ask.fm Open in urlscan Pro
193.138.77.147 Public Scan

URL:
https://ask.fm/bronzerice218
Submission: On July 22 via manual (July 22nd 2021, 8:55:26 pm UTC) from GB

Summary HTTP 91 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 30 IPs in 9 countries across 36 domains to perform 91 HTTP transactions. The main IP is 193.138.77.147, located in Latvia and belongs to ASK-FM, US. The main domain is ask.fm.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on July 30th 2020. Valid for: a year.

This is the only time ask.fm was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	193.138.77.147 193.138.77.147	395754 (ASK-FM) (ASK-FM)
9	2600:9000:218... 2600:9000:2182:800:11:3771:2e40:21	16509 (AMAZON-02) (AMAZON-02)
3 12	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:7c00:6:b871:4f00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:21f... 2600:9000:21f3:3e00:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	144.76.120.254 144.76.120.254	24940 (HETZNER-AS) (HETZNER-AS)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
4 8	185.33.220.243 185.33.220.243	29990 (ASN-APPNEX) (ASN-APPNEX)
1	147.75.38.124 147.75.38.124	54825 (PACKET) (PACKET)
1 12	2606:4700:20:... 2606:4700:20::681a:34e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	184.31.84.150 184.31.84.150	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700:10:... 2606:4700:10::6816:37ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.13.108 151.101.13.108	54113 (FASTLY) (FASTLY)
4 16	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 1	18.158.174.89 18.158.174.89	16509 (AMAZON-02) (AMAZON-02)
2	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	54.86.120.215 54.86.120.215	14618 (AMAZON-AES) (AMAZON-AES)
2 2	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	67.202.110.22 67.202.110.22	32748 (STEADFAST) (STEADFAST)
6 6	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2 4	209.54.178.82 209.54.178.82	16509 (AMAZON-02) (AMAZON-02)
2	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
1 2	34.253.111.115 34.253.111.115	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.135.226 185.29.135.226	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
1 1	34.194.148.31 34.194.148.31	14618 (AMAZON-AES) (AMAZON-AES)
1	35.156.19.236 35.156.19.236	16509 (AMAZON-02) (AMAZON-02)
2 3	104.111.242.53 104.111.242.53	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
91	30

4 193.138.77.147 (Latvia)

ASN395754 (ASK-FM, US)

ask.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:2182:800:11:3771:2e40:21 (United States)

ASN16509 (AMAZON-02, US)

d3r6ceqp4shltl.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:7c00:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:3e00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 144.76.120.254 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: ap15.adplayer.pro

serving.stat-rock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.33.220.243 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:34e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

useast.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ms.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:37ce (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-eu.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2.18.234.21 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.174.89 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-174-89.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.162.133.149 (Madrid, Spain)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.86.120.215 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-120-215.compute-1.amazonaws.com

nep.advangelists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.9 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.110.22 (Crown Point, United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-110.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.16.130 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 209.54.178.82 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.253.111.115 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-111-115.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.135.226 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.183 (Amsterdam, Netherlands) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.194.148.31 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-148-31.compute-1.amazonaws.com

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.19.236 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-19-236.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.242.53 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	casalemedia.com 4 redirects htlb.casalemedia.com ssum-sec.casalemedia.com dsum-sec.casalemedia.com	16 KB
12	quantumdex.io 1 redirects useast.quantumdex.io sync.quantumdex.io ms.quantumdex.io	7 KB
10	yandex.com 2 redirects mc.yandex.com	3 KB
9	adnxs.com 4 redirects ib.adnxs.com acdn.adnxs.com	25 KB
9	cloudfront.net d3r6ceqp4shltl.cloudfront.net	234 KB
6	doubleclick.net 6 redirects cm.g.doubleclick.net	1 KB
6	stat-rock.com serving.stat-rock.com	96 KB
4	amazon-adsystem.com 2 redirects s.amazon-adsystem.com	3 KB
4	onetag-sys.com onetag-sys.com	2 KB
4	criteo.com 1 redirects gum.criteo.com mug.criteo.com	1 KB
4	ask.fm ask.fm	22 KB
3	owneriq.net 2 redirects px.owneriq.net	1 KB
3	optad360.io cmp.optad360.io get.optad360.io	225 KB
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net	1 KB
2	adsrvr.org match.adsrvr.org	529 B
2	pubmatic.com ads.pubmatic.com image6.pubmatic.com	5 KB
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	sonobi.com sync.go.sonobi.com	1 KB
2	yahoo.com ups.analytics.yahoo.com Failed	1 KB
2	indexww.com js-sec.indexww.com	2 KB
2	connectad.io i.connectad.io Failed cdn.connectad.io sync-eu.connectad.io	935 B
2	facebook.net connect.facebook.net	70 KB
2	yandex.ru 1 redirects mc.yandex.ru	71 KB
1	bidswitch.net x.bidswitch.net	146 B
1	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com	377 B
1	turn.com 1 redirects ad.turn.com	425 B
1	simpli.fi 1 redirects um.simpli.fi	627 B
1	mathtag.com 1 redirects sync.mathtag.com	638 B
1	33across.com ssc-cms.33across.com
1	advangelists.com 1 redirects nep.advangelists.com	227 B
1	sharethrough.com 1 redirects match.sharethrough.com	240 B
1	a-mo.net prebid.a-mo.net	370 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	facebook.com www.facebook.com	297 B
1	googletagmanager.com www.googletagmanager.com	35 KB
0	adform.net Failed adx.adform.net Failed
91	36

	Domain	Requested by
10	sync.quantumdex.io	get.optad360.io sync.quantumdex.io ssum-sec.casalemedia.com
10	mc.yandex.com	2 redirects ask.fm mc.yandex.ru
9	d3r6ceqp4shltl.cloudfront.net	ask.fm d3r6ceqp4shltl.cloudfront.net
8	dsum-sec.casalemedia.com	2 redirects ssum-sec.casalemedia.com
8	ib.adnxs.com	4 redirects get.optad360.io acdn.adnxs.com
6	cm.g.doubleclick.net	6 redirects
6	ssum-sec.casalemedia.com	2 redirects js-sec.indexww.com sync.quantumdex.io ssum-sec.casalemedia.com
6	serving.stat-rock.com	get.optad360.io
4	s.amazon-adsystem.com	2 redirects ssum-sec.casalemedia.com
4	onetag-sys.com	get.optad360.io sync.quantumdex.io
4	ask.fm	d3r6ceqp4shltl.cloudfront.net serving.stat-rock.com
3	px.owneriq.net	2 redirects ssum-sec.casalemedia.com
2	bcp.crwdcntrl.net	1 redirects ssum-sec.casalemedia.com
2	match.adsrvr.org	ssum-sec.casalemedia.com
2	ap.lijit.com	2 redirects
2	sync.go.sonobi.com	sync.quantumdex.io
2	ups.analytics.yahoo.com	sync.quantumdex.io ssum-sec.casalemedia.com
2	js-sec.indexww.com	get.optad360.io ssum-sec.casalemedia.com
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	get.optad360.io	d3r6ceqp4shltl.cloudfront.net get.optad360.io
2	connect.facebook.net	d3r6ceqp4shltl.cloudfront.net connect.facebook.net
2	mc.yandex.ru	1 redirects d3r6ceqp4shltl.cloudfront.net
1	image6.pubmatic.com	ads.pubmatic.com
1	x.bidswitch.net	ssum-sec.casalemedia.com
1	beacon.lynx.cognitivlabs.com	1 redirects
1	ad.turn.com	1 redirects
1	um.simpli.fi	1 redirects
1	sync.mathtag.com	1 redirects
1	ssc-cms.33across.com	sync.quantumdex.io
1	ads.pubmatic.com	sync.quantumdex.io
1	ms.quantumdex.io	1 redirects
1	nep.advangelists.com	1 redirects
1	match.sharethrough.com	1 redirects
1	sync-eu.connectad.io	cdn.connectad.io
1	acdn.adnxs.com	get.optad360.io
1	cdn.connectad.io	get.optad360.io
1	htlb.casalemedia.com	get.optad360.io
1	useast.quantumdex.io	get.optad360.io
1	prebid.a-mo.net	get.optad360.io
1	cdn.jsdelivr.net	get.optad360.io
1	www.facebook.com
1	cmp.optad360.io	d3r6ceqp4shltl.cloudfront.net
1	www.googletagmanager.com	d3r6ceqp4shltl.cloudfront.net
0	adx.adform.net Failed	get.optad360.io
0	i.connectad.io Failed	get.optad360.io
91	46

This site contains links to these domains. Also see Links.

Domain
about.ask.fm
lap78.ask.fm
safety.ask.fm
support.ask.fm
www.facebook.com
instagram.com
twitter.com
vk.com

Subject Issuer	Validity	Valid
*.ask.fm AlphaSSL CA - SHA256 - G2	`2020-07-30` - `2021-09-27`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.optad360.io Amazon	`2020-12-17` - `2022-01-15`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
serving.stat-rock.com R3	`2021-06-20` - `2021-09-18`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
onetag-sys.com R3	`2021-05-02` - `2021-07-31`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.a-mo.net R3	`2021-07-16` - `2021-10-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
connectad.io Cloudflare Inc ECC CA-3	`2021-05-16` - `2022-05-15`	a year	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.owneriq.net GeoTrust RSA CA 2018	`2021-01-29` - `2022-02-02`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://ask.fm/bronzerice218
Frame ID: 27ED5866F9298D6591A929FD7037E4B2
Requests: 47 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1626987312136
Frame ID: D72EEBF91C771C961E2F38D610BB0C5D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 008EF0CDE7389DF5498C1687B228A564
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0D04C6F79229969708504208263B3A2B
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 09B94E5824606FAC34BF939649286753
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: F0910A8C8FE06A875806D5E23F38A103
Requests: 11 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 779D8D38723D258B82AA11F9C546CD3D
Requests: 10 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1
Frame ID: 504686CC2B5E10A161D6F1FCB843A03E
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Frame ID: 63A4BF0AE0A51587803B44620D0921AD
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 515092EC6AB3FA185FED65B729514A4C
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: EF024E40D8988505D5908D1CBE91804A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 62F881802FD99BC1CB10C07B6C6ACC80
Requests: 2 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy=&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 57FB65B84E6227DFBFF89B944C66E980
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ruby (Programming Languages) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Page Statistics

91
Requests

96 %
HTTPS

32 %
IPv6

36
Domains

46
Subdomains

30
IPs

9
Countries

811 kB
Transfer

2278 kB
Size

8
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://about.ask.fm/cookie-policy/?lang=en
Title: Cookies

Search URL Search Domain Scan URL

URL: https://lap78.ask.fm/goto/50aiCfb4fe-ICCd0l3Hz_oAvoAOV--qMvwn5pPy_wy3NJAwxGJdddwyqpEdDHDFuFg_dIK5vpGfjrIYmtAUUiE9NXnt3zD2YOD7rhaLBlic=
Title: https://www.repairmywindowsanddoors.co.uk/haroldwood-windowrepair/

Search URL Search Domain Scan URL

URL: https://about.ask.fm/?lang=en
Title: About ASKfm

Search URL Search Domain Scan URL

URL: https://about.ask.fm/terms/?lang=en
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://safety.ask.fm/?lang=en
Title: Safety center

Search URL Search Domain Scan URL

URL: https://about.ask.fm/privacy-policy/?lang=en
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://about.ask.fm/transparency-report/?lang=en
Title: Transparency report

Search URL Search Domain Scan URL

URL: https://support.ask.fm/
Title: Help

Search URL Search Domain Scan URL

URL: https://www.facebook.com/askfmpage

Search URL Search Domain Scan URL

URL: https://instagram.com/askfm

Search URL Search Domain Scan URL

URL: https://twitter.com/askfm

Search URL Search Domain Scan URL

URL: https://vk.com/askfm

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9341.sDMHwWooNacz1mqwC3-rdH-UGRt7ykCCK4Haue5ykmY1JYvUg5sHdUNpOr5ZKvMj.ZeAQJkd7_Qx8HGdzsM_xNxfjofs%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9341.bR2XGYJz_mx7azzEZJEY7AOlwQuUITr5M4xMds7hP8xBObVAgC-N52HC8Hp3zdJzC9pJnr5DsLGXGHY9x9rpuA%2C%2C.PO5FoJBXTkCci7JcNXdf7MH7oL8%2C

Request Chain 10

https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fbronzerice218&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A698%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A386362493424%3Ahid%3A865993170%3Az%3A120%3Ai%3A20210722225508%3Aet%3A1626987308%3Ac%3A1%3Arn%3A275823066%3Au%3A1626987308704079636%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1626987307499%3Ads%3A1%2C311%2C184%2C1%2C0%2C0%2C%2C76%2C101%2C%2C%2C%2C575%3Adsn%3A1%2C311%2C184%2C1%2C0%2C0%2C%2C77%2C101%2C%2C%2C%2C575%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1626987309%3At%3Ajkrad35%20(%40bronzerice218)%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm HTTP 302
https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fbronzerice218&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A698%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A386362493424%3Ahid%3A865993170%3Az%3A120%3Ai%3A20210722225508%3Aet%3A1626987308%3Ac%3A1%3Arn%3A275823066%3Au%3A1626987308704079636%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1626987307499%3Ads%3A1%2C311%2C184%2C1%2C0%2C0%2C%2C76%2C101%2C%2C%2C%2C575%3Adsn%3A1%2C311%2C184%2C1%2C0%2C0%2C%2C77%2C101%2C%2C%2C%2C575%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1626987309%3At%3Ajkrad35%20%28%40bronzerice218%29%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm

Request Chain 26

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=pIC0EHxDblFFS2pjUmRKdnpUNUpHa0E1YzRSMFc5ZVRtZnoyYjJUTXlhMk5odFFHRGhRR1FXdVpJUTFyOHdLaWtGQzRJcHRaR2E4dmgzdlo3MGVqQm56WThKc3JFWVZDUkhsUURRZlJCbEp3SkJ5TlNNbVdpbmJOWE1KajVmR1ZuUVMvV0pscmFYNkJGNTZSQmlwWk1CZEVVK1llYWVDMEJlSDNhb3VaSXAyaDg5alJTYk9Db2lreVBtaFk3NTZ6c0paS2pYSzlyYnB6N0RTQTZzQm1MUHYyTzd3PT18&cppv=2

Request Chain 52

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 53

https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 55

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP1dc8efce-eb2f-11eb-8664-02af93805372

Request Chain 56

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-5ilDrJ1E2uFRtfxaX5FqpyMjjlpI_NgQvg0yTa8-~A

Request Chain 57

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=edfc03d6-5fb4-4db5-bbfa-0cd3f9b12da3

Request Chain 58

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1571165763366016010

Request Chain 60

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1571165763366016010

Request Chain 61

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-7baedf4c-8885-43db-811a-74a744fff4ff

Request Chain 62

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=b3308b8b-9e1f-42a1-917c-671e320d15c4

Request Chain 63

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=806065c5ff236b01dd7e92f4

Request Chain 64

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1571165763366016010

Request Chain 65

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1

Request Chain 70

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YPnbNNNEfU-NJ-A46kt79QAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELeNTBau1uLQKX1ZKUIN4Fw&google_cver=1

Request Chain 71

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YPnbNNNEfU_NJ_A46kt79QAABMAAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YPnbNNNEfU_NJ_A46kt79QAABMAAAAAB&dcc=t

Request Chain 73

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YPnbNNNEfU_NJ_A46kt79QAABMAAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YPnbNNNEfU_NJ_A46kt79QAABMAAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBdS3EAI0y-uMGl90wof8kE&google_cver=1

Request Chain 75

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YPnbNNNEfU-NJ-A46kt79QAA%261216?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YPnbNNNEfU-NJ-A46kt79QAA%261216?gdpr_consent=&us_privacy=&gdpr=1

Request Chain 76

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=947760f9-db34-4400-8fb3-57b042201d91&gdpr=1&gdpr_consent=

Request Chain 77

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=F3796CF9AA41489DBCE7945D1FFFF224&gdpr=1

Request Chain 79

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YPnbNPy3EFfYq2JlngeVUwAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKDOhGOSZKc7_nBv6xSh3eg&google_cver=1

Request Chain 80

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YPnbNPy3EFfYq2JlngeVUwAABHwAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YPnbNPy3EFfYq2JlngeVUwAABHwAAAAB&dcc=t

Request Chain 82

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YPnbNPy3EFfYq2JlngeVUwAABHwAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YPnbNPy3EFfYq2JlngeVUwAABHwAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKw1YZAhYwgAkVwxVrBGn_M&google_cver=1

Request Chain 83

https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3621443922846430750

Request Chain 84

https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=31419a81-d5ac-4e3c-a1ca-3ea834702f75&expiration=1658523316

Request Chain 86

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6802737161949293787&uid=Q6802737161949293787&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

91 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set bronzerice218 Show response
ask.fm/ 15 KB
6 KB 496ms
183ms Document
text/html 193.138.77.147
ASK-FM

General

Check archive.org

Show headers Download Go to

Full URL

https://ask.fm/bronzerice218

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.138.77.147 , Latvia, ASN395754 (ASK-FM, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

13b5784b012400331996d6366f3786dec1fd7ac0ae364a24e53d478bb56003b4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: ask.fm
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Status: 200 OK
Cache-Control: max-age=0, private, must-revalidate
ETag: W/"1270530204a45c3c1cc9750f6354fcf4"
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Date: Thu, 22 Jul 2021 20:55:07 GMT
Set-Cookie: locale=en; path=/; expires=Sat, 23 Jul 2022 02:55:07 -0000 uuid=5cc1b3dd-efff-4307-9b9a-ab92fdad3e67; path=/; expires=Sat, 23 Jul 2022 02:55:07 -0000; secure; HttpOnly country=BE; path=/; expires=Sat, 23 Jul 2022 02:55:07 -0000 traffic_source=organic; path=/; expires=Sat, 24 Jul 2021 20:55:07 -0000 _m_ask_fm_session=U2Y2dmp2UlNxbnE5UDYyR3dxcDNRWURpWXZPMHpHUmIxVWZqZE5KTU04N29Sc2dtR3NISXczS0RuRjVLMTd0cmtNa29UZmJmREhUcXJkV2MvT1hwMWdxaitodVVKMlhybXEycEdXdm91Z2ZyWEw5M2xyOVFQWjFGYjdnVnRQdHZwM1ZWaDFieTdtRGZ0UWFqQkdTWHJGRHo0Y0NZdUFwTnFrSENnVWpBZGJrMHE4RE5qU09mQ2M3N2lLc2VXaFk2U2NWdmd3dUlkeE9WUU5FNFZZNDhVY1VhRnRhWXhxTVVsNEZnWEhFQUFxczkzSk8xVHZyaUlOa0RkaytHTVlsaS0tRis5OHIwaEZjNFlqSVlHMklNYjdoUT09--d96aaa57d453909256c78bdea3fd721c38447c37; path=/; expires=Sun, 25 Jul 2021 20:55:07 -0000; secure; HttpOnly
Server: Ask.FM Web Service
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security: max-age=63072000

GET
H2 200 application_ltr-79dd407c5a949cee8d9a029379a49bd11ba6e422343534d8debb568b366fb33e.css
d3r6ceqp4shltl.cloudfront.net/assets/ 179 KB
39 KB 38ms
10ms Stylesheet
text/css 2600:9000:2182:800:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-79dd407c5a949cee8d9a029379a49bd11ba6e422343534d8debb568b366fb33e.css

Requested by

Host: ask.fm
URL: https://ask.fm/bronzerice218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:800:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

b2e5e4e5a81e4a15556e78fd0de89a86ac2208b717cf37fb823560be8c49f14b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 12:26:39 GMT
content-encoding: gzip
age: 203309
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 38947
access-control-allow-origin: https://ask.fm
last-modified: Mon, 19 Jul 2021 12:08:27 GMT
server: Ask.FM Web Service
etag: "60f56b3b-9823"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET
content-type: text/css
via: 1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: S68hmP-bSjTY3eiYhDBa3-PWYu2SWTGo3O0S5YHUcCIeLUUrJxbcsA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js Show response
d3r6ceqp4shltl.cloudfront.net/assets/ 215 KB
68 KB 46ms
18ms Script
application/javascript 2600:9000:2182:800:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js

Requested by

Host: ask.fm
URL: https://ask.fm/bronzerice218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:800:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 13:38:20 GMT
content-encoding: gzip
age: 5037408
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 68515
access-control-allow-origin: https://ask.fm
last-modified: Mon, 24 May 2021 13:24:40 GMT
server: Ask.FM Web Service
etag: "60aba918-10ba3"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 0CI2DFE6CTM33Nugu29T_x2vvarUkXV-n8XAC2zS3vzMpGkn0vs9aA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 profile-bg-853324ad1cb1a0bbc62244f1854403cfe21ddb5bd45fd2595d018734c80daac7.png
d3r6ceqp4shltl.cloudfront.net/assets/ 24 KB
24 KB 10ms
9ms Image
image/png 2600:9000:2182:800:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/profile-bg-853324ad1cb1a0bbc62244f1854403cfe21ddb5bd45fd2595d018734c80daac7.png

Requested by

Host: ask.fm
URL: https://ask.fm/bronzerice218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:800:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

853324ad1cb1a0bbc62244f1854403cfe21ddb5bd45fd2595d018734c80daac7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 11:14:48 GMT
via: 1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
age: 12735620
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 24239
last-modified: Wed, 27 Sep 2017 12:11:28 GMT
server: Ask.FM Web Service
etag: "59cb9570-5eaf"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: https://ask.fm
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: MHUwpAjhHDVME03oJDD2pwBp2-nWZWHSz1Z1OKY6bFF9C4QjJhvRBA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 223 KB
71 KB 138ms
45ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e788c7f07903cd5e96a062aa3ea175c987b0772cce696914daca381dee353dfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:55:08 GMT
content-encoding: br
last-modified: Thu, 22 Jul 2021 11:32:16 GMT
etag: "60f95590-11a70"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 72304
expires: Thu, 22 Jul 2021 21:55:08 GMT

GET
H2 200 noAvatar-c233d6098087425dfeea8f690fd936de6b3cb2dc9fda991b0a5051169d334399.png
d3r6ceqp4shltl.cloudfront.net/assets/ 956 B
1 KB 17ms
16ms Image
image/png 2600:9000:2182:800:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/noAvatar-c233d6098087425dfeea8f690fd936de6b3cb2dc9fda991b0a5051169d334399.png

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:800:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

c233d6098087425dfeea8f690fd936de6b3cb2dc9fda991b0a5051169d334399

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 11:15:13 GMT
via: 1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
age: 12735595
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 956
last-modified: Wed, 06 Sep 2017 12:36:34 GMT
server: Ask.FM Web Service
etag: "59afebd2-3bc"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: https://ask.fm
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: x48sEgRigH-No4MnoG0Mzj6MAycuDtqnzZ3wKTO2DQRyGDU3Nz9ycg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fontello-4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316.woff2
d3r6ceqp4shltl.cloudfront.net/assets/ 17 KB
18 KB 32ms
12ms Font
application/font-woff2 2600:9000:2182:800:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/fontello-4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316.woff2

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-79dd407c5a949cee8d9a029379a49bd11ba6e422343534d8debb568b366fb33e.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:800:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Origin: https://ask.fm
Referer: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-79dd407c5a949cee8d9a029379a49bd11ba6e422343534d8debb568b366fb33e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 07:03:25 GMT
via: 1.1 f6bd96409cae11d77ed75457d756ef80.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin
age: 7307503
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000
content-length: 17880
last-modified: Thu, 29 Apr 2021 05:41:49 GMT
server: Ask.FM Web Service
etag: "608a471d-45d8"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: https://ask.fm
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: DS__lg_q1sM_fIGyH1lTXVfCOzfQg-ALE0ozxDVPD6lXzSoKKcwyGw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 proximanova-semibold-41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401.woff2
d3r6ceqp4shltl.cloudfront.net/assets/ 25 KB
25 KB 34ms
14ms Font
application/font-woff2 2600:9000:2182:800:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/proximanova-semibold-41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401.woff2

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-79dd407c5a949cee8d9a029379a49bd11ba6e422343534d8debb568b366fb33e.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:800:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Origin: https://ask.fm
Referer: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-79dd407c5a949cee8d9a029379a49bd11ba6e422343534d8debb568b366fb33e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 11:14:43 GMT
via: 1.1 f6bd96409cae11d77ed75457d756ef80.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin
age: 12735625
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000
content-length: 25400
last-modified: Wed, 06 Sep 2017 12:36:34 GMT
server: Ask.FM Web Service
etag: "59afebd2-6338"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: https://ask.fm
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: eajkr77KroC0RskY-SDbBEJCfGbERdU7uVeuip3_AnWAO5UymJVJ9w==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 proximanovareg-98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f.woff2
d3r6ceqp4shltl.cloudfront.net/assets/ 51 KB
52 KB 40ms
20ms Font
application/font-woff2 2600:9000:2182:800:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/proximanovareg-98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f.woff2

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-79dd407c5a949cee8d9a029379a49bd11ba6e422343534d8debb568b366fb33e.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:800:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Origin: https://ask.fm
Referer: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-79dd407c5a949cee8d9a029379a49bd11ba6e422343534d8debb568b366fb33e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 11:14:43 GMT
via: 1.1 f6bd96409cae11d77ed75457d756ef80.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin
age: 12735625
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000
content-length: 52204
last-modified: Wed, 02 Aug 2017 08:00:22 GMT
server: Ask.FM Web Service
etag: "59818696-cbec"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: https://ask.fm
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: 5UuMfXGKPg_aCTZ4pXnfqLb8qDozF-c9pNfWh2AYHKUjsthMtMORwA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9341.sDMHwWooNacz1mqwC3-rdH-UGRt7ykCCK4Haue5ykmY1JYvUg5sHdUNpOr5ZKvMj.ZeAQJkd7_Qx8HGdzsM_xNxfjofs%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9341.bR2XGYJz_mx7azzEZJEY7AOlwQuUITr5M4xMds7hP8xBObVAgC-N52HC8Hp3zdJzC9pJnr5DsLGXGHY9x9rpuA%2C%2C.PO5FoJBXTkCci7JcNXdf7MH7oL8%2C

75 B
75 B

45ms
45ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9341.bR2XGYJz_mx7azzEZJEY7AOlwQuUITr5M4xMds7hP8xBObVAgC-N52HC8Hp3zdJzC9pJnr5DsLGXGHY9x9rpuA%2C%2C.PO5FoJBXTkCci7JcNXdf7MH7oL8%2C

Requested by

Host: ask.fm
URL: https://ask.fm/bronzerice218

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:55:08 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9341.bR2XGYJz_mx7azzEZJEY7AOlwQuUITr5M4xMds7hP8xBObVAgC-N52HC8Hp3zdJzC9pJnr5DsLGXGHY9x9rpuA%2C%2C.PO5FoJBXTkCci7JcNXdf7MH7oL8%2C
date: Thu, 22 Jul 2021 20:55:08 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 45ms
45ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: ask.fm
URL: https://ask.fm/bronzerice218

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:55:08 GMT
last-modified: Thu, 22 Jul 2021 11:32:16 GMT
etag: "60f95590-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 22 Jul 2021 21:55:08 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/48953915/
Redirect Chain

https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fbronzerice218&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A698%3Afu%3A0%3Aen%3Autf-8%3A...
https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fbronzerice218&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A698%3Afu%3A0%3Aen%3Autf-8%...

368 B
450 B

49ms
48ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fbronzerice218&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A698%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A386362493424%3Ahid%3A865993170%3Az%3A120%3Ai%3A20210722225508%3Aet%3A1626987308%3Ac%3A1%3Arn%3A275823066%3Au%3A1626987308704079636%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1626987307499%3Ads%3A1%2C311%2C184%2C1%2C0%2C0%2C%2C76%2C101%2C%2C%2C%2C575%3Adsn%3A1%2C311%2C184%2C1%2C0%2C0%2C%2C77%2C101%2C%2C%2C%2C575%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1626987309%3At%3Ajkrad35%20%28%40bronzerice218%29%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

1f6877d0f1ad0d5ffe65c795daa80bad688016328cafd490bd4da640733b62c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:55:08 GMT
x-content-type-options: nosniff
last-modified: Thu, 22-Jul-2021 20:55:08 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 368
x-xss-protection: 1; mode=block
expires: Thu, 22-Jul-2021 20:55:08 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:55:08 GMT
last-modified: Thu, 22-Jul-2021 20:55:08 GMT
location: /watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fbronzerice218&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A698%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A386362493424%3Ahid%3A865993170%3Az%3A120%3Ai%3A20210722225508%3Aet%3A1626987308%3Ac%3A1%3Arn%3A275823066%3Au%3A1626987308704079636%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1626987307499%3Ads%3A1%2C311%2C184%2C1%2C0%2C0%2C%2C76%2C101%2C%2C%2C%2C575%3Adsn%3A1%2C311%2C184%2C1%2C0%2C0%2C%2C77%2C101%2C%2C%2C%2C575%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1626987309%3At%3Ajkrad35%20%28%40bronzerice218%29%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm
strict-transport-security: max-age=31536000
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 22-Jul-2021 20:55:08 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

363b6736ebd3b60b1e3f8c70446c3957be011c2cfe44de0d714e1d31b737b0e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 9Y0RuL9j8fo4aZ3HXb9EsQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: 5mdrVvGo3r+7B5GZQq3pUlMnz0uhU2n66RIkCvI7uGLKG78N3m9fd7bfrIh42H4Ndx3oFZh2V9EwVPFSgU2ToQ==
x-fb-trip-id: 686109401
x-fb-content-md5: 5ec6292f3acb35fbfbdc86534c7f66d8
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 22 Jul 2021 20:55:08 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "89b735303e112a4ee7d46191821ebef6"
timing-allow-origin: *
expires: Thu, 22 Jul 2021 21:08:57 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 89 KB
35 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NDJVZHZ

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

427e77413508cb25f89dfff7dfece1a9a3b7be10e9989f68d16ab5741025769d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:55:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35798
x-xss-protection: 0
last-modified: Thu, 22 Jul 2021 19:26:04 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 22 Jul 2021 20:55:08 GMT

GET
H2 200 3eb3366e-65c3-4a24-90f5-0026136a4131.min.js Show response
cmp.optad360.io/items/ 2 B
351 B 32ms
7ms Script
application/javascript 2600:9000:21f3:7c00:6:b871:4f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.optad360.io/items/3eb3366e-65c3-4a24-90f5-0026136a4131.min.js
Requested by: Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:7c00:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:18:39 GMT
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Apr 2021 09:49:58 GMT
server: AmazonS3
age: 2190
etag: "99914b932bd37a50b983c5e7c90ae93b"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 2
x-amz-cf-id: IqGAGnaPM3xD0dR4arlPbKRm_xWkRvI-TR81SaVeF_yIp69neIqSoQ==

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/ 274 KB
72 KB 35ms
7ms Script
application/javascript 2600:9000:21f3:3e00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js
Requested by: Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3e00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f56ad273e0204eb8d21346d7116686e717353c0864546a4e66a72b581e594a75

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:38:18 GMT
content-encoding: gzip
last-modified: Mon, 05 Jul 2021 07:03:23 GMT
server: AmazonS3
age: 1011
etag: W/"5736885227fcd00664fbd8eea334a4cc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62f.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 45qfBys9AHUleXi4SsY0wyxZf5MwqOLyJRxv0uxuwBaZelyfGaXDzg==

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 232 KB
67 KB 13ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=4bec37cd325db0aa7c778a200c2deb89

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fd46889dd51e4c1eab5b2b14f26d1e2d7e8646042953ab2227a9197e34ab8835

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://ask.fm
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 4cmmRpoOO7PxCJMBNfpMQg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 69057
x-fb-rlafr: 0
x-fb-debug: bWDblkEja5o2W94RVpX/I6gTfUC75CnXGQkiWCG6kdqG/f6as7MCS/B9WwL0a53FZfO+XWqwcDiyQYrWPenhOA==
x-fb-content-md5: af591922cdedb40b9c384949439d06ce
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 22 Jul 2021 20:55:08 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "b454f6f3adf5325d719005bf44bd836a"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 22 Jul 2022 20:29:31 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 19ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=129215213762342&ev=fb_page_view&dl=https%3A%2F%2Fask.fm%2Fbronzerice218&rl=&if=false&ts=1626987308700&sw=1600&sh=1200&at=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:55:08 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 22 Jul 2021 20:55:08 GMT

GET
H2 200 prebid4.39.0.js Show response
get.optad360.io/sf/ 492 KB
153 KB 7ms
6ms Script
application/javascript 2600:9000:21f3:3e00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid4.39.0.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3e00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 86a90b183aecfa70018125329bdc860971b2f20123c0f40e68bac0a1dcb58645

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 13:58:24 GMT
content-encoding: gzip
last-modified: Thu, 13 May 2021 10:44:35 GMT
server: AmazonS3
age: 2185005
etag: W/"e020700f5effdce1f4be56434553da72"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62f.cloudfront.net (CloudFront)
cache-control: public, max-age=360000000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: RaJwE0zs1atFxDyJXrF_zAv-1-gTDPK19pXJ9fVX3VLokMMembKDWQ==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 22ms
6ms XHR
application/json 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210722

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

eacda4d206ccbd34b8a2148c148c8b89acbf49f792a453a7be87c4302a59da58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 20821
x-jsd-version: 1.0.1046
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 926
etag: W/"69a-xTSF7f5MkkvyxakruAFaiveKCyQ"
x-served-by: cache-fra19165-FRA
x-jsd-version-type: version
date: Thu, 22 Jul 2021 20:55:08 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK Cookie set conversion Show response
ask.fm/signup/ 10 KB
4 KB 130ms
130ms XHR
text/html 193.138.77.147
ASK-FM

General

Check archive.org

Show headers Download Go to

Full URL

https://ask.fm/signup/conversion

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.138.77.147 , Latvia, ASN395754 (ASK-FM, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

9b8eacc1994a6d98748d85cb22c561a8d3298946e71b6e97235cc85873030428

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: ask.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: locale=en; uuid=5cc1b3dd-efff-4307-9b9a-ab92fdad3e67; country=BE; traffic_source=organic; _m_ask_fm_session=U2Y2dmp2UlNxbnE5UDYyR3dxcDNRWURpWXZPMHpHUmIxVWZqZE5KTU04N29Sc2dtR3NISXczS0RuRjVLMTd0cmtNa29UZmJmREhUcXJkV2MvT1hwMWdxaitodVVKMlhybXEycEdXdm91Z2ZyWEw5M2xyOVFQWjFGYjdnVnRQdHZwM1ZWaDFieTdtRGZ0UWFqQkdTWHJGRHo0Y0NZdUFwTnFrSENnVWpBZGJrMHE4RE5qU09mQ2M3N2lLc2VXaFk2U2NWdmd3dUlkeE9WUU5FNFZZNDhVY1VhRnRhWXhxTVVsNEZnWEhFQUFxczkzSk8xVHZyaUlOa0RkaytHTVlsaS0tRis5OHIwaEZjNFlqSVlHMklNYjdoUT09--d96aaa57d453909256c78bdea3fd721c38447c37; _ym_uid=1626987308704079636; _ym_d=1626987308; _ym_isad=2; _ym_visorc=w
Connection: keep-alive
Referer: https://ask.fm/bronzerice218
Accept: */*
Referer: https://ask.fm/bronzerice218
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 20:55:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Ask.FM Web Service
ETag: W/"1384eae04d00c44718753c84b23680d8"
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Status: 200 OK
Set-Cookie: locale=en; path=/; expires=Sat, 23 Jul 2022 02:55:10 -0000 tutm=utm_medium%3Dconversion_desktop_default_64; path=/; expires=Sat, 24 Jul 2021 20:55:10 -0000 _m_ask_fm_session=dTY3MDdHVWk2RGZFY0xZeVZYWFAxTVU2ZURyMjVNSVdOYUdPT3QvajBVQ2hMZU5xUXhjOXRPNlNDZEVHU0FpcFgwRVhSN3RLcW1kTGNqV2JVN2ZPejZWNXlXWW8zVm5KYm1tZm9uQ0FSRGlOU1hlRnlSZGRUNitlbmMzcXlLSnJnL2crTWVzejE4VmVxc3lZekhoS0xyaUc4ZjZZbHVYT1pFZ3dzaHpiSVhvc1V6alN0ZG5BWkdoMEZGcXE2MnlBSUwyQnlMMHBZNHF3UTZPcURDcGcrYS9mUnJlUmIzbHEyZ0JvMm44QjZhR3JyUnZiazRmMXJGTE5UMWJXc1RGS1ppMVFDWkgzVXdlWjRvQ3lHUmVtQVE9PS0tTlFZeWIyU2ZlNVNDcDVrRFRWU01oQT09--0d4dc4490771abeb094bf9284495b89d4eac4ca7; path=/; expires=Sun, 25 Jul 2021 20:55:10 -0000; secure; HttpOnly
Cache-Control: max-age=0, private, must-revalidate
Transfer-Encoding: chunked
Content-Security-Policy: frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security: max-age=63072000
X-XSS-Protection: 1; mode=block

GET
H2 200 button_app_store-3929e571584ac404ba32c11166c577244729dbd1e4189320e124126366224f08.png
d3r6ceqp4shltl.cloudfront.net/assets/ 2 KB
3 KB 10ms
10ms Image
image/png 2600:9000:2182:800:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/button_app_store-3929e571584ac404ba32c11166c577244729dbd1e4189320e124126366224f08.png

Requested by

Host: ask.fm
URL: https://ask.fm/bronzerice218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:800:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

3929e571584ac404ba32c11166c577244729dbd1e4189320e124126366224f08

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 17:07:55 GMT
via: 1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
age: 7876035
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 2309
last-modified: Wed, 28 Oct 2020 11:38:17 GMT
server: Ask.FM Web Service
etag: "5f995829-905"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: https://ask.fm
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: hvC1duBZwd0uiDpG5_We7YUBlpqaMwTxpkuzr98Euaua4y7ilx-knA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 button_google_play-467206f00105224e1a448a4ac9950cf1ad03988d92f95a03100b64c6feb17999.png
d3r6ceqp4shltl.cloudfront.net/assets/ 3 KB
4 KB 11ms
11ms Image
image/png 2600:9000:2182:800:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/button_google_play-467206f00105224e1a448a4ac9950cf1ad03988d92f95a03100b64c6feb17999.png

Requested by

Host: ask.fm
URL: https://ask.fm/bronzerice218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2182:800:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

467206f00105224e1a448a4ac9950cf1ad03988d92f95a03100b64c6feb17999

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 11:14:52 GMT
via: 1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
age: 12735618
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 3404
last-modified: Wed, 28 Oct 2020 11:38:17 GMT
server: Ask.FM Web Service
etag: "5f995829-d4c"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: https://ask.fm
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: NgilVWKFMKPllXNC5MvJKxAttgbcisrHE_X9Sm1vp3go7Wf3SN6NXg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 48953915 Show response
mc.yandex.com/webvisor/ 43 B
73 B 168ms
168ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=865993170&page-url=https%3A%2F%2Fask.fm%2Fbronzerice218&rn=997223107&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1626987311%3Aw%3A1600x1200%3Av%3A591%3Az%3A120%3Ai%3A20210722225511%3Au%3A1626987308704079636%3Avf%3A4uzkmd4e35cd16k0n%3Awe%3A1%3Ati%3A2%3Ast%3A1626987311

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:55:11 GMT
last-modified: Thu, 22-Jul-2021 20:55:11 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 22-Jul-2021 20:55:11 GMT

POST
H2 200 48953915 Show response
mc.yandex.com/webvisor/ 43 B
145 B 131ms
131ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=865993170&page-url=https%3A%2F%2Fask.fm%2Fbronzerice218&rn=513387304&wv-type=5&browser-info=gdpr%3A14%3Aet%3A1626987311%3Aw%3A1600x1200%3Av%3A591%3Az%3A120%3Ai%3A20210722225511%3Au%3A1626987308704079636%3Avf%3A4uzkmd4e35cd16k0n%3Awe%3A1%3Ati%3A2%3Ast%3A1626987311

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:55:11 GMT
last-modified: Thu, 22-Jul-2021 20:55:11 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 22-Jul-2021 20:55:11 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 47ms
16ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1

Protocol

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://ask.fm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://ask.fm
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1405
date: Thu, 22 Jul 2021 20:55:11 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 optad360.js Show response
serving.stat-rock.com/player/ 304 KB
95 KB 1106ms
27ms Script
application/javascript 144.76.120.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://serving.stat-rock.com/player/optad360.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.120.254 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ap15.adplayer.pro
Software: nginx /
Resource Hash: 3ffd3c012ea6753cd0373b0c79c43ab8a1915dd112e15c821ea654e8b01739ed

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:55:12 GMT
content-encoding: gzip
last-modified: Fri, 18 Jun 2021 08:28:33 GMT
server: nginx
etag: W/"60cc5931-4beb9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=600

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1
https://mug.criteo.com/sid?cpp=pIC0EHxDblFFS2pjUmRKdnpUNUpHa0E1YzRSMFc5ZVRtZnoyYjJUTXlhMk5odFFHRGhRR1FXdVpJUTFyOHdLaWtGQzRJcHRaR2E4dmgzdlo3MGVqQm56WThKc3JFWVZDUkhsUURRZlJCbEp3SkJ5TlNNbVdpbmJOWE1Kaj...

323 B
586 B

1081ms
18ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=pIC0EHxDblFFS2pjUmRKdnpUNUpHa0E1YzRSMFc5ZVRtZnoyYjJUTXlhMk5odFFHRGhRR1FXdVpJUTFyOHdLaWtGQzRJcHRaR2E4dmgzdlo3MGVqQm56WThKc3JFWVZDUkhsUURRZlJCbEp3SkJ5TlNNbVdpbmJOWE1KajVmR1ZuUVMvV0pscmFYNkJGNTZSQmlwWk1CZEVVK1llYWVDMEJlSDNhb3VaSXAyaDg5alJTYk9Db2lreVBtaFk3NTZ6c0paS2pYSzlyYnB6N0RTQTZzQm1MUHYyTzd3PT18&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

b37da94e820020dd476f543c6ca6ca1371f0aabbb689b1d54ab3ffbeca983e22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 22 Jul 2021 20:55:13 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1762
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 22 Jul 2021 20:55:11 GMT
location: https://mug.criteo.com/sid?cpp=pIC0EHxDblFFS2pjUmRKdnpUNUpHa0E1YzRSMFc5ZVRtZnoyYjJUTXlhMk5odFFHRGhRR1FXdVpJUTFyOHdLaWtGQzRJcHRaR2E4dmgzdlo3MGVqQm56WThKc3JFWVZDUkhsUURRZlJCbEp3SkJ5TlNNbVdpbmJOWE1KajVmR1ZuUVMvV0pscmFYNkJGNTZSQmlwWk1CZEVVK1llYWVDMEJlSDNhb3VaSXAyaDg5alJTYk9Db2lreVBtaFk3NTZ6c0paS2pYSzlyYnB6N0RTQTZzQm1MUHYyTzd3PT18&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ask.fm
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1879
content-length: 455
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
362 B 280ms
24ms XHR
application/json 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://ask.fm
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 260 B
1 KB 109ms
71ms XHR
application/json 185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e1daf7d7f29da20b539398df38974dd36a058562bafb67e36140136457882f9c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:55:11 GMT
X-Proxy-Origin: 77.243.191.244; 77.243.191.244; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 06001fb4-f0b8-4f02-990b-f8f2eaa67de9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 260
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST v2
i.connectad.io/api/ 0
0

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
370 B 375ms
194ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ask.fm
date: Thu, 22 Jul 2021 20:55:11 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 0
vary: origin, Accept-Encoding

POST
H2 200 apacdex Show response
useast.quantumdex.io/auction/ 2 KB
2 KB 193ms
178ms XHR
application/json 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/apacdex
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad8280c57cb3e86d52ac7095bdc7f122934a69bdcee896aebc631a1357d63729

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 22 Jul 2021 20:55:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: https://ask.fm
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h36f7mUHVGQpKgsGk54GvE1bItjpIotFuCkOX8DOJfjxsZWkYp5ENnXN6KlWeovrAWjzlU4H0BewtxvPS2RNx36YZ6Wi30EFz98yj3Bpaknk6JVagq408vKAg9H%2Bbmzsmw96Gfw9B1Hh%2ByA1YBtVvkHT"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 672f918b3e871e47-FRA

GET /
adx.adform.net/adx/ 0
0

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 25 B
366 B 79ms
34ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=425272&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221608f27f42354f5%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fask.fm%2Fbronzerice218%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.39.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22171506fb189f355%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22171506fb189f355%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22750x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A750%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22171506fb189f355%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 77f5f4f0d14fc1e823c6fb46cc1d919e5d539d4a82a57d0c3bb7ad760aeb6c2d

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:55:11 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[BE], RC:[], CN:[EU], CIP:[77.243.191.244], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ask.fm
x-cs-client-geo: 28
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 45
x-ak-client-geo: 28
expires: Thu, 22 Jul 2021 20:55:11 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 262 B
1 KB 81ms
46ms XHR
application/json 185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

17e87a4d25891274552f90a3b948de70766bb49b3d098d7917cf972a41529094

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:55:11 GMT
X-Proxy-Origin: 77.243.191.244; 77.243.191.244; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 6f5e4fda-d8df-412d-8c9f-4a04eba04a2c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 262
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 1073ms
18ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 900
date: Thu, 22 Jul 2021 20:55:12 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 630 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK Cookie set bronzerice218 Show response
ask.fm/ 15 KB
6 KB 184ms
184ms XHR
text/html 193.138.77.147
ASK-FM

General

Check archive.org

Show headers Download Go to

Full URL

https://ask.fm/bronzerice218

Requested by

Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/optad360.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.138.77.147 , Latvia, ASN395754 (ASK-FM, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

4546ec7c37f17fb2db2c8e990b930d262fa56772b5864c21948f79734b69d71b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: ask.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://ask.fm/bronzerice218
Connection: keep-alive
Referer: https://ask.fm/bronzerice218
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 20:55:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Ask.FM Web Service
ETag: W/"e9ec8a853867e8228adfd870e3394994"
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Status: 200 OK
Set-Cookie: locale=en; path=/; expires=Sat, 23 Jul 2022 02:55:13 -0000 uuid=51a397f2-0446-4c21-80ff-de3ce8ac2bbf; path=/; expires=Sat, 23 Jul 2022 02:55:13 -0000; secure; HttpOnly country=BE; path=/; expires=Sat, 23 Jul 2022 02:55:13 -0000 traffic_source=internal; path=/; expires=Sat, 24 Jul 2021 20:55:13 -0000 _m_ask_fm_session=bmVTZHNKekRNVExOZVV5WUVYTUNOMEVRVys0Qit2NEhhdmVWMDJTd29WT0pxSGNJZy90dWxlS3MrZFhmYnUvb1hha0J0R3lHajJBanRUSW1qdHZzNllJK2VubHVvT0dyYkcwOEZPRHJwUmgyU0g1aHNVWTR3R3VTVFpOQjc4RkgzR1YvQnV6YWtMMHgyM0ZYSHdLbTB1TnZmaHl4cThqeG50T2ZYWU9CYjYxNnpLOHE4d010UjdVdTZrZEpTWmUwRUdpS0xwaUl4ZEdwQnFGblVCVXFkNkZPZi93QmxTVHlodktWUEdIc2p5SUFxOTRhWEZ1dnpDeW5GTzd1REM5cy0tQWVPVk1zazdTeEtuK0hyRHNPa2xQQT09--f032e289a766f5da66450bbff9e6424e663a2d34; path=/; expires=Sun, 25 Jul 2021 20:55:13 -0000; secure; HttpOnly
Cache-Control: max-age=0, private, must-revalidate
Transfer-Encoding: chunked
Content-Security-Policy: frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security: max-age=63072000
X-XSS-Protection: 1; mode=block

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
163 B 85ms
26ms Image
image/gif 144.76.120.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?id=1626987313065.2053&type=INIT&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fbronzerice218&t=85&v=91&width=528&z=p%3Adf%3Bv%3AinView%3B&r=0.8654930825275693
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.120.254 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ap15.adplayer.pro
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: https://ask.fm
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ask.fm
date: Thu, 22 Jul 2021 20:55:13 GMT
srvf: 144.76.120.254
server: nginx
srvb: 127.0.0.1:8082
content-length: 35
content-type: image/gif

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
162 B 85ms
27ms Image
image/gif 144.76.120.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?id=1626987313065.2053&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fbronzerice218&t=92&v=91&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.47828374738216906
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.120.254 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ap15.adplayer.pro
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: https://ask.fm
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ask.fm
date: Thu, 22 Jul 2021 20:55:13 GMT
srvf: 144.76.120.254
server: nginx
srvb: 127.0.0.1:8082
content-length: 35
content-type: image/gif

POST
H2 200 48953915 Show response
mc.yandex.com/webvisor/ 43 B
145 B 134ms
45ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=2&wv-hit=865993170&page-url=https%3A%2F%2Fask.fm%2Fbronzerice218&rn=530753482&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1626987313%3Aw%3A1600x1200%3Av%3A591%3Az%3A120%3Ai%3A20210722225513%3Au%3A1626987308704079636%3Avf%3A4uzkmd4e35cd16k0n%3Awe%3A1%3Ati%3A2%3Ast%3A1626987313

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:55:13 GMT
last-modified: Thu, 22-Jul-2021 20:55:13 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 22-Jul-2021 20:55:13 GMT

GET
H/1.1 200
OK Cookie set bronzerice218 Show response
ask.fm/ 15 KB
6 KB 160ms
160ms XHR
text/html 193.138.77.147
ASK-FM

General

Check archive.org

Show headers Download Go to

Full URL

https://ask.fm/bronzerice218

Requested by

Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/optad360.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.138.77.147 , Latvia, ASN395754 (ASK-FM, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

cb3ab7fab8dbec43ed78ceb1e360cc8dbf8f949d691f7734d664b8ac7f9076ca

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: ask.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://ask.fm/bronzerice218
Cookie: locale=en; uuid=51a397f2-0446-4c21-80ff-de3ce8ac2bbf; country=BE; traffic_source=internal; _m_ask_fm_session=bmVTZHNKekRNVExOZVV5WUVYTUNOMEVRVys0Qit2NEhhdmVWMDJTd29WT0pxSGNJZy90dWxlS3MrZFhmYnUvb1hha0J0R3lHajJBanRUSW1qdHZzNllJK2VubHVvT0dyYkcwOEZPRHJwUmgyU0g1aHNVWTR3R3VTVFpOQjc4RkgzR1YvQnV6YWtMMHgyM0ZYSHdLbTB1TnZmaHl4cThqeG50T2ZYWU9CYjYxNnpLOHE4d010UjdVdTZrZEpTWmUwRUdpS0xwaUl4ZEdwQnFGblVCVXFkNkZPZi93QmxTVHlodktWUEdIc2p5SUFxOTRhWEZ1dnpDeW5GTzd1REM5cy0tQWVPVk1zazdTeEtuK0hyRHNPa2xQQT09--f032e289a766f5da66450bbff9e6424e663a2d34
Connection: keep-alive
Referer: https://ask.fm/bronzerice218
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 20:55:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Ask.FM Web Service
ETag: W/"666e26904e064532a6ec3b8457618d76"
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Status: 200 OK
Set-Cookie: locale=en; path=/; expires=Sat, 23 Jul 2022 02:55:13 -0000 _m_ask_fm_session=ajhCS0hpRjJCclpWMk9yMXJ6L2RzSlVFeXpablpsekF0RU1DYms5eTdyaHF0Y2lDcVZhY044WWo5ZXZRbUlkemY3bFZadU5Fdk9Ka1BTMjhLa2djRVN6YjBreFc2b0Fray8xTXdBTGM0aUg3aklrUUJCSnZiaERKc2RVMG5zSHJyWngxSjcxTkpDNEU0amVWbHJzd0Vra1ZMbEhEUVUwMzhhMnV1WDVNVWI1eVA0L2ZoLzFPN2F6RHJManRKTy9OQVVIUlRpZG1tWE5JYlpqakV1ZGJkQXZBc0Vyd2ZlT1RJQ1FWMGZkNkpFQ1FpSCtNYTlMSTdCM1RselJqZjJsSS0tWkVqVUhpeWQ3UGsxcDh1Z3E4V1pLZz09--078a8ebcc538c00e7dfe3264a871aed9064aa47f; path=/; expires=Sun, 25 Jul 2021 20:55:13 -0000; secure; HttpOnly
Cache-Control: max-age=0, private, must-revalidate
Transfer-Encoding: chunked
Content-Security-Policy: frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security: max-age=63072000
X-XSS-Protection: 1; mode=block

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
162 B 27ms
26ms Image
image/gif 144.76.120.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?d=1&id=1626987313065.2053&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fbronzerice218&t=279&v=91&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.12947263274311438
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.120.254 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ap15.adplayer.pro
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: https://ask.fm
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ask.fm
date: Thu, 22 Jul 2021 20:55:13 GMT
srvf: 144.76.120.254
server: nginx
srvb: 127.0.0.1:8082
content-length: 35
content-type: image/gif

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
162 B 27ms
27ms Image
image/gif 144.76.120.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?id=1626987313065.2053&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fbronzerice218&t=443&v=91&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.8303869124506376
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.120.254 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ap15.adplayer.pro
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: https://ask.fm
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ask.fm
date: Thu, 22 Jul 2021 20:55:13 GMT
srvf: 144.76.120.254
server: nginx
srvb: 127.0.0.1:8082
content-length: 35
content-type: image/gif

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
162 B 27ms
27ms Image
image/gif 144.76.120.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?d=1&id=1626987313065.2053&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fbronzerice218&t=443&v=91&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.09720241153827636
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.120.254 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ap15.adplayer.pro
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: https://ask.fm
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ask.fm
date: Thu, 22 Jul 2021 20:55:13 GMT
srvf: 144.76.120.254
server: nginx
srvb: 127.0.0.1:8082
content-length: 35
content-type: image/gif

POST
H2 200 48953915 Show response
mc.yandex.com/webvisor/ 43 B
145 B 45ms
45ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=3&wv-hit=865993170&page-url=https%3A%2F%2Fask.fm%2Fbronzerice218&rn=338827983&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1626987315%3Aw%3A1600x1200%3Av%3A591%3Az%3A120%3Ai%3A20210722225515%3Au%3A1626987308704079636%3Avf%3A4uzkmd4e35cd16k0n%3Awe%3A1%3Ati%3A2%3Ast%3A1626987315

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:55:15 GMT
last-modified: Thu, 22-Jul-2021 20:55:15 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 22-Jul-2021 20:55:15 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame D72E 2 KB
823 B 35ms
35ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1626987312136

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?cb=1626987312136
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ask.fm/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ask.fm/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame 008E 1 KB
935 B 101ms
83ms Document
text/html 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

:method: GET
:authority: cdn.connectad.io
:scheme: https
:path: /connectmyusers.php?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ask.fm/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ask.fm/

Response headers

date: Thu, 22 Jul 2021 20:55:15 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 672f91a43980dfb7-FRA
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 0D04 52 KB
17 KB 78ms
23ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ask.fm/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ask.fm/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Wed, 21 Jul 2021 04:42:55 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 22 Jul 2021 20:55:15 GMT
Age: 58338
X-Served-By: cache-lga13623-LGA, cache-fra19166-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 407494
X-Timer: S1626987316.920583,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 09B9 2 KB
1 KB 89ms
28ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ask.fm/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ask.fm/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Thu, 22 Jul 2021 20:55:15 GMT
Connection: keep-alive

GET
H2 200 apacdex Show response
sync.quantumdex.io/usersync/ Frame F091 3 KB
1 KB 136ms
135ms Document
text/html 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/apacdex
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1e0730e6a4fcbd9ffc18cad47fcd51a5332146240720c6282864ffb6b4a134f

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/apacdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ask.fm/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ask.fm/

Response headers

date: Thu, 22 Jul 2021 20:55:15 GMT
content-type: text/html
set-cookie: uid=5e134a52-9be0-4ce7-9193-185d2d66c414; expires=Wed, 11 Aug 2021 20:55:15 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kqtzXztFWLmlLQB3O%2FLvoHu4Qk8TrS18CqbforFhUO63NnWSfYhBSVzDP5nlfZFWb4EvEAQCjWPWB0rAtqoMnhIyLIka0tiAEvpoxj1KjkDhTynqeJkNLoCzZLTDd0k%2FIwRtl3dpenCFnj2e0%2Fpcpw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 672f91a429c01e47-FRA
content-encoding: br

GET
H2 204 /
onetag-sys.com/usync/ 0
52 B 33ms
33ms Image
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 0D04
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
805 B

18ms
18ms

Script
text/html

185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:55:15 GMT
X-Proxy-Origin: 77.243.191.244; 77.243.191.244; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 30de185c-3c30-4fdb-bba7-05f371f8ab39
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:55:15 GMT
X-Proxy-Origin: 77.243.191.244; 77.243.191.244; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d041a729-89e6-4e8e-9df3-4b40a2f67e43
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 779D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

40ms
39ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1b9ada418bbd680bec2614600512ed74b1366705ee16a2a6fe3e477838df0b73

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YPnbNNNEfU-NJ-A46kt79QAA; CMPS=1219
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 45|241|39|230|206|221|3|90
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1930
Expires: Thu, 22 Jul 2021 20:55:16 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 22 Jul 2021 20:55:16 GMT
Connection: keep-alive
Set-Cookie: CMID=YPnbNNNEfU-NJ-A46kt79QAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 22 Jul 2022 20:55:16 GMT CMPS=1219;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 20 Oct 2021 20:55:16 GMT CMPRO=1216;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 20 Oct 2021 20:55:16 GMT CMST=YPnbNGD52zQA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 23 Jul 2021 20:55:16 GMT CMRUM3=dd60f9db342760&ce60f9db3405a0&2760f9db340b40&2d60f9db3405a0&f160f9db3405a0&5a60f9db3405a0&e660f9db342760&0360f9db3405a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 22 Jul 2022 20:55:16 GMT

Redirect headers

Server: Apache
Content-Length: 329
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Thu, 22 Jul 2021 20:55:16 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 22 Jul 2021 20:55:16 GMT
Connection: keep-alive
Set-Cookie: CMID=YPnbNNNEfU-NJ-A46kt79QAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 22 Jul 2022 20:55:16 GMT CMPS=1219;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 20 Oct 2021 20:55:16 GMT

GET
H2 204 1
sync-eu.connectad.io/syncer/ Frame 5046 0
0 22ms
20ms Document
text/plain 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-eu.connectad.io/syncer/1
Requested by: Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: sync-eu.connectad.io
:scheme: https
:path: /syncer/1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.connectad.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: cadsync
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cdn.connectad.io/

Response headers

date: Thu, 22 Jul 2021 20:55:15 GMT
set-cookie: id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control: no-cache, private
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 672f91a4dae2dfb7-FRA

GET

sync
ups.analytics.yahoo.com/ups/58425/ Frame F091
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP1dc8efce-eb2f-11eb-8664-02af93805372

0
0

GET
H2

200

setuid
sync.quantumdex.io/ Frame F091
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-5ilDrJ1E2uFRtfxaX5FqpyMjjlpI_NgQvg0yTa8-~A

43 B
361 B

128ms
127ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-5ilDrJ1E2uFRtfxaX5FqpyMjjlpI_NgQvg0yTa8-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:55:17 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hM2OuwIkf2ENNUDIf681sue%2Fo803s9rkocK9kPIgGn36ZEP8lWVTJIio753WTHFnj5ZOlGaLA%2B1hyeZDj6De%2FfdIhANxVFjvF4%2B76BSOyQqjYV33xWEvtlIng1qUfWTnI4LhtmZhhVX75JGeX7h0CA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 672f91afffbc1e47-FRA
content-length: 43

Redirect headers

Date: Thu, 22 Jul 2021 20:55:17 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-5ilDrJ1E2uFRtfxaX5FqpyMjjlpI_NgQvg0yTa8-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame F091
Redirect Chain

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=edfc03d6-5fb4-4db5-bbfa-0cd3f9b12da3

43 B
329 B

244ms
243ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=edfc03d6-5fb4-4db5-bbfa-0cd3f9b12da3
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:55:16 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iey%2BRFJHnxP1cTteOFcR7UZ4aTvWRIAfrrK%2FeG9DYGUxikRUb6B5ag04wzfOR%2FpdWgVHMJK%2FN6kdwX6vX4XHSYW3V6HKxxGJoPVshydeJqRUr2SF8%2FkrjLjoZmmlaBhBvuGDoj3ATNEj02tV2bgjJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 672f91a57cb11e47-FRA
content-length: 43

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=edfc03d6-5fb4-4db5-bbfa-0cd3f9b12da3
date: Thu, 22 Jul 2021 20:55:16 GMT
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame F091
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1571165763366016010

43 B
358 B

126ms
126ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1571165763366016010
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:55:16 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1EWS5hRPPTGBN6Aq6d4spcmaDp6qOTmU7SFOOs9aorPwr1RN0HzFf25Ddzv86F6xZUaLuWz36rim1p%2BCnxpspTanEzTpuCwu0AoBpObYeWrZKNNhFCBbMipLV7aH4tXX%2BlFDDykZWF9ycJCdLInJFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 672f91a53c3f1e47-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:55:16 GMT
X-Proxy-Origin: 77.243.191.244; 77.243.191.244; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 182e637f-122e-4bfe-8100-59c4b4350667
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=1571165763366016010
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame F091 0
478 B 80ms
19ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:55:16 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame F091
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1571165763366016010

43 B
328 B

138ms
138ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1571165763366016010
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:55:16 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YnAeyHms%2FWZqWS5h%2Bd7hb8fainUznk1uQhQ9%2BdB%2BurXhbENfNxVgkbREZeIsABP0kH8uvPIN1omH2GYudXitQhWTETnVSo94OqVY5tGBQbnOBYk6ZW%2BwoxNQ8Lle3qANgek3NTUaXNKDwmH1tk47Aw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 672f91a54c501e47-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:55:16 GMT
X-Proxy-Origin: 77.243.191.244; 77.243.191.244; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d3a9ff60-55fa-4a30-b454-71e1f7e4d48b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=1571165763366016010
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame F091
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-7baedf4c-8885-43db-811a-74a744fff4ff

43 B
324 B

127ms
127ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-7baedf4c-8885-43db-811a-74a744fff4ff
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:55:16 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v6n5YqMLw8swYewf9eywYd87P73z3WTcA1XbnvyTAogXZ2TLbhAGjmjPyWDalQ%2BPHTUSLVJJ0t1FCWVGM%2BatcFFoxm0RMRStY1jTmIwuj2sUAqIjaYjqSxY8YVh0dmvfkol4egideqC0DSfpxzKqOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 672f91a70f1a1e47-FRA
content-length: 43

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-7baedf4c-8885-43db-811a-74a744fff4ff
date: Thu, 22 Jul 2021 20:55:16 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame F091
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=b3308b8b-9e1f-42a1-917c-671e320d15c4

43 B
322 B

145ms
144ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=b3308b8b-9e1f-42a1-917c-671e320d15c4
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:55:16 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c0AkprzxoomN68Zq5iZ04P2Jujkcn7fsai%2FKzloH55VywmLuySSO92JnZDd7HQvVWokv5yPavsO6S%2B5O3D3598mxXQWx2ZCA2P4PROzlghDGsCAKmsuOl1lwpnh0EcWIo9hHKm9gQWFnysKfFu7dbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 672f91a91b5b1e47-FRA
content-length: 43

Redirect headers

date: Thu, 22 Jul 2021 20:55:16 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EAn9WDvzH2w1WXAwbg8r%2FyukmihvFAIosM%2BqIbz5SNULeGUmfztaRrJPyPLYbfYS2taOndCGXiIn%2FLP4WPEAIOTzvSxmebXk3TkkFeNgKIGfX%2FR20g162g7TV%2FH9SYBLbCFgHxeIYZNGKj%2Bklkc%3D"}],"group":"cf-nel","max_age":604800}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=b3308b8b-9e1f-42a1-917c-671e320d15c4
cf-ray: 672f91a50bde1e47-FRA
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame F091
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=806065c5ff236b01dd7e92f4

43 B
328 B

130ms
129ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=806065c5ff236b01dd7e92f4
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:55:16 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UsfEUh2pH44tNeZAlENrycqXBGzporcEqaO0kBuTnGHmgYlZ08tzyA7aDdJBKNmn%2FPMvl4JnAiQcBurqEcA%2FjKgycOBk4a8g1z3y9RVoXVG1BIAAyQewtxbHqKD7%2FRmjnDNPw%2FN%2BXezBnKCuZJaXjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 672f91a6eef71e47-FRA
content-length: 43

Redirect headers

Date: Thu, 22 Jul 2021 20:55:16 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=806065c5ff236b01dd7e92f4
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame F091
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1571165763366016010

43 B
322 B

132ms
131ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1571165763366016010
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:55:16 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ytLioyq1wVgn04edczb5iqf0ZMGej5cfeySjY86oNhY6rPDFoVWRMW3Pn2Wh6V%2FpfjwC6WrylEP%2BhPiyrk2gg4yFGBneApvAuWio1AaN4hexAo40Yqu8HSedTECCMRQHPnSqDWD61P97mLH1sCRLug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 672f91a56c971e47-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:55:16 GMT
X-Proxy-Origin: 77.243.191.244; 77.243.191.244; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: de77a0e8-3cc1-4537-aa0b-f37ba82171b4
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=1571165763366016010
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 63A4
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1

2 KB
3 KB

38ms
38ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2f8d685b38af9365d4bf5bbd79cd3a5a108a34f4a53bc06823600de26c3dbc5d

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMPS=1219; CMID=YPnbNPy3EFfYq2JlngeVUwAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 45|241|39|230|4|8|51|31
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1679
Expires: Thu, 22 Jul 2021 20:55:16 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 22 Jul 2021 20:55:16 GMT
Connection: keep-alive
Set-Cookie: CMID=YPnbNPy3EFfYq2JlngeVUwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 22 Jul 2022 20:55:16 GMT CMPS=1219;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 20 Oct 2021 20:55:16 GMT CMPRO=1148;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 20 Oct 2021 20:55:16 GMT CMRUM3=f160f9db3405a0&2d60f9db3405a0&0860f9db3405a00&2760f9db340b40&3360f9db3405a0&1f60f9db3405a00&0460f9db3405a0&e660f9db342760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 22 Jul 2022 20:55:16 GMT CMST=YPnbNGD52zQA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 23 Jul 2021 20:55:16 GMT

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Thu, 22 Jul 2021 20:55:16 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 22 Jul 2021 20:55:16 GMT
Connection: keep-alive
Set-Cookie: CMID=YPnbNPy3EFfYq2JlngeVUwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 22 Jul 2022 20:55:16 GMT CMPS=1219;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 20 Oct 2021 20:55:16 GMT

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame 5150 43 B
551 B 74ms
18ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Date: Thu, 22 Jul 2021 20:55:16 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s579|YPnbN; path=/; domain=.go.sonobi.com

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame EF02 2 KB
823 B 23ms
22ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 62F8 14 KB
5 KB 175ms
115ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=51678
expires: Fri, 23 Jul 2021 11:16:34 GMT
date: Thu, 22 Jul 2021 20:55:16 GMT
vary: Accept-Encoding

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 57FB 0
0 331ms
109ms Document
text/plain 67.202.110.22
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy=&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.22 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip22.67-202-110.static.steadfastdns.net
Software: 33XP002 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy=&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

x-33x-status: 2000208
server: 33XP002
date: Thu, 22 Jul 2021 20:55:15 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 779D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YPnbNNNEfU-NJ-A46kt79QAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELeNTBau1uLQKX1ZKUIN4Fw&google_cver=1

43 B
1 KB

34ms
33ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELeNTBau1uLQKX1ZKUIN4Fw&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:55:16 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 22 Jul 2021 20:55:16 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:55:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELeNTBau1uLQKX1ZKUIN4Fw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 779D
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YPnbNNNEfU_NJ_A46kt79QAABMAAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YPnbNNNEfU_NJ_A46kt79QAABMAAAAAB&dcc=t

43 B
645 B

109ms
108ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YPnbNNNEfU_NJ_A46kt79QAABMAAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:55:16 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: JRAYH90WN9BC7H6D3V3X
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:55:16 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: V224DEB0KVSBD1EW40A3
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YPnbNNNEfU_NJ_A46kt79QAABMAAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 779D 70 B
265 B 118ms
38ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YPnbNNNEfU-NJ-A46kt79QAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:55:16 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 779D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YPnbNNNEfU_NJ_A46kt79QAABMAAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YPnbNNNEfU_NJ_A46kt79QAABMAAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBdS3EAI0y-uMGl90wof8kE&google_cver=1

43 B
315 B

33ms
32ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBdS3EAI0y-uMGl90wof8kE&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:55:16 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 22 Jul 2021 20:55:16 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:55:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBdS3EAI0y-uMGl90wof8kE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET sync
ups.analytics.yahoo.com/ups/55940/ Frame 779D 0
0

GET
H2

200

tpid=YPnbNNNEfU-NJ-A46kt79QAA%261216
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame 779D
Redirect Chain

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YPnbNNNEfU-NJ-A46kt79QAA%261216?gdpr_consent=&us_privacy=&gdpr=1
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YPnbNNNEfU-NJ-A46kt79QAA%261216?gdpr_consent=&us_privacy=&gdpr=1

49 B
736 B

54ms
54ms

Image
image/gif

34.253.111.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YPnbNNNEfU-NJ-A46kt79QAA%261216?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:55:16 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.8.182
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:55:16 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YPnbNNNEfU-NJ-A46kt79QAA%261216?gdpr_consent=&us_privacy=&gdpr=1
cache-control: no-cache
x-server: 10.45.24.96
content-length: 0
expires: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 779D
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=947760f9-db34-4400-8fb3-57b042201d91&gdpr=1&gdpr_consent=

43 B
1 KB

71ms
38ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=947760f9-db34-4400-8fb3-57b042201d91&gdpr=1&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:55:16 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 22 Jul 2021 20:55:16 GMT

Redirect headers

Date: Thu, 22 Jul 2021 20:57:37 GMT
Server: MT3 3810 5cb7d7e master cdg-pixel-x13
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=947760f9-db34-4400-8fb3-57b042201d91&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 22 Jul 2021 20:57:36 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 779D
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=F3796CF9AA41489DBCE7945D1FFFF224&gdpr=1

43 B
1021 B

74ms
37ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=F3796CF9AA41489DBCE7945D1FFFF224&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:55:16 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 22 Jul 2021 20:55:16 GMT

Redirect headers

date: Thu, 22 Jul 2021 20:55:16 GMT
x-content-type-options: nosniff
server: nginx
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=F3796CF9AA41489DBCE7945D1FFFF224&gdpr=1
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Wed, 21 Jul 2021 20:55:16 GMT

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 779D 43 B
425 B 29ms
28ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YPnbNNNEfU-NJ-A46kt79QAA%261216
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 20:55:16 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "da1f1d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=1398
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 22 Jul 2021 21:18:34 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 63A4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YPnbNPy3EFfYq2JlngeVUwAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKDOhGOSZKc7_nBv6xSh3eg&google_cver=1

43 B
1 KB

36ms
36ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKDOhGOSZKc7_nBv6xSh3eg&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:55:16 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 22 Jul 2021 20:55:16 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:55:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKDOhGOSZKc7_nBv6xSh3eg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 63A4
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YPnbNPy3EFfYq2JlngeVUwAABHwAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YPnbNPy3EFfYq2JlngeVUwAABHwAAAAB&dcc=t

43 B
645 B

106ms
105ms

Image
image/gif

209.54.178.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YPnbNPy3EFfYq2JlngeVUwAABHwAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:55:16 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: JXKPA79W8RJGMQ6Q4SPK
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:55:16 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 0E8R117QWRQE5TCYXG1Y
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YPnbNPy3EFfYq2JlngeVUwAABHwAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 63A4 70 B
264 B 91ms
38ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YPnbNPy3EFfYq2JlngeVUwAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:55:16 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 63A4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YPnbNPy3EFfYq2JlngeVUwAABHwAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YPnbNPy3EFfYq2JlngeVUwAABHwAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKw1YZAhYwgAkVwxVrBGn_M&google_cver=1

43 B
315 B

32ms
32ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKw1YZAhYwgAkVwxVrBGn_M&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:55:16 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 22 Jul 2021 20:55:16 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:55:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKw1YZAhYwgAkVwxVrBGn_M&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 63A4
Redirect Chain

https://ad.turn.com/r/cs?pid=21&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3621443922846430750

43 B
993 B

82ms
35ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3621443922846430750
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:55:16 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 22 Jul 2021 20:55:16 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3621443922846430750
pragma: no-cache
date: Thu, 22 Jul 2021 20:55:15 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 63A4
Redirect Chain

https://beacon.lynx.cognitivlabs.com/ix.gif
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=31419a81-d5ac-4e3c-a1ca-3ea834702f75&expiration=1658523316

43 B
1 KB

34ms
34ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=31419a81-d5ac-4e3c-a1ca-3ea834702f75&expiration=1658523316
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:55:16 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 22 Jul 2021 20:55:16 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=31419a81-d5ac-4e3c-a1ca-3ea834702f75&expiration=1658523316
date: Thu, 22 Jul 2021 20:55:16 GMT
server: Kestrel
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 63A4 43 B
146 B 79ms
23ms Image
image/gif 35.156.19.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.19.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-19-236.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:55:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame 63A4
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6802737161949293787&uid=Q6802737161949293787&ref=%2Feucm%2Fp%2Fcc
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

28ms
28ms

Image
image/gif

104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 20:55:16 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/5.3.3
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Thu, 22 Jul 2021 20:55:16 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 200 setuid
sync.quantumdex.io/ Frame 63A4 43 B
324 B 131ms
130ms Image
image/gif 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YPnbNPy3EFfYq2JlngeVUwAABHwAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:55:16 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u0qTIlCtbUXXn6VwGbzn0JHau1qRWuSt3G%2BDx9qksNIcYQwwYPX6GPv76whENtLidOo%2BHQox7NjaUzE4leExzQbdF1htcm59AsqCGLCNeeDxbcn05bZ7ij028IFCJoR66fmpVLm6FnidAu7Qa%2BznXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 672f91a5dd7a1e47-FRA
content-length: 43

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 62F8 0
42 B 1073ms
18ms Script
text/plain 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=86518055&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:55:15 GMT
content-length: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0D04 0
733 B 18ms
17ms Script
text/html 185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:55:16 GMT
X-Proxy-Origin: 77.243.191.244; 77.243.191.244; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b39bd7ec-eb87-4bf0-befb-fc9520266f2f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 48953915 Show response
mc.yandex.com/webvisor/ 43 B
176 B 45ms
45ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=4&wv-hit=865993170&page-url=https%3A%2F%2Fask.fm%2Fbronzerice218&rn=706565525&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1626987317%3Aw%3A1600x1200%3Av%3A591%3Az%3A120%3Ai%3A20210722225517%3Au%3A1626987308704079636%3Avf%3A4uzkmd4e35cd16k0n%3Awe%3A1%3Ati%3A2%3Ast%3A1626987317

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:55:17 GMT
last-modified: Thu, 22-Jul-2021 20:55:17 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 22-Jul-2021 20:55:17 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: i.connectad.io
URL: https://i.connectad.io/api/v2

Domain: adx.adform.net
URL: https://adx.adform.net/adx/?rp=4&bWlkPTg2NTI1MyZ0cmFuc2FjdGlvbklkPTgxNGQ1Y2M3LTVlMGMtNGNmZC1iN2JkLTRkOWJjN2VkZGE4OCZyY3VyPVBMTg%3D%3D&bWlkPTgwMjYyMCZ0cmFuc2FjdGlvbklkPWViMTA2NmM2LWI0NmUtNGNiNS04ZDY2LWY4NDcyMTQ5OTdkMiZyY3VyPVBMTg%3D%3D&pt=gross&stid=9f559a85-c4c8-4c8e-96c2-d66dc6604c26&gdpr=0&gdpr_consent=undefined&fd=1

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP1dc8efce-eb2f-11eb-8664-02af93805372

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YPnbNNNEfU_NJ_A46kt79QAABMAAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ask.fm/	1970-01-19 19:57:39	Name: _ym_isad Value: 2
.ask.fm/	1970-01-20 04:42:03	Name: _ym_d Value: 1626987308
.ask.fm/	1970-01-20 04:42:03	Name: _ym_uid Value: 1626987308704079636
ask.fm/	1970-01-19 20:00:46	Name: _m_ask_fm_session Value: U2Y2dmp2UlNxbnE5UDYyR3dxcDNRWURpWXZPMHpHUmIxVWZqZE5KTU04N29Sc2dtR3NISXczS0RuRjVLMTd0cmtNa29UZmJmREhUcXJkV2MvT1hwMWdxaitodVVKMlhybXEycEdXdm91Z2ZyWEw5M2xyOVFQWjFGYjdnVnRQdHZwM1ZWaDFieTdtRGZ0UWFqQkdTWHJGRHo0Y0NZdUFwTnFrSENnVWpBZGJrMHE4RE5qU09mQ2M3N2lLc2VXaFk2U2NWdmd3dUlkeE9WUU5FNFZZNDhVY1VhRnRhWXhxTVVsNEZnWEhFQUFxczkzSk8xVHZyaUlOa0RkaytHTVlsaS0tRis5OHIwaEZjNFlqSVlHMklNYjdoUT09--d96aaa57d453909256c78bdea3fd721c38447c37
ask.fm/	1970-01-20 04:42:24	Name: country Value: BE
ask.fm/	1970-01-20 04:42:24	Name: uuid Value: 5cc1b3dd-efff-4307-9b9a-ab92fdad3e67
ask.fm/	1970-01-19 19:59:20	Name: traffic_source Value: organic
ask.fm/	1970-01-20 04:42:24	Name: locale Value: en

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ad.turn.com
ads.pubmatic.com
adx.adform.net
ap.lijit.com
ask.fm
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
cdn.connectad.io
cdn.jsdelivr.net
cm.g.doubleclick.net
cmp.optad360.io
connect.facebook.net
d3r6ceqp4shltl.cloudfront.net
dsum-sec.casalemedia.com
get.optad360.io
gum.criteo.com
htlb.casalemedia.com
i.connectad.io
ib.adnxs.com
image6.pubmatic.com
js-sec.indexww.com
match.adsrvr.org
match.sharethrough.com
mc.yandex.com
mc.yandex.ru
ms.quantumdex.io
mug.criteo.com
nep.advangelists.com
onetag-sys.com
prebid.a-mo.net
px.owneriq.net
s.amazon-adsystem.com
serving.stat-rock.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
sync-eu.connectad.io
sync.go.sonobi.com
sync.mathtag.com
sync.quantumdex.io
um.simpli.fi
ups.analytics.yahoo.com
useast.quantumdex.io
www.facebook.com
www.googletagmanager.com
x.bidswitch.net
adx.adform.net
i.connectad.io
ups.analytics.yahoo.com
104.111.242.53
13.248.242.197
144.76.120.254
147.75.38.124
151.101.13.108
159.253.128.183
172.217.16.130
178.162.133.149
178.250.2.146
18.158.174.89
184.31.84.150
185.29.135.226
185.33.220.243
185.64.189.115
193.138.77.147
2.18.233.180
2.18.234.21
2001:678:cb4:bbbb::11
209.54.178.82
2600:9000:2182:800:11:3771:2e40:21
2600:9000:21f3:3e00:11:a4de:2580:93a1
2600:9000:21f3:7c00:6:b871:4f00:93a1
2606:4700:10::6816:37ce
2606:4700:20::681a:34e
2a00:1450:4001:82b::2008
2a02:2638::1c
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::485
3.126.56.137
34.194.148.31
34.253.111.115
35.156.19.236
51.89.9.253
54.86.120.215
67.202.110.22
72.251.249.9
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13b5784b012400331996d6366f3786dec1fd7ac0ae364a24e53d478bb56003b4
17e87a4d25891274552f90a3b948de70766bb49b3d098d7917cf972a41529094
1b9ada418bbd680bec2614600512ed74b1366705ee16a2a6fe3e477838df0b73
1f6877d0f1ad0d5ffe65c795daa80bad688016328cafd490bd4da640733b62c5
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f8d685b38af9365d4bf5bbd79cd3a5a108a34f4a53bc06823600de26c3dbc5d
363b6736ebd3b60b1e3f8c70446c3957be011c2cfe44de0d714e1d31b737b0e6
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3929e571584ac404ba32c11166c577244729dbd1e4189320e124126366224f08
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3ffd3c012ea6753cd0373b0c79c43ab8a1915dd112e15c821ea654e8b01739ed
41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401
427e77413508cb25f89dfff7dfece1a9a3b7be10e9989f68d16ab5741025769d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4546ec7c37f17fb2db2c8e990b930d262fa56772b5864c21948f79734b69d71b
467206f00105224e1a448a4ac9950cf1ad03988d92f95a03100b64c6feb17999
4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
77f5f4f0d14fc1e823c6fb46cc1d919e5d539d4a82a57d0c3bb7ad760aeb6c2d
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
853324ad1cb1a0bbc62244f1854403cfe21ddb5bd45fd2595d018734c80daac7
86a90b183aecfa70018125329bdc860971b2f20123c0f40e68bac0a1dcb58645
89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f
9b8eacc1994a6d98748d85cb22c561a8d3298946e71b6e97235cc85873030428
a1e0730e6a4fcbd9ffc18cad47fcd51a5332146240720c6282864ffb6b4a134f
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ad8280c57cb3e86d52ac7095bdc7f122934a69bdcee896aebc631a1357d63729
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2e5e4e5a81e4a15556e78fd0de89a86ac2208b717cf37fb823560be8c49f14b
b37da94e820020dd476f543c6ca6ca1371f0aabbb689b1d54ab3ffbeca983e22
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c233d6098087425dfeea8f690fd936de6b3cb2dc9fda991b0a5051169d334399
cb3ab7fab8dbec43ed78ceb1e360cc8dbf8f949d691f7734d664b8ac7f9076ca
e1daf7d7f29da20b539398df38974dd36a058562bafb67e36140136457882f9c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e788c7f07903cd5e96a062aa3ea175c987b0772cce696914daca381dee353dfa
eacda4d206ccbd34b8a2148c148c8b89acbf49f792a453a7be87c4302a59da58
f56ad273e0204eb8d21346d7116686e717353c0864546a4e66a72b581e594a75
fd46889dd51e4c1eab5b2b14f26d1e2d7e8646042953ab2227a9197e34ab8835

ask.fm Open in urlscan Pro 193.138.77.147 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

91 Requests

96 %HTTPS

32 %IPv6

36 Domains

46 Subdomains

30 IPs

9 Countries

811 kBTransfer

2278 kBSize

8 Cookies

12 Outgoing links

Redirected requests

91 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

ask.fm Open in urlscan Pro
193.138.77.147 Public Scan

Screenshot
Live screenshot

Full Image

91
Requests

96 %
HTTPS

32 %
IPv6

36
Domains

46
Subdomains

30
IPs

9
Countries

811 kB
Transfer

2278 kB
Size

8
Cookies

91 HTTP transactions
1 data transactions