjLTljMDU5NDE2MDMxMw==
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
swfIndex.php
ads.stickyadstv.com/www/delivery/
67 B
711 B
XHR
General
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C53672732835792950551209327082,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:45 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1632353085161071-356
Expires
Wed, 22 Sep 2021 23:24:45 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/
1 KB
2 KB
XHR
General
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C14299229385367273283579295055,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3fcd00a6cdcdabc4f27199f1f810901f0ae627b7a357e4d00159619227388b9b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:45 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1158
x-sticky-vk
1632353085012057-508
Expires
Wed, 22 Sep 2021 23:24:45 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/
1 KB
2 KB
XHR
General
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=0&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C53672732835792950551107857426%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ab602371580e173117754efb55e7dbe2e545b34208b36d4fe88c12929c222a05

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:45 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1192
x-sticky-vk
1632353084730085-516
Expires
Wed, 22 Sep 2021 23:24:45 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/
1 KB
2 KB
XHR
General
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=0&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C5367273283579295055900068866%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
13ca345cb1bb431435c40d5ed2246aa21f75f555cb2b182744d34a1bc5d6616d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:45 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1190
x-sticky-vk
1632353085029076-427
Expires
Wed, 22 Sep 2021 23:24:45 GMT
vg8w_5FE244+r7CJB_4mkZ3_YehF4CBX
ads.adaptv.advertising.com/a/h/
2 KB
1 KB
XHR
General
Full URL
https://ads.adaptv.advertising.com/a/h/vg8w_5FE244+r7CJB_4mkZ3_YehF4CBX?cb=1154955454&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Ffrancecoil85&eov=eov
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.240.81 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-240-81.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
dca67c5a0abe9dc76c3e187e2cf023f27edf493bc68d6c64518108e16c891ef3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
server
adaptv/1.0
content-type
text/xml
access-control-allow-origin
https://ask.fm
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
908
expires
0
7585793
ads.stickyadstv.com/vast/vpaid-adapter/
1 KB
2 KB
XHR
General
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C18930168775367273283579295055,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ec28c2abdd3c66221d33278c00dcad36a34c0058b4f49b36efee783ce006fcd5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:45 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1158
x-sticky-vk
1632353084829075-598
Expires
Wed, 22 Sep 2021 23:24:45 GMT
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1211625530&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Ffrancecoil85&eov=eov&pi.width=400&p...
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1211625530&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Ffrancecoil85&eov=eov&pi.width=400&pi.he...
249 B
529 B
XHR
General
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1211625530&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Ffrancecoil85&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=a133a4e7-465e-48c6-abdf-0a1f29c79316&a.is_yahoo=3&redirect_y=dHM9MTYzMjM1MzA4NTU1Mi42MDcxNzg6YXBpZD1VUDQ1M2M3MDE4LTFiZmMtMTFlYy1iODIzLTAyZDEyMWE2MmNkNDpyZXF1ZXN0X2lkPWExMzNhNGU3LTQ2NWUtNDhjNi1hYmRmLTBhMWYyOWM3OTMxNg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.33.143 -, , ASN (),
Reverse DNS
Software
ATS/7.1.2.138 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ask.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:45 GMT
content-encoding
gzip
server
ATS/7.1.2.138
Age
0
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://ask.fm
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1211625530&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fask.fm%2Ffrancecoil85&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=54345&hp=1&a.y_rid=a133a4e7-465e-48c6-abdf-0a1f29c79316&a.is_yahoo=3&redirect_y=dHM9MTYzMjM1MzA4NTU1Mi42MDcxNzg6YXBpZD1VUDQ1M2M3MDE4LTFiZmMtMTFlYy1iODIzLTAyZDEyMWE2MmNkNDpyZXF1ZXN0X2lkPWExMzNhNGU3LTQ2NWUtNDhjNi1hYmRmLTBhMWYyOWM3OTMxNg==
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
t
t.lkqd.net/ Frame
0
0
Preflight
General
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.73 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ask.fm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 22 Sep 2021 23:24:45 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://ask.fm
t
t.lkqd.net/ Frame 3914
0
0

truncated
/ Frame 6FA3
35 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
vpaid_68c68ea6.js
vpaid.springserve.com/production/ Frame 6F7A
491 KB
87 KB
Script
General
Full URL
https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:f600:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a54b6501010a2a11a342b7f1459a10336ce2b96a98c523c015de676203f1e282

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 17:36:21 GMT
content-encoding
br
last-modified
Wed, 22 Sep 2021 17:34:44 GMT
server
AmazonS3
age
20905
etag
W/"c41b3f31e617ac05abbd6b79785bd64a"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
zfoeNwOAaYBLOcD34gN9gi9wnsz-_KCEJ_-GNzXk8FmIkum4ZCnnzw==
async_usersync
ib.adnxs.com/ Frame 97B3
0
733 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:45 GMT
X-Proxy-Origin
136.243.198.85; 136.243.198.85; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
ab0c2e05-b991-4aed-b73e-eb709780ee27
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame D71C
0
733 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:45 GMT
X-Proxy-Origin
136.243.198.85; 136.243.198.85; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
f21da37f-96a9-464d-b98c-115487cbe293
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 6F7A
19 B
845 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:45 GMT
X-Proxy-Origin
136.243.198.85; 136.243.198.85; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
ec855dbd-a745-42a3-81b4-04d1971d01fe
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame 6F7A
0
207 B
XHR
General
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.240.81 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-240-81.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ask.fm
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ Frame 6F7A
19 B
845 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:45 GMT
X-Proxy-Origin
136.243.198.85; 136.243.198.85; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
49741d3c-1123-4839-9545-ae38671b9849
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 6F7A
19 B
845 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:45 GMT
X-Proxy-Origin
136.243.198.85; 136.243.198.85; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
d973db08-86d4-448a-bdbe-2fefe61c1bc6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 6F7A
19 B
845 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:45 GMT
X-Proxy-Origin
136.243.198.85; 136.243.198.85; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
157d7b87-a644-4588-9f72-61b12ef213d9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 6F7A
67 B
711 B
XHR
General
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&playerSize=400x225&loc=https%3A%2F%2Fask.fm%2Ffrancecoil85&_fw_gdpr=&_fw_gdpr_consent=&cb=1632353085452&width=400&height=225&dnt=&ip=146.20.128.43&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&schain=1.0,1!vidoomy.com,54345,1,1632353085452,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 23:24:45 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://ask.fm
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1632353085357062-415
Expires
Wed, 22 Sep 2021 23:24:45 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 6F7A
962 B
842 B
XHR
General
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Ffrancecoil85&schain=1.0,1!vidoomy.com,54345,1,1632353085452,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_68c68ea6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
65338ce842a28a0513659a07c0f208bc893a685164fa834d83d42a214451a64b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 23:24:45 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5c92d699e808f"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://ask.fm
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
590
expires
Wed, 22 Sep 2021 23:24:45 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 4644
152 KB
36 KB
Script
General
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Ffrancecoil85&schain=1.0,1!vidoomy.com,54345,1,1632353085452,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:45 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 05:02:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-25f9a-5c92d699d3c58"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36260
showad.js
ads.pubmatic.com/AdServer/js/ Frame 07E8
38 KB
14 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Ffrancecoil85&schain=1.0,1!vidoomy.com,54345,1,1632353085452,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=453853BE-622D-4C70-AEBC-AD98526478D1; PUBMDCID=3; KRTBCOOKIE_57=22776-7636156164787956838; KRTBCOOKIE_153=19420-CqjSwF771cMRrd6TDfvLm1780ZER-NaQWa_WUhU1&KRTB&22979-CqjSwF771cMRrd6TDfvLm1780ZER-NaQWa_WUhU1; KRTBCOOKIE_80=22987-CAESEJH7b30vTh0uCVEX7_hqgZc&KRTB&16514-CAESEJH7b30vTh0uCVEX7_hqgZc&KRTB&23025-CAESEJH7b30vTh0uCVEX7_hqgZc; KRTBCOOKIE_377=6810-19e8b32c-8184-4af2-85b7-bc7580dd7727&KRTB&22918-19e8b32c-8184-4af2-85b7-bc7580dd7727&KRTB&23031-19e8b32c-8184-4af2-85b7-bc7580dd7727; KRTBCOOKIE_27=16735-uid:230b614b-bb39-4300-b04d-1511c93daab7&KRTB&16736-uid:230b614b-bb39-4300-b04d-1511c93daab7&KRTB&23019-uid:230b614b-bb39-4300-b04d-1511c93daab7&KRTB&23114-uid:230b614b-bb39-4300-b04d-1511c93daab7; KRTBCOOKIE_391=22924-5121012387558385027&KRTB&23263-5121012387558385027; KRTBCOOKIE_336=5844-6377988007333069753; pp=156498; PMDTSHR=cat:; DPSync3=1633478400%3A201_221_226_227_235_197_219%7C1632355200%3A174; KRTBCOOKIE_22=14911-2518706843731342197; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1101=23040-7010903107011868822; SPugT=1632353083; KRTBCOOKIE_466=16530-e330c04b-dea3-4b7e-bf6a-438dd4f0a607; KRTBCOOKIE_218=22978-YUu7OwADldn0ewAR&KRTB&23194-YUu7OwADldn0ewAR&KRTB&23209-YUu7OwADldn0ewAR&KRTB&23244-YUu7OwADldn0ewAR; KRTBCOOKIE_409=22966-a9oCQGlL7RfDx96AlSbvXhu8; KCCH=YES; chkChromeAb67Sec=4; SyncRTB3=1637452800%3A69%7C1633478400%3A7_13_231_176_55_233_99_161_230_21_165_56_88_71_189_234_81_22_8_104_3_166_204_5_57_220_222_54%7C1634860800%3A203%7C1632873600%3A2_15_223%7C1633564800%3A35%7C1633132800%3A63; KRTBCOOKIE_107=1471-uid:2u4omhjK1MtbBy5; KRTBCOOKIE_860=16335-D7absBiISqtshCr1N-La1YjzxlU; PugT=1632353085; KRTBCOOKIE_279=22890-45744966-1bfc-11ec-98c4-1112683929aa&KRTB&23011-45744966-1bfc-11ec-98c4-1112683929aa
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=164486
expires
Fri, 24 Sep 2021 21:06:11 GMT
date
Wed, 22 Sep 2021 23:24:45 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 4644
38 KB
14 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fask.fm%2Ffrancecoil85&schain=1.0,1!vidoomy.com,54345,1,1632353085452,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 23:24:45 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:07:52 GMT
server
Apache/2.2.15 (CentOS)
etag
"13006b6-974e-5c4c7cb53d8cb"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=164486
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13946
expires
Fri, 24 Sep 2021 21:06:11 GMT
t
t.lkqd.net/ Frame 3914
0
0

t
t.lkqd.net/ Frame
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
t.lkqd.net
URL
https://t.lkqd.net/t
Domain
i.connectad.io
URL
https://i.connectad.io/api/v2
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Domain
loada.exelator.com
URL
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
Domain
an.yandex.ru
URL
https://an.yandex.ru/setud/adsniper/fe1dafd4982a309e?sign=3279833605
Domain
t.lkqd.net
URL
https://t.lkqd.net/t
Domain
t.lkqd.net
URL
https://t.lkqd.net/t
Domain
t.lkqd.net
URL
https://t.lkqd.net/t

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| onbeforexrselect boolean| originAgentCluster function| logError function| $ function| jQuery function| PerfectScrollbar object| Turbolinks function| Cursores object| Utils object| Events object| Browser object| Turbolinkz function| Actions object| Ajax object| Mutex function| Pages object| AjaxUI object| ScrollBar object| AnswerCard object| ProfileTabCounters object| ThreadCounters object| Pager object| Config object| Answers undefined| AskfmAd undefined| Atcomplete undefined| Autofocus object| Flash object| Uploads object| Avatar object| Background object| Form object| Button object| Captcha function| Recaptcha2onLoad object| Checkbox object| ConfirmDialog function| Log object| PositionFixedFocus object| FacebookSharing object| Lightbox object| Yandex object| TrackingGoals object| FormXHR object| Gdpr object| GoogleAnalytics undefined| HoverToActive object| LoginCheck object| MassAsk object| Media object| Notifications object| Offers undefined| Optad360 object| PhotoAnswer object| Photopoll object| PopupCallback object| Pymk object| Pyml object| Questions object| SecretAnswers undefined| ServiceWorkerRemoval object| Stream undefined| Tagcomplete object| Toggle object| Tracking undefined| Viads object| Viewport function| admiral object| googletag string| esSdk function| es function| ym function| 4dm1r11545242527 object| __es_sdk string| f object| Ya object| yaCounter48953915 function| eHost string| va string| vb string| vc string| vd string| ve string| vf string| vg string| vh string| vi string| vj string| vk string| vl string| vm string| vn string| url function| loadVidPlayers function| __tcfapi_8928924878912 object| lkqdSettings object| vpaidLoader function| fbAsyncInit object| dataLayer object| lkqd object| mobile_blocked_mfs function| lkqd_http_response object| google_tag_manager object| FB object| google_tag_data string| GoogleAnalyticsObject function| ga object| AdSlotCollection object| regeneratorRuntime object| pbjs325474 object| gaplugins object| gaGlobal object| gaData object| __oa360ScriptsState boolean| __isGoogleAllowed function| pbjs325474Chunk object| _pbjsGlobals function| JSEncrypt object| ADAGIO object| sas object| apntag object| _ADAGIO function| AdPlayerPro object| DMVAST function| playerPro

143 Cookies

Domain/Path Name / Value
ask.fm/ Name: locale
Value: de
ask.fm/ Name: uuid
Value: 32c41fc8-bdf5-4dd5-8592-9237e7aa5f39
ask.fm/ Name: country
Value: DE
.ask.fm/ Name: _ym_uid
Value: 1632353080310271983
.ask.fm/ Name: _ym_d
Value: 1632353080
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2587316942fake
.ask.fm/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1574428467fake
.yandex.com/ Name: yandexuid
Value: 702182571632353080
.yandex.com/ Name: yuidss
Value: 702182571632353080
mc.yandex.com/ Name: yabs-sid
Value: 1996319591632353080
.yandex.com/ Name: i
Value: nD0TNNZGrNQU6JRwIAL0+7bIFDcnlHJBxaOPTt+l2vxm+oNxVoXkxu1gv4qCKWzEYuljBBZny2Ngzsovt/OQfMGocOo=
.yandex.com/ Name: ymex
Value: 1663889080.yrts.1632353080#1663889080.yrtsi.1632353080
.bidswitch.net/ Name: tuuid
Value: e330c04b-dea3-4b7e-bf6a-438dd4f0a607
.bidswitch.net/ Name: c
Value: 1632353080
.bidswitch.net/ Name: tuuid_lu
Value: 1632353080
.ask.fm/ Name: _ym_visorc
Value: w
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_5a70c2eb-e98b-4260-b67b-785e24f71eeb
ads.stickyadstv.com/ Name: UID
Value: 22dc47a085e6588a2be726b239935b6a
ads.stickyadstv.com/ Name: sessionId
Value: 4762d07d42e1bdb7c8464f076cdedef
.adsrvr.org/ Name: TDID
Value: 19e8b32c-8184-4af2-85b7-bc7580dd7727
.turn.com/ Name: uid
Value: 2518706843731342197
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-376acdc3-5507-46a4-89e4-19c62868c632-003%22%7D
.vidoomy.com/ Name: vidoomy-uids
Value: eyJ1aWRzIjp7IkNFTiI6eyJ1aWQiOiJuby1jb25zZW50IiwiZXhwaXJlcyI6MTYzNDk0NTA4MH0sIlVOIjp7InVpZCI6IlJYLTM3NmFjZGMzLTU1MDctNDZhNC04OWU0LTE5YzYyODY4YzYzMi0wMDMiLCJleHBpcmVzIjoxNjM0OTQ1MDgwfX19
.ask.fm/ Name: _awl
Value: 2.1632353081.0.4-2bd826b9-2f1896cc1d071bd3729b8e886e516ead-6763652d6575726f70652d7765737431-614bbb39-0
.ask.fm/ Name: _ga
Value: GA1.2.781557306.1632353081
.ask.fm/ Name: _gid
Value: GA1.2.1341908820.1632353081
.ask.fm/ Name: _gat_UA-12308109-15
Value: 1
ask.fm/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.quantumdex.io/ Name: uid
Value: a4d96b2c-e3af-4af1-83f0-764b60049336
.betweendigital.com/ Name: dc
Value: mow1
.betweendigital.com/ Name: tuuid
Value: 3ace5b13-1f9d-510a-ada6-7ea4ccedc59d
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
ask.fm/ Name: cto_bidid
Value: LngGWF91TTN4Z1RncDRrNDRONjl0RzAwbmd5WVFHSllmc2J3aDQwZSUyQjg2MFkwbHVkcW1SbGpCN1pSJTJGTnBDSGd6ak5SVXVjYWw1N1hGblV6eDV0V2pUTmxsWGclM0QlM0Q
ask.fm/ Name: cto_bundle
Value: 2X8AGl9jRlVyYXc4QlI2bTJBVnlWazhlYVlSTENvMWhQUHVlRjFuWER4bG03TlhtM1dIVVNaJTJCMVA4VE1TNElPQlQzMWRBJTJCbHNxRXJUWCUyQmkzQ3RoMiUyRktPaUhKdmlmRUljZ0Nrbk5IeDQ1cDlRc3hnJTNE
.openx.net/ Name: i
Value: ee843b97-518e-072e-001e-3410d31776a8|1632353081
.openx.net/ Name: v
Value: 1
.openx.net/ Name: pd
Value: v2|1632353081|gu
ads.stickyadstv.com/ Name: pxId
Value: 7169
.spotxchange.com/ Name: audience
Value: 4350e395-1bfc-11ec-932d-125b01370006
.adnxs.com/ Name: uuid2
Value: 7636156164787956838
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 453853BE-622D-4C70-AEBC-AD98526478D1
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwi87qSCxor_ORAFGAEgASgCMgsIvOanr9yK_zkQBTgBWghwdWJtYXRpY2AC
.doubleclick.net/ Name: IDE
Value: AHWqTUl644QGaIiYWGFsR-mqbaCZsTcq8T6mJjhDwPePws1W5MSaiMKgQC6tuCb8jFA
.simpli.fi/ Name: suid
Value: A8C392066AB6478785FFF212652982AF
.adform.net/ Name: C
Value: 1
.quantserve.com/ Name: mc
Value: 614bbb3a-4811b-9be73-a02e6
.de17a.com/ Name: guid2
Value: 1.6377988007333069753
.adform.net/ Name: uid
Value: 6541243606412439021
.mathtag.com/ Name: uuid
Value: 3df0614b-bb3a-4400-9cf5-acab53100f8d
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7636156164787956838
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-CqjSwF771cMRrd6TDfvLm1780ZER-NaQWa_WUhU1&KRTB&22979-CqjSwF771cMRrd6TDfvLm1780ZER-NaQWa_WUhU1
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEJH7b30vTh0uCVEX7_hqgZc&KRTB&16514-CAESEJH7b30vTh0uCVEX7_hqgZc&KRTB&23025-CAESEJH7b30vTh0uCVEX7_hqgZc
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-19e8b32c-8184-4af2-85b7-bc7580dd7727&KRTB&22918-19e8b32c-8184-4af2-85b7-bc7580dd7727&KRTB&23031-19e8b32c-8184-4af2-85b7-bc7580dd7727
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:230b614b-bb39-4300-b04d-1511c93daab7&KRTB&16736-uid:230b614b-bb39-4300-b04d-1511c93daab7&KRTB&23019-uid:230b614b-bb39-4300-b04d-1511c93daab7&KRTB&23114-uid:230b614b-bb39-4300-b04d-1511c93daab7
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5121012387558385027&KRTB&23263-5121012387558385027
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-6377988007333069753
.onaudience.com/ Name: cookie
Value: f764190189b85588
.onaudience.com/ Name: done_redirects161
Value: 1
.pubmatic.com/ Name: pp
Value: 156498
.pubmatic.com/ Name: PMDTSHR
Value: cat:
.pubmatic.com/ Name: DPSync3
Value: 1633478400%3A201_221_226_227_235_197_219%7C1632355200%3A174
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2518706843731342197
.adfarm1.adition.com/ Name: UserID1
Value: 7010903107011868822
.fiftyt.com/ Name: fifid
Value: 7663343b-6e2c-494e-6fcb-35313544c530
.fiftyt.com/ Name: cs
Value: MTYzMjM1MzA4M3xEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fBWNHrnDTso-lLAcP7FFFCELnOp89Q35zWo6wEQqU9MU
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-no-consent
.zeotap.com/ Name: zc
Value: c62df778-f9a7-40b3-6797-ffbc10ff4286
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7010903107011868822
.fiftyt.com/ Name: fppm
Value: 20210922232443
.adsby.bidtheatre.com/ Name: __kuid
Value: 8adb45b7-4333-46c1-98a0-198a286cc8fc.401567083
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSsjA3NTe2NDCytDA1MDAwMTA2EuIz1K0MDPVJ9kky8y7KKpLiNTQzNjI2NTawMDY2tgQA8u7UfzMAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSsjA3NTe2NDCytDA1MDAwMTA2EuIz1K0MDPVJ9kky8y7KKgIA7Z4o6CQAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAFvFwmtoZmxkbGpsYGFsbGwJAAuh1SsQAAAA
.semasio.net/ Name: SEUNCY
Value: 2E22BB2D07F089A8
.pubmatic.com/ Name: SPugT
Value: 1632353083
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-e330c04b-dea3-4b7e-bf6a-438dd4f0a607
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YUu7OwADldn0ewAR
.bidr.io/ Name: bito
Value: AACHc07Cl3YAAAhXkwtRRw
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 22978-YUu7OwADldn0ewAR&KRTB&23194-YUu7OwADldn0ewAR&KRTB&23209-YUu7OwADldn0ewAR&KRTB&23244-YUu7OwADldn0ewAR
.audrte.com/ Name: arcki2_TT
Value: 1632353083522!l27CPBHGRmZQ7S1CHOQVtJTJQ!6c6fe68e-4096-4245-a5f4-4f251c100ba4#8c18f31c-d6a3-3670-9b64-dcc3857627f0#5033f715-ed6f-4763-b090-a4be6892a848#ebc162fc-eb0a-31b9-b470-a9d4292c4a18#6da957d6-4fb5-4902-a54f-0f351afffd5b!pubmatic
.audrte.com/ Name: arcki2
Value: l27CPBHGRmZQ7S1CHOQVtJTJQ!20210804!1632353083629
.quantserve.com/ Name: d
Value: EOQBEgGnJPijD9r7EA
.taboola.com/ Name: t_gid
Value: 04bcb178-9cdd-4520-a8ea-d4849b09b8df-tuct84540bc
.erne.co/ Name: u
Value: a9oCQGlL7RfDx96AlSbvXhu8
ads.playground.xyz/ Name: connect.sid
Value: s%3AtxMKLM2WBjlYZh64lTIprwi71ym6w8HX.328Ak5KdxzQnqBXXE7eXxuLpbXI7LFUQutBxvosNxXU
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-a9oCQGlL7RfDx96AlSbvXhu8
.tribalfusion.com/ Name: ANON_ID
Value: aVnseFpyXagbqiVREFmMRM9Zc7YtiHguqFF4sY6ncywxrQgMd3hMk834wiIOSpdZcE8Ma3rqUZcrt1tM9ekfI5b
.casalemedia.com/ Name: CMID
Value: YUu7PDFHrsWDWEQng1By6AAA
.casalemedia.com/ Name: CMPS
Value: 5237
.casalemedia.com/ Name: CMPRO
Value: 1199
.lijit.com/ Name: ljt_reader
Value: cf49f7aed0b0044759579798
.yahoo.com/ Name: A3
Value: d=AQABBDu7S2ECEOUp8kbiRMRxrEArfyGdV44FEgEBAQEMTWFVYQAAAAAA_eMAAA&S=AQAAAtS5nfEN5B3hfGrELjcGwf0
.owneriq.net/ Name: si
Value: Q6856394842015386902
.owneriq.net/ Name: p2
Value: cc
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.pubmatic.com/ Name: SyncRTB3
Value: 1637452800%3A69%7C1633478400%3A7_13_231_176_55_233_99_161_230_21_165_56_88_71_189_234_81_22_8_104_3_166_204_5_57_220_222_54%7C1634860800%3A203%7C1632873600%3A2_15_223%7C1633564800%3A35%7C1633132800%3A63
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.sharethrough.com/ Name: stx_user_id
Value: 060d8968-fd4b-4137-9107-abbbd6ab2e42
.adsniper.ru/ Name: uuid3
Value: IiQ0NTNjNTViZS0xYmZjLTExZWMtODZlMC0wMDI1OTBjMDY0N2M*
.id5-sync.com/ Name: id5
Value: 9b21d52c-a96b-49b0-9580-3ed2b84ab446#1632353081307#2
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: callback
Value:
.advertising.com/ Name: APID
Value: UP453c7018-1bfc-11ec-b823-02d121a62cd4
.adhigh.net/ Name: gi_u
Value: Mml1rvnRJE8.AikABlF8D9Nlzg
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-376acdc3-5507-46a4-89e4-19c62868c632-003%22%7D
.bumlam.com/ Name: suuid3
Value: IiQ0NTNjNTViZS0xYmZjLTExZWMtODZlMC0wMDI1OTBjMDY0N2M*
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z8~20jz:192w~20jz:192x~20jz"
.yahoo.com/ Name: APID
Value: UP453c7018-1bfc-11ec-b823-02d121a62cd4
.yahoo.com/ Name: APIDTS
Value: 1632353084
.adhigh.net/ Name: btw_sync
Value: IcG
ms.quantumdex.io/ Name: qdsp_uid
Value: 46bfd5b7-139e-46f5-a8b4-20e8c9e3df44
ask.fm/ Name: _m_ask_fm_session
Value: ellRT1NBR0pLT1lDVUxtVWJmVFFwRCs4OVNqeWp0QmNDaEV2Y1Uzd2xITjUwakNQQmZraVBTVW5SbTM2R0dNcURiUERuOG1Gbmh6NFFwRDJuZC9UN0o1b3lvMVZWeDVDRDVnZy9GQ0ZMT2ltb0Y2Zzd4Y0pRdW8vNmE2RVlBVDJvU25SaUtxZGpPV2pNNjljNUJzZE4wZitWaTlIYlU5azE1Y0pKakEvNnZ6QURoaXJwRkZIdmhYOWJtamx0L1NNU293a1hXVUMxQ0NuWWtkaFVwTXp0M0ZjeXBhdXFjM25FVTJZamIrYUpyYkpXRWhGZDNUR0lKMlB6WGRyY0M4ei0tak9YdE42ZFc5NlBXQ0VYSzFKcEFBQT09--5fdc1142c72ebc816536a26fec91cdb66b0958af
.w55c.net/ Name: wfivefivec
Value: 2u4omhjK1MtbBy5
.w55c.net/ Name: matchpubmatic
Value: 5
.creative-serving.com/ Name: tuuid
Value: 05865562-f166-4d74-b724-1e510ee18879
.creative-serving.com/ Name: c
Value: 1632353084
.creative-serving.com/ Name: tuuid_lu
Value: 1632353084
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:2u4omhjK1MtbBy5
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 29c4d69c2d0b0d08a9b0f7ff2449e0f4
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMLJMNkkxs0w2SjFIMkgxsEi0TDJIM09LMzIxsUw1SDNhAIJE7922IBoKAFomCrg%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI9N5tC6SgAAAUkgGl"
.betweendigital.com/ Name: ut
Value: YUu7PQAAWdgyykLjGMdGkeeJtIQH-cqGmpabcQ==
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 4307ec3c-db09-48c2-bf06-76aeaa61b3a5
beacon.lynx.cognitivlabs.com/ Name: ss
Value: WyLbjcP7Wmr4D4fFylkZbWiMyryUG7T%2Bfsb6dqbXP%2FYimZ9OOY10GHfqciox9sLCR68CFHsJtbifUszfmRhQPQ%3D%3D
.casalemedia.com/ Name: CMST
Value: YUu7PGFLuz0A
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-34a4aec2-976b-4b42-6772-f4dce5ebec29.uvUa4F6yPK8FBk9yu1CgGDOJXyv1uliT1SKXPRZXxJo
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-34a4aec2-976b-4b42-6772-f4dce5ebec29%24ip%24136.243.198.85.etaTuY1DlMVjDaTNirMjL%2BXxns8BKQaUtNynBqy0wO4
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-D7absBiISqtshCr1N-La1YjzxlU
.pubmatic.com/ Name: PugT
Value: 1632353085
.ipredictive.com/ Name: cu
Value: 45744966-1bfc-11ec-98c4-1112683929aa|1632353085260
.casalemedia.com/ Name: CMRUM3
Value: 04614bbb3c27602518706843731342197&dd614bbb3c2760&03614bbb3c05a0&1f614bbb3c05a00&49614bbb3c05a0&2e614bbb3c05a0&6f614bbb3c05a0&f1614bbb3c05a0&7b614bbb3d2760NKSuwpdrS0JncvTc5evsKYjzxlU&2d614bbb3c2760CAESEHHcj_ZTyDWN74UsEbw7OaU&08614bbb3d27604307ec3c-db09-48c2-bf06-76aeaa61b3a5&98614bbb3d27606fd15022-8490-46a7-b109-2f7efe80b185&e6614bbb3c2760&ee614bbb3c2760&27614bbb3c0b40&58614bbb3c05a0
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-45744966-1bfc-11ec-98c4-1112683929aa&KRTB&23011-45744966-1bfc-11ec-98c4-1112683929aa
event.clientgear.com/ Name: mkuuid
Value: mk30b3deb7-33ac-4f8c-bc1f-1ee58c550adc

14 Console Messages

Source Level URL
Text
network error URL: https://ask.fm/francecoil85
Message:
Failed to load resource: the server responded with a status of 410 (Gone)
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9404._fozvwKigEs6A9TfWYJsshu78BZ0hsz_wJQE1dhptiMhrdPNoJGLpexs5nVqnkH91Tvmb6dHbBRUrZIpuihXKA%2C%2C.-4TC2aOwKQ68e416m5clAhikfCs%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript error URL: https://ask.fm/francecoil85
Message:
Access to XMLHttpRequest at 'https://i.connectad.io/api/v2' from origin 'https://ask.fm' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://i.connectad.io/api/v2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://ask.fm/francecoil85
Message:
Access to XMLHttpRequest at 'https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc' (redirected from 'https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fask.fm%2Ffrancecoil85&cb=642062698&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C54345%2C1%2C8227901967654445023453366442,,') from origin 'https://ask.fm' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://ask.fm/francecoil85
Message:
Failed to load resource: the server responded with a status of 410 (Gone)
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 403 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://cdn.connectad.io/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
network error URL: https://idsync.rlcdn.com/461886.gif?partner_uid=YUu7PDFHrsWDWEQng1By6AAA%261199&&gdpr_consent=&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://ask.fm/francecoil85
Message:
Failed to load resource: the server responded with a status of 410 (Gone)
network error URL: https://an.yandex.ru/setud/adsniper/fe1dafd4982a309e?redir-setuniq=1&sign=3279833605
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.tribalfusion.com
a.vidoomy.com
acdn.adnxs.com
ad.lkqd.net
ad.turn.com
ad4m.at
ads-eu.v.ssp.yahoo.com
ads.adaptv.advertising.com
ads.betweendigital.com
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.vidoomy.com
adx.adform.net
aktrack.pubmatic.com
an.yandex.ru
ap.lijit.com
ask.fm
aud.pubmatic.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
c1.adform.net
cache.betweendigital.com
cdn.connectad.io
cdn.jsdelivr.net
cm.adgrx.com
cm.g.doubleclick.net
cmp.optad360.io
colossalcoat.com
connect.facebook.net
cs.lkqd.net
csync.loopme.me
d16vsmxl4d5tw1.cloudfront.net
d3r6ceqp4shltl.cloudfront.net
d5p.de17a.com
dbq8hrmshvuto.cloudfront.net
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
esputnik.com
event.clientgear.com
get.optad360.io
green.erne.co
gum.criteo.com
htlb.casalemedia.com
i.connectad.io
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
loada.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
mc.yandex.com
mc.yandex.ru
ms.quantumdex.io
mug.criteo.com
mwzeom.zeotap.com
onetag-sys.com
p.rfihub.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.quantserve.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prg.smartadserver.com
pubmatic-match.dotomi.com
px.adhigh.net
px.owneriq.net
rtb.gumgum.com
s.amazon-adsystem.com
s.tribalfusion.com
script.4dex.io
search.spotxchange.com
secure.adnxs.com
serving.stat-rock.com
simage2.pubmatic.com
sonata-notifications.taptapnetworks.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.bumlam.com
sync.extend.tv
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.quantumdex.io
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync3.adsniper.ru
t.lkqd.net
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
useast.quantumdex.io
v.lkqd.net
vid-io-cle.springserve.com
vid.pubmatic.com
vidoomy-d.openx.net
visitor.fiftyt.com
vpaid.pubmatic.com
vpaid.springserve.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
x.bidswitch.net
an.yandex.ru
cm.g.doubleclick.net
i.connectad.io
loada.exelator.com
t.lkqd.net
104.111.242.53
142.250.185.194
144.76.120.254
146.20.128.160
146.20.128.61
146.20.132.73
147.75.38.124
151.101.193.44
151.101.66.49
151.139.128.11
151.236.71.146
159.253.128.183
162.55.6.212
169.197.150.8
173.231.180.197
178.162.133.149
178.250.0.157
178.250.2.151
178.62.202.251
18.156.0.31
18.159.240.81
18.184.95.242
18.194.125.59
185.29.132.245
185.64.189.115
185.64.189.229
185.64.190.75
185.64.190.80
185.64.190.81
185.86.137.114
185.94.180.123
188.165.4.142
193.0.160.128
193.138.77.140
193.232.148.143
2.18.232.130
2.18.233.180
2.18.234.21
2.18.234.233
2.21.111.28
2001:678:cb4:bbbb::11
213.155.156.185
213.19.147.44
2600:9000:20eb:b200:c:d85b:b300:21
2600:9000:2156:4400:11:a4de:2580:93a1
2600:9000:2156:ac00:6:b871:4f00:93a1
2600:9000:2156:f600:15:6f6c:b180:93a1
2600:9000:21f3:0:13:811c:e440:21
2600:9000:21f3:f600:11:3771:2e40:21
2606:4700:10::6816:1957
2606:4700:10::6816:37ce
2606:4700:10::6816:387e
2606:4700:20::681a:bd1
2606:4700::6812:d05
2606:4700::6812:fa1
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:110:c305::8000
2a00:1450:4001:802::200e
2a00:1450:4001:82f::2008
2a00:1450:400c:c08::9d
2a02:2638:1::13
2a02:6b8::1:119
2a02:fa8:8806:16::1400
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42:400::485
2a04:4e42:600::300
2a05:d018:ac8:b920:9466:f230:a20d:7fc0
3.12.29.116
3.120.83.159
3.123.90.134
3.129.250.65
3.213.248.174
31.172.81.158
34.199.172.6
34.247.198.95
34.253.111.115
34.254.122.11
34.98.107.212
35.156.165.31
35.158.223.21
35.201.96.126
35.201.96.133
35.244.159.8
35.244.174.68
37.157.3.30
37.252.173.215
37.252.173.27
38.27.122.158
47.252.78.131
51.89.9.252
52.209.141.213
52.28.33.143
52.44.220.233
52.46.154.242
52.57.48.21
52.71.142.200
54.36.109.156
54.90.144.255
66.155.71.149
72.251.249.13
76.223.111.131
77.243.60.138
85.114.159.118
88.212.252.2
0056fc70e9e9ef6b04d00a0efc1fec72609bfbe74c1e26c447562dc735961288
0453226709ae7d3bc65bc7fe005bc6bd69bf17590c3b0396d6bf64a016226b44
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540
06ab2c1c3e2f2494ae924555e59993dd56c8abb4a5abf2dc40193986f085ab0b
0a23127d32a72715f9b5b0b80166f174cfc9dbc260e2f74b3ba0409eef0775f6
0a76103406e7e58113441df8f2771a0f85544abb8f4abbf2ada5639b7326b659
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0df33bbf056c61ab7c3c2d0bbfe612a27d73899ff4e9379a65592d3894209531
0e81856bddf17fea14e54812715224c95b0466813a4212f76dea03cb86eaff05
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad
10003e6f48a02cfdf3276a92f4dd34975ebcec93f257b37a33a0ae939251a2d0
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13ca345cb1bb431435c40d5ed2246aa21f75f555cb2b182744d34a1bc5d6616d
15c441afe891dac008a38a4b2c7a38cfb08b20ba3f54eff52171314d0f806b97
16a0a337aa0948de6ab461a2f2d54e129e5750f2a5dc9a90560f4fcf0978ef9d
181ee422e7d9bc51c286621ef54e25f0768c594e44fb622d83fcd6c6771057ca
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1d3e882427c0e2024329dcdf2db8bf2f25aaf5b0f89f9ec59323dcd2a76dc2db
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
32303ccaadd9a7b47bc29334d09dee7bce4f405625148103fae44e831fee6384
35a151bdd06b1ff2746faf02664bf25f5e1a59015a0253d77cbce9f0725be843
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3829084b56b71e2042822542dd4498849ab63dd2306ee402e8ff000d6d091c8a
3931e36b90e13975a9dfb599579200c9f51945c6d8ec10c34e22f1b472e006c8
3c5025aec0774ec6504613b641c28ea07a125675ed934e842b55512705d1953e
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e7b9152d32734b5c103b914373802fb284954be73b0669814be4999a7d52dc0
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fcd00a6cdcdabc4f27199f1f810901f0ae627b7a357e4d00159619227388b9b
41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45c5980d46277eb350f2603772ffba4259692167bfde84c2182a2a6d081f797b
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
496eb4a87bf6b117befbf1052e89db57866e2e8a310411611ee1fa28cfbee6d3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
53772b3cc2cd0066aadb4d6a62462fe9feead36293fb78729a84bef8ed1b9144
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
56db5359eda573e81167aabe658fbc2c7ec3a9678d640f9fd7e356bca080c74d
57018bdfea5f2c7c7e38e3aac19da8880512db7f1f121b21fed1ea41e3021b58
5bba4b0aa8b59105315db5767384353a717d2d7b11ce667bfe579c5f3a0e8f6e
65338ce842a28a0513659a07c0f208bc893a685164fa834d83d42a214451a64b
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
68bbd771eecb76f98639a65674facba6df78abad6550a712aff0d30fefe11c71
6a9927d34f4bab2af700510fd27194cfd1603e97a34cbb21678350f4cd93b2b3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
777b5a7942082fbcc8bf04339c0cbb8dfa861c02d2efd413cff931b8d6d0c51b
78a50a8e91ef6cb72f2b97237cd71f199b209cead43db8ce1b1c06d129a0951e
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
7b1b6b2b9feb08819c49aa5970e262efcabc881ddb6535ae1cfc27f03e40d79c
7cb4560c15852d4f239dbe2b2fb095b3e1dcd15086b7a4307d42ae1e6c20c139
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7d686d177219cc6723399b79208b78f7d3d39403d39ee4ad9bcdb69227613598
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
86a90b183aecfa70018125329bdc860971b2f20123c0f40e68bac0a1dcb58645
888568d90e0919bf891083279832a974635909bf86acf91270ec02ccad5323aa
8a9820e7a05173822b9285ee2c2815e16b058bd2c40bc7ca8ba5387f7a6840ae
8d2f1c23a5b4e02e2c94eb9b82ed3fed778178500765076ae8e9dc0e125fcb7d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d8c6fdb6ad6f5f45d6d585294e84c2d6248f982c168f5120655e70f37720173
8f332abf668560fb91ed8e3d090a5f4562c73f087a5aa01b7625795a8f12214f
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f
98ebc5056d4a6a2df96e2494f95e23b1c8c4f8835b0d981464797e1a1d25517f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a477391460d58218d6158b3d40326e3a77d491439f7a97f2cb9c68fbc59d5882
a4b5fa020544018ad790c68df754874d918d3afd87445af487d5b8e069b7ae9f
a54b6501010a2a11a342b7f1459a10336ce2b96a98c523c015de676203f1e282
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab602371580e173117754efb55e7dbe2e545b34208b36d4fe88c12929c222a05
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae85aa49d4acbc64c9b1b76252d301ce65961fe727c4b6b78e43ab5e16f9c440
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1bb7130be997a146f6c1b497f88c741747fbcd102efd919bfb9049828c42de5
b2e49befdf2448b77fbb6122a7168995c325fd7c9f2edf7251f643eb6b388f6f
b570d38ee9fb9d3c62cdd3395021b23cf0c1b8d6e55aa0f4c31496723a30c202
b5818cd490a65e90196944d943da9e0778cba66c35eb65fdc90591d3dff41bd7
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2
b68dfa543c3d1a3035a19bc67f4c3d7b686c7474553c3cd70f35fc634550cfc1
b96436cae2acbe0c0bb91cab4ae9f63ba699afa4b81b8fcba9789caae688b88e
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc62a4792338944e995f53c92fab8a92c657d8e3ce98d8b9dc96c86f9cf540e0
cd3f2a0f1eb95e969b0df1d57c23a7ec825c98288f6798b63449ebb41cb81d6e
cede43a773a43b17bcce6ed2367c3869fe530ea19099336375bae0dec7d3916a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d13b828524033b9a73c68df3bf063d050d264b970d6292f5a177f885a27e6792
d45ba86a06644cb3e41c59e719bf70a455ac24bfb0eddad5a5955c63e6788740
d511af9ecc642252f58fdc72fe1f870e9f25c4389f71dde8ff3b1f665bafc140
d7e29017de0f9ded0d6919e5995b51dfb18cfd91f1100b410124bcf97d39b780
d9d7bfe4c571e203ca7209b5f2b3b77ae353f3d9358af9744c274a884b3f0c1a
dca67c5a0abe9dc76c3e187e2cf023f27edf493bc68d6c64518108e16c891ef3
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd9a6f5f079397ea8ea098ab4d56b53a2130d72ecc1e8a582638e0a4a5653cb4
dd9d02dadb5cf247f8cae2585eee2209464d8eeae7d6cf15062d728b8c23aad0
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de69013632e3fa8cedea3a81fdeb42add94c60cd24b30f5bde0c289b0f6f549c
dec9b1658814521902f86d8ba736b2e32de4fc3642069815e0a7d852f0ca9383
e0171ea50b3dff13a6c0317353872cd4ef94a0667da030e5eeb86ff893e5e553
e1beb0870393589f1f1508599939202caee7d904ee7d8b0cd620f2fa4612f3ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8b5778c20e28c6fd30311dcb2028a7025cbd8c1dfcab239c384c56788cad59d
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ec28c2abdd3c66221d33278c00dcad36a34c0058b4f49b36efee783ce006fcd5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8
f1333d06c7b7c309055933a296cbcc51db3e0ac6455aa893499b44e90a4f8660
f155465a57aa2c4f24e404151482ddd419ef393fa2ce9894402ad10d5c240fa7
f35eb63af5172e2882f9880d0668b3517869ae1dcf15cec3b5b4ebd506ffb544
faa6940b83430b780923c2b4332706ae7e518ce9e567ac2699c14c778417c317
fc1e645bcaec183f74c84792f412e1914ec917593254f6434d0d19aa3decd2ea
fcce7f405cb29f7e894f85e2243224134721ed82780f5767f2e06e7927c56747
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62