ask.fm Open in urlscan Pro
193.138.77.142  Public Scan

14 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

• https://mc.yandex.com/sync_cookie_image_check HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9374.nziMiBSdzylLfA5SfVHfGnUVSnmy8hNvzWXAwZpfcy9OIbVyF4mV9_r13JaMF7RQ.dFr7BjjmTzUgC-EfoauVYASoFQA%2C HTTP 302
• https://mc.yandex.com/sync_cookie_image_decide?token=9374.ydJwrquswHiqSxumAY_Sov_PO8xaS4eILk-vaIkyhkTlLHKnAdmnuY6r1TEwwhuBxU8cQFl3BtNVzLZyjdpXjg%2C%2C.778cUT3GXTSSD7nYHItzVBHNv1o%2C

Request Chain 33

• https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Flistrain07241&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A3027%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A624%3Acn%3A1%3Adp%3A0%3Als%3A707724651349%3Ahid%3A396447626%3Az%3A120%3Ai%3A20210823202656%3Aet%3A1629743216%3Ac%3A1%3Arn%3A834593787%3Au%3A1629743216944034492%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629743213160%3Ads%3A1%2C2419%2C416%2C0%2C0%2C0%2C%2C96%2C7%2C%2C%2C%2C2936%3Adsn%3A1%2C2419%2C416%2C1%2C0%2C0%2C%2C98%2C7%2C%2C%2C%2C2936%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629743216%3At%3AAccount%20Suspended%20-%20Ask.fm HTTP 302
• https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Flistrain07241&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A3027%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A624%3Acn%3A1%3Adp%3A0%3Als%3A707724651349%3Ahid%3A396447626%3Az%3A120%3Ai%3A20210823202656%3Aet%3A1629743216%3Ac%3A1%3Arn%3A834593787%3Au%3A1629743216944034492%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629743213160%3Ads%3A1%2C2419%2C416%2C0%2C0%2C0%2C%2C96%2C7%2C%2C%2C%2C2936%3Adsn%3A1%2C2419%2C416%2C1%2C0%2C0%2C%2C98%2C7%2C%2C%2C%2C2936%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629743216%3At%3AAccount%20Suspended%20-%20Ask.fm

Request Chain 44

• https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=HzFIP3xuQUJPRFhFU3NPeFBkOExkMWZsdUNuZC9wdGU0aGhVdWh4K0lLZXpqQ2NDM0RMRTNtVG4xeVBHU2ZoZHdEdmRMREFqalJ1aUxuVUM1SVR5VmZ1a3ovRHFrenpJU2JUNEZqVHIzdjc1a3d3MnVmbFN2K09OdVhoK2I2T2prbjIvQm9qOXV2UjNZckFJSUE5cEpJUUdiT3BCdW5UaDFSSytpYkxqOEc2M0N3cE9GNjlobUZQMjVWeGtkMTV2MHdNazdxSEwrYW1vQjBCdTQ1TngxLzR0NTVRPT18&cppv=2

Request Chain 71

• https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D138f7b85-7e8b-4738-81d3-df4c74ca799f%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
• https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D138f7b85-7e8b-4738-81d3-df4c74ca799f%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
• https://prebid.a-mo.net/setuid?A=138f7b85-7e8b-4738-81d3-df4c74ca799f&D=&bidder=pubmatic&uid=AFBDC61D-23A6-4682-AE19-B7A973372CA7

Request Chain 72

• https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D138f7b85-7e8b-4738-81d3-df4c74ca799f%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D138f7b85-7e8b-4738-81d3-df4c74ca799f%2526D%253D%2526bidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
• https://prebid.a-mo.net/setuid?A=138f7b85-7e8b-4738-81d3-df4c74ca799f&D=&bidder=appnexus&uid=5821560265530307012

Request Chain 74

• https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=138f7b85-7e8b-4738-81d3-df4c74ca799f HTTP 302
• https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=138f7b85-7e8b-4738-81d3-df4c74ca799f&verify=true HTTP 302
• https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=138f7b85-7e8b-4738-81d3-df4c74ca799f&apid=UPb4eeeb44-043f-11ec-9961-06778dd1898e HTTP 302
• https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=138f7b85-7e8b-4738-81d3-df4c74ca799f&apid=UPb4eeeb44-043f-11ec-9961-06778dd1898e&verify=true HTTP 302
• https://prebid.a-mo.net/setuid/verizon_video?uid=UPb4eeeb44-043f-11ec-9961-06778dd1898e&gdpr=0&gdpr_consent=

Request Chain 75

• https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D138f7b85-7e8b-4738-81d3-df4c74ca799f%26D%3D%26bidder%3Dindex_rtb%26uid%3D HTTP 302
• https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D138f7b85-7e8b-4738-81d3-df4c74ca799f%26D%3D%26bidder%3Dindex_rtb%26uid%3D&s=191503&C=1 HTTP 302
• https://prebid.a-mo.net/setuid?A=138f7b85-7e8b-4738-81d3-df4c74ca799f&D=&bidder=index_rtb&uid=YSPodGMdlkMzfq8mfXktEwAA%261114

Request Chain 76

• https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D138f7b85-7e8b-4738-81d3-df4c74ca799f%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
• https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D138f7b85-7e8b-4738-81d3-df4c74ca799f%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
• https://prebid.a-mo.net/setuid?A=138f7b85-7e8b-4738-81d3-df4c74ca799f&D=&bidder=sovrn&uid=3171cee3cac5f282ada41c8f

Request Chain 79

• https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
• https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5821560265530307012

Request Chain 81

• https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
• https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Request Chain 82

• https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
• https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
• https://sync.quantumdex.io/setuid?bidder=sovrn&uid=12907025312ecaadc24dacec

Request Chain 83

• https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
• https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=bf33e829-197a-4448-9e1e-7d606fc4f659

Request Chain 84

• https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
• https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPb4eeeb44-043f-11ec-9961-06778dd1898e HTTP 302
• https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPb4eeeb44-043f-11ec-9961-06778dd1898e&verify=true HTTP 302
• https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPb4eeeb44-043f-11ec-9961-06778dd1898e

Request Chain 85

• https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
• https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5821560265530307012

Request Chain 86

• https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
• https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=7d6a861a-7dc3-4384-a888-41bf43e06c64

Request Chain 87

• https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
• https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
• https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-YUQQfKRE2uF9gRwGCTaHRgtMZ37aH7o1VblG3Tg-~A

Request Chain 95

• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSPodGMdlkMzfq8mfXktEwAABFoAAAAB HTTP 302
• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSPodGMdlkMzfq8mfXktEwAABFoAAAAB&dcc=t

Request Chain 96

• https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YSPodGMdlkMzfq8mfXktEwAA HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL7_tS0KYDZCZGAljog-1Aw&google_cver=1&gdpr=1

Request Chain 98

• https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YSPodGMdlkMzfq8mfXktEwAABFoAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YSPodGMdlkMzfq8mfXktEwAABFoAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEP-BtiriEGlddhMBH9qebyo&google_cver=1

Request Chain 99

• https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
• https://um.simpli.fi/no_match_opted_out

Request Chain 101

• https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
• https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YSPodQADwC6Y1wBg HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YSPodQADwC6Y1wBg&gdpr=1&_test=YSPodQADwC6Y1wBg

Request Chain 102

• https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7182825396338177316

Request Chain 104

• https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YSPodGMdlkMzfq8mfXktEwAA HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG7zxbIl17AlcUnRIGQBWic&google_cver=1&gdpr=1

Request Chain 105

• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSPodGMdlkMzfq8mfXktEwAABFoAAAAB HTTP 302
• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSPodGMdlkMzfq8mfXktEwAABFoAAAAB&dcc=t

Request Chain 106

• https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YSPodGMdlkMzfq8mfXktEwAABFoAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YSPodGMdlkMzfq8mfXktEwAABFoAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOqWDiI_K03rmadrv6-ZHKY&google_cver=1

Request Chain 108

• https://ums.acuityplatform.com/tum?umid=8 HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=601917756376

Request Chain 109

• https://sync.extend.tv/r.gif?exchange=index HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=57c68094-c1df-4498-81fa-eeb7d82a1fc8

Request Chain 110

• https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1632335220

Request Chain 111

• https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=918b6123-e875-4900-9de5-5e06123f8144&gdpr=1&gdpr_consent=

120 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	410 Gone	Primary Request Cookie set listrain07241 Show response ask.fm/	11 KB 12 KB	2836ms 415ms	Document text/html	193.138.77.142 ASK-FM
General Check archive.org Show headers Download Go to Full URL https://ask.fm/listrain07241 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.138.77.142 , Latvia, ASN395754 (ASK-FM, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 500cd237f3b8a9da4957a8c596df77250506b9eccf622cb7ef98f25f950bfbd2 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Host ask.fm Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Status 410 Gone Cache-Control no-cache X-Frame-Options SAMEORIGIN X-XSS-Protection 1; mode=block X-Content-Type-Options nosniff Date Mon, 23 Aug 2021 18:26:55 GMT Set-Cookie locale=en; path=/; expires=Wed, 24 Aug 2022 00:26:55 -0000 uuid=728ea2c1-ebc6-4b78-a059-71d1e60bc6b2; path=/; expires=Wed, 24 Aug 2022 00:26:55 -0000; secure; HttpOnly country=BE; path=/; expires=Wed, 24 Aug 2022 00:26:55 -0000 _m_ask_fm_session=ejJpRzBtczZyWDJEMnVqTkU4SUpmWVQ1TTR0UkpacW5KWGRGTFJmcUlLdTRZbG5LK3dVZjNkQmN1VlRuelBvQk5hTXNVbnFhNGV1b0xtbUFEZTZZZHB4R2lrWXV2RGRMenhpUlo3YVlIMDRnZndnMjZWZE04WFQvZEZCd3Y4MEcyK2dFTmZGL3ErRW1oMEY1aVRwRGxMQ2FDb3lBclBXNjlGQ0ZRWnVuL0hPSUxmWWFHdkF1d2E4YzlhNXJaS0hITXhqdFQ1L2MvMlNmaTRMcEJ1ekVoNGcxMldldGxRYm05S213dzhkaThyc3ZFc1gyRHNNUGJhWEltWmFDc2M4Vy0tQlJlejN2TjFNYmZUMmxUT25qWEQ5Zz09--cb79af8a6033791934929b812a2a1f341ef84d66; path=/; expires=Thu, 26 Aug 2021 18:26:55 -0000; secure; HttpOnly Server Ask.FM Web Service Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000
GET H2	200	application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css d3r6ceqp4shltl.cloudfront.net/assets/	184 KB 39 KB	51ms 16ms	Stylesheet text/css	2600:9000:2190:5800:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css Requested by Host: ask.fm URL: https://ask.fm/listrain07241 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:5800:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 6bf4d1a5ab84231d4d77a7aa49811be50601ad46f93002a7dfc4b29403980787 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 12:23:34 GMT content-encoding gzip age 453802 x-cache Hit from cloudfront access-control-max-age 3000 content-length 39692 access-control-allow-origin https://ask.fm last-modified Wed, 18 Aug 2021 12:19:47 GMT server Ask.FM Web Service etag "611cfae3-9b0c" strict-transport-security max-age=63072000 access-control-allow-methods GET content-type text/css via 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront) cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop ZRH50-C1 x-amz-cf-id g7nJ6HJEAM2X5WiTV8Yex_7WoNMyanIcOfRde5blh3yJQk9ejDfU1A== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js Show response d3r6ceqp4shltl.cloudfront.net/assets/	217 KB 68 KB	62ms 27ms	Script application/javascript	2600:9000:2190:5800:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js Requested by Host: ask.fm URL: https://ask.fm/listrain07241 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:5800:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 12:06:37 GMT content-encoding gzip age 454819 x-cache Hit from cloudfront access-control-max-age 3000 content-length 69074 access-control-allow-origin https://ask.fm last-modified Wed, 18 Aug 2021 07:22:53 GMT server Ask.FM Web Service etag "611cb54d-10dd2" strict-transport-security max-age=63072000 access-control-allow-methods GET content-type application/javascript via 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront) cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop ZRH50-C1 x-amz-cf-id Ah6i4ymWLg3xAZdDXlyHJT5fAMCqEOMpB_Qo2q3v5m3FaPn1omPCJg== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	account-suspended.gif d3r6ceqp4shltl.cloudfront.net/images/errors/	380 KB 380 KB	27ms 27ms	Image image/gif	2600:9000:2190:5800:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3r6ceqp4shltl.cloudfront.net/images/errors/account-suspended.gif Requested by Host: ask.fm URL: https://ask.fm/listrain07241 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:5800:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash b570d38ee9fb9d3c62cdd3395021b23cf0c1b8d6e55aa0f4c31496723a30c202 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 15:38:28 GMT via 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront) age 442108 x-cache Hit from cloudfront content-length 388641 last-modified Wed, 18 Aug 2021 12:19:47 GMT server Ask.FM Web Service etag "611cfae3-5ee21" strict-transport-security max-age=63072000 content-type image/gif cache-control max-age=315360000, public content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop ZRH50-C1 accept-ranges bytes x-amz-cf-id 69TM2NMBFbq5wPT6GbL4IwBQQbWi7l-IcZQlMTxrtZh65DW0TpgA1A== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	tag.js Show response mc.yandex.ru/metrika/	224 KB 72 KB	49ms 48ms	Script application/javascript	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/tag.js Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash ff1343d1a8da5acf42773c36549ced52929ee8cb0e95eaa11acc91a3c8c76914 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 18:26:56 GMT content-encoding br last-modified Mon, 23 Aug 2021 15:54:40 GMT etag "6123bebf-11d30" strict-transport-security max-age=31536000 content-type application/javascript access-control-allow-origin * cache-control max-age=3600 content-length 73008 expires Mon, 23 Aug 2021 19:26:56 GMT
GET H2	200	227932.jpg d16vsmxl4d5tw1.cloudfront.net/722/01eae/8e52/4add/a2ae/2eebab83daed/thumb/	1 KB 2 KB	80ms 44ms	Image image/jpeg	2600:9000:2190:d600:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/722/01eae/8e52/4add/a2ae/2eebab83daed/thumb/227932.jpg Requested by Host: ask.fm URL: https://ask.fm/listrain07241 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:d600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2b8e1b737cd2849eca99be1bc4376eaddaf8a7c0443b2009768c2eafaecc4820 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id mEBLvPbS1VizwTBQqFyv969N8muPC2j1 via 1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront) last-modified Wed, 03 Jan 2018 21:56:33 GMT server AmazonS3 age 5677 etag "fb3c542d9a1990a887f08243ae58db6d" x-cache Hit from cloudfront content-type image/jpeg x-amz-storage-class REDUCED_REDUNDANCY date Mon, 23 Aug 2021 16:52:20 GMT x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 1334 x-amz-cf-id y-0NjhNvphomY2iAolR0ZkxHzTkYB_mLqCel9gsew9IQMbPE7RPHcg==
GET H2	200	79807.jpg dbq8hrmshvuto.cloudfront.net/b5c/30668/0d9b/45c3/b4dd/860ce3de47fc/thumb/	5 KB 5 KB	48ms 9ms	Image image/jpeg	2600:9000:20eb:c000:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/b5c/30668/0d9b/45c3/b4dd/860ce3de47fc/thumb/79807.jpg Requested by Host: ask.fm URL: https://ask.fm/listrain07241 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:c000:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2048e95e459e79778874cf533c1e773b1b97546cdb8a9d2314fcd8f9cada81e3 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id 3LDLcJv3HmzUXm6k7179CVH5MmG0jPdR via 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront) last-modified Thu, 15 Jul 2021 19:14:56 GMT server AmazonS3 age 6707 etag "dec6be0d1d9f62a692bdfe85af4a23d3" x-cache Hit from cloudfront content-type image/jpeg x-amz-storage-class REDUCED_REDUNDANCY date Mon, 23 Aug 2021 16:35:10 GMT x-amz-cf-pop FRA2-C1 accept-ranges bytes content-length 4975 x-amz-cf-id EbDHlx0ZFTqPjBZQayu3Fs6IiRzoY8qtDGnT4-k0Czj6VQ8fAATNMA==
GET H2	200	img_20130519_015342.jpg dbq8hrmshvuto.cloudfront.net/assets/171/595/816/normal/	77 KB 78 KB	62ms 24ms	Image image/jpeg	2600:9000:20eb:c000:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/assets/171/595/816/normal/img_20130519_015342.jpg Requested by Host: ask.fm URL: https://ask.fm/listrain07241 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:c000:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 19f8c97a4eafe8192baf4fac35edb237ee16a41d999aef3ede9b139379516462 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 19 Aug 2021 11:48:00 GMT via 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront) last-modified Sun, 26 May 2013 15:58:23 GMT server AmazonS3 age 369536 etag "ee8d6da3c960fcb48b42a82b61198d7a" x-cache Hit from cloudfront x-amz-version-id null x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 78928 x-amz-cf-id cXMNvkwyXTsht35ou0QALPF0TXc_RLkkz3EIQ_ZIAVpqrzKQPJfR4A== expires Fri, 26 May 2023 14:46:41 GMT
GET H2	200	379994.jpg d16vsmxl4d5tw1.cloudfront.net/dd8/ff18f/c204/4335/82cf/b0dfb1bb0143/thumb/	4 KB 4 KB	55ms 21ms	Image image/jpeg	2600:9000:2190:d600:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/dd8/ff18f/c204/4335/82cf/b0dfb1bb0143/thumb/379994.jpg Requested by Host: ask.fm URL: https://ask.fm/listrain07241 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:d600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a23779cf882ade0fea1138b0ced12c6de7ad0a2dd8e39fe964153f595cb92ec5 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id hHEeEF1KMhLQJ5bqxvfZxUIZVTcOscj6 via 1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront) last-modified Sun, 19 Nov 2017 23:06:37 GMT server AmazonS3 age 6706 etag "78e0a4c824390b296ead3a877c2e34d4" x-cache Hit from cloudfront content-type image/jpeg x-amz-storage-class REDUCED_REDUNDANCY date Mon, 23 Aug 2021 16:35:11 GMT x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 3972 x-amz-cf-id aW3t7L6THYOaab6YHqyE8mVDfsNWl-ELCBTbOOUOhRgAJlILweuVxA==
GET H2	200	293067.jpg d16vsmxl4d5tw1.cloudfront.net/bbb/03d59/bfe5/428c/9aa3/b8dcf6c4a627/thumb/	4 KB 5 KB	56ms 22ms	Image image/jpeg	2600:9000:2190:d600:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/bbb/03d59/bfe5/428c/9aa3/b8dcf6c4a627/thumb/293067.jpg Requested by Host: ask.fm URL: https://ask.fm/listrain07241 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:d600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash dc820ce6be1d2eff7eccea4187fe6fd681d8b941e9a49288499bbfa6901daf85 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id 85YVBqLAtg78dc8wiAOr3AaMHNOmqoR5 via 1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront) last-modified Fri, 30 Nov 2018 12:25:07 GMT server AmazonS3 age 6706 etag "159ec3b0a746caed169745a1489c20a5" x-cache Hit from cloudfront content-type image/jpeg x-amz-storage-class REDUCED_REDUNDANCY date Mon, 23 Aug 2021 16:35:11 GMT x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 4549 x-amz-cf-id F_pPQbdqLijtHnJKP9JVG29nX7qDF--pgad2gAcBbRNZQyqdFzkurw==
GET H2	200	foto1035.jpg dbq8hrmshvuto.cloudfront.net/assets/097/750/144/normal/	38 KB 39 KB	56ms 19ms	Image image/jpeg	2600:9000:20eb:c000:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/assets/097/750/144/normal/foto1035.jpg Requested by Host: ask.fm URL: https://ask.fm/listrain07241 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:c000:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f5e14f2ab375e8f2933e5f69411dfbffe40053c92bc078289d3df44ad637669b Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Aug 2021 14:31:27 GMT via 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront) last-modified Tue, 22 Jan 2013 18:38:21 GMT server AmazonS3 age 878130 etag "50e4e983e0beb9550f0e14931a22350a" x-cache Hit from cloudfront x-amz-version-id null x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 39235 x-amz-cf-id 4UZJtNkonZb0OECmShvW05QkShCei-oUIVGPpQwaq-llzkYCiI_OIQ== expires Sun, 22 Jan 2023 10:07:39 GMT
GET H2	200	cousine.jpg dbq8hrmshvuto.cloudfront.net/assets/285/411/185/normal/	42 KB 43 KB	49ms 12ms	Image image/jpeg	2600:9000:20eb:c000:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/assets/285/411/185/normal/cousine.jpg Requested by Host: ask.fm URL: https://ask.fm/listrain07241 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:c000:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f6260d011aaddf6c8026d9a9b165095f26a3f523ed0618974558c73fdf686d3e Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 17:56:53 GMT via 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront) last-modified Wed, 23 Oct 2013 18:59:43 GMT server AmazonS3 age 433804 etag "31d486b940485682970e4dcdd63a0dd2" x-cache Hit from cloudfront x-amz-version-id null x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 43286 x-amz-cf-id rj25ggvy70ZiPeEIAEPf0Tx2Y1PcloxLII5c7g-5heTZMKiJgTSRxw== expires Mon, 23 Oct 2023 16:58:58 GMT
GET H2	200	121549.jpg d16vsmxl4d5tw1.cloudfront.net/bff/2a1a3/8b4e/47df/a48b/801203b564b0/thumb/	364 B 765 B	63ms 30ms	Image image/jpeg	2600:9000:2190:d600:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/bff/2a1a3/8b4e/47df/a48b/801203b564b0/thumb/121549.jpg Requested by Host: ask.fm URL: https://ask.fm/listrain07241 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:d600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c6f74c2d435feeee02136936f5eba6ff053e126e0f79d4932bfc10487e2a6409 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 22 Aug 2021 23:54:21 GMT via 1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront) last-modified Sun, 03 Nov 2019 04:10:06 GMT server AmazonS3 age 66756 etag "77da7dc203ada1ec1db75ec4d0bc06f4" x-cache Hit from cloudfront x-amz-version-id xOeOEu.XpOkeuP3sKPBfnDZOu5dn6Ydm x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-type image/jpeg content-length 364 x-amz-cf-id 9_3eQjFWfOXGSQxmFwhxhlMHpGCbQ5gZYl3VvxQu-7Yr6ztQvuy_Lg==
GET H2	200	3654351.jpg d16vsmxl4d5tw1.cloudfront.net/0cc/ff9e7/118e/4be1/a2c9/b71bd13a46b0/thumb/	3 KB 3 KB	55ms 22ms	Image image/jpeg	2600:9000:2190:d600:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/0cc/ff9e7/118e/4be1/a2c9/b71bd13a46b0/thumb/3654351.jpg Requested by Host: ask.fm URL: https://ask.fm/listrain07241 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:d600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 68621587dd7c12a21179182cd9a13dc5ad555109f55db23b946097afe8a73206 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 22 Aug 2021 23:47:02 GMT via 1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront) last-modified Fri, 08 Sep 2017 11:17:55 GMT server AmazonS3 age 67195 etag "ca539ef53f9f53e39c1531f247f413e7" x-cache Hit from cloudfront x-amz-version-id gm8Cc2gbk4kts10.W2NNEPP6C4JTY_g0 x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-type image/jpeg content-length 2758 x-amz-cf-id yfP-ron1eDBKnDuKkNuHpLwYDCDh7x0zoGUIVdS_0fSW3gwzyq78bA==
GET H2	200	2773.jpg d16vsmxl4d5tw1.cloudfront.net/c45/95bd5/4a28/4b6d/b932/413ac87557a3/thumb/	4 KB 4 KB	27ms 23ms	Image image/jpeg	2600:9000:2190:d600:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/c45/95bd5/4a28/4b6d/b932/413ac87557a3/thumb/2773.jpg Requested by Host: ask.fm URL: https://ask.fm/listrain07241 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:d600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 53ba070f60f7f26feeb5739ced44f9cb53562b3639ed9400e854ebfa5795b789 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 10:10:44 GMT via 1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront) last-modified Wed, 14 Aug 2019 10:32:59 GMT server AmazonS3 age 29773 etag "63bd7a1bf2443c4dc91d63c9b9ed369f" x-cache Hit from cloudfront x-amz-version-id xmFzUnlFmY0yeZZaaLbgKUtlKLQw1dq. x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-type image/jpeg content-length 4164 x-amz-cf-id W0oMeERtnxJCgiC6FUb_hryeoc2zSJgUnYACsQOHp6i3XotJZkwxow==
GET H2	200	21454.jpg dbq8hrmshvuto.cloudfront.net/3fd/9f782/342b/4526/90b0/d98385163b0a/thumb/	3 KB 4 KB	446ms 443ms	Image image/jpeg	2600:9000:20eb:c000:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/3fd/9f782/342b/4526/90b0/d98385163b0a/thumb/21454.jpg Requested by Host: ask.fm URL: https://ask.fm/listrain07241 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:c000:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0e613dc2d51069383ec3acbb73119510e153e8b5ffacd4f3b64debe1c0328e4e Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 18:26:57 GMT via 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront) last-modified Tue, 18 Aug 2020 17:46:20 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 etag "fe79a006e15c1f40dde5ddba44d4be02" x-cache Miss from cloudfront x-amz-version-id AGWgzY3KPN43BTJ7gpNqcwyZVIaCwPCm x-amz-storage-class REDUCED_REDUNDANCY accept-ranges bytes content-type image/jpeg content-length 3331 x-amz-cf-id iFANPQDUuhK4gIKkPYwKDizYJAkiSHEuBvLKEvotXYxF-f5WyUjZig==
GET H2	200	87858.jpg d16vsmxl4d5tw1.cloudfront.net/886/7d0a3/e36e/4b7b/946d/1a50a43b850d/thumb/	5 KB 5 KB	27ms 24ms	Image image/jpeg	2600:9000:2190:d600:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/886/7d0a3/e36e/4b7b/946d/1a50a43b850d/thumb/87858.jpg Requested by Host: ask.fm URL: https://ask.fm/listrain07241 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:d600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 95ee0bffc54b6c9cd0003a68b24ec1dee031a4e8f2f200e005882af6c79815e6 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 05:38:44 GMT via 1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront) last-modified Wed, 30 Jan 2019 20:26:07 GMT server AmazonS3 age 46093 etag "714db415c8703d2f00ae343f0f175074" x-cache Hit from cloudfront x-amz-version-id ceId7rqoHSM499YWyanOAucXB1bdYcm0 x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-type image/jpeg content-length 4903 x-amz-cf-id Lg_bFXVJMj9GhRXS_7bVKZQeZnPA8lVSlia2hL5xK2_MQ-24_zkmkg==
GET H2	200	59529.jpg dbq8hrmshvuto.cloudfront.net/b0f/d652d/820f/467b/be74/c279ca425f0d/thumb/	4 KB 4 KB	17ms 14ms	Image image/jpeg	2600:9000:20eb:c000:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/b0f/d652d/820f/467b/be74/c279ca425f0d/thumb/59529.jpg Requested by Host: ask.fm URL: https://ask.fm/listrain07241 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:c000:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 751ad759d91f1d952f1347ab1c466526a544a76ccf6f1574fb2e2b970f3da4ae Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 11:48:46 GMT via 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront) last-modified Wed, 07 Apr 2021 08:49:42 GMT server AmazonS3 age 23891 etag "80c8d333f8b3b3129ee047cfe7753a45" x-cache Hit from cloudfront x-amz-version-id XOdcDGm5QnGbkqTbXsqymlzA3pIY86Ye x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 3714 x-amz-cf-id ZxLsW3zImRtzHkSVH4L86P11No_mJ4jQK6YlkjdotqVH9lcmpqdZkQ==
GET H2	200	15246.jpg d16vsmxl4d5tw1.cloudfront.net/6c9/6c6e9/1e3a/4e27/accf/f28535dc4a81/thumb/	2 KB 2 KB	26ms 23ms	Image image/jpeg	2600:9000:2190:d600:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/6c9/6c6e9/1e3a/4e27/accf/f28535dc4a81/thumb/15246.jpg Requested by Host: ask.fm URL: https://ask.fm/listrain07241 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:d600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e491b3d1884a4b75c4a4692d0a75999f94f52d38f760221a3461faa8e28b7db2 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 22 Aug 2021 23:45:42 GMT via 1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront) last-modified Sun, 23 Jun 2019 15:23:51 GMT server AmazonS3 age 67275 etag "6400689c191a18884067afd066f96a81" x-cache Hit from cloudfront x-amz-version-id 4LXFXuGHRmzAtMwhfuHoAYruUMCNTJ82 x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-type image/jpeg content-length 1816 x-amz-cf-id oo3AApCDbqcXxEJXL5qAYHFJgacgnlvAi2YwjnzdlRtue0SgBXa20Q==
GET H2	200	file.jpg dbq8hrmshvuto.cloudfront.net/assets2/136/491/305/728/normal/	91 KB 92 KB	18ms 15ms	Image image/jpeg	2600:9000:20eb:c000:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/assets2/136/491/305/728/normal/file.jpg Requested by Host: ask.fm URL: https://ask.fm/listrain07241 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:c000:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 30ef00266617c415fef9326aaeaaec06219ad62eb7916fb4b3b0a909275ecb66 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 19 Aug 2021 11:48:00 GMT via 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront) last-modified Sun, 29 Nov 2015 14:31:14 GMT server AmazonS3 age 369537 etag "6b00e0a03ccaaa60966fdd00f0dd1001" x-cache Hit from cloudfront x-amz-version-id null x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 93625 x-amz-cf-id xT0oUV0kbEgooOoVZvS2LIu-EYzMAkZgPQL2k6TTx__OxUG2tXByGw== expires Mon, 01 Jan 2024 00:00:00 GMT
GET H2	200	file.jpg dbq8hrmshvuto.cloudfront.net/assets2/092/956/514/560/normal/	33 KB 34 KB	21ms 18ms	Image image/jpeg	2600:9000:20eb:c000:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/assets2/092/956/514/560/normal/file.jpg Requested by Host: ask.fm URL: https://ask.fm/listrain07241 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:c000:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ddc2538fe194c4416bda793aaf24a89d206357c5890a2b6e6f9e75a937c24b3d Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 14:06:59 GMT via 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront) last-modified Fri, 10 Apr 2015 19:26:16 GMT server AmazonS3 age 15598 etag "a984f92c8223aaba7784e9ff7d92acc7" x-cache Hit from cloudfront x-amz-version-id null x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 33906 x-amz-cf-id -tz1El-rLqYC7Ok4ukwyE6w3w3h531hFXohRjIS6-jIWEs9GDFw4fg== expires Mon, 01 Jan 2024 00:00:00 GMT
GET H2	200	196709.jpg dbq8hrmshvuto.cloudfront.net/e03/cd9bd/5525/4393/8946/490ffe9d3765/thumb/	3 KB 4 KB	24ms 22ms	Image image/jpeg	2600:9000:20eb:c000:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/e03/cd9bd/5525/4393/8946/490ffe9d3765/thumb/196709.jpg Requested by Host: ask.fm URL: https://ask.fm/listrain07241 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:c000:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 30b7d84619a37b1a8422c0e51320ae2718e01a0be7ebc0d003afe405b384bdc8 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 07:14:58 GMT via 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront) last-modified Fri, 17 Apr 2020 22:11:24 GMT server AmazonS3 age 40318 etag "26547b7a41a6d0e04d725c74f3e55e5a" x-cache Hit from cloudfront x-amz-version-id bzER9OwnvZABQgI5Dz73C88mxi..Td3N x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 3356 x-amz-cf-id R5H9MAdIBJbnPYmPmg-P7x9qFCwQ6G4XRCX9mLEW62oHSNNNm-JsGQ==
GET H2	200	29537.jpg d16vsmxl4d5tw1.cloudfront.net/b91/b723b/e755/46b4/8154/93ce13d5b72a/thumb/	4 KB 4 KB	30ms 27ms	Image image/jpeg	2600:9000:2190:d600:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/b91/b723b/e755/46b4/8154/93ce13d5b72a/thumb/29537.jpg Requested by Host: ask.fm URL: https://ask.fm/listrain07241 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:d600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a82f4bda79b6674255d6adb977a14f9aa7c382378e7ce56c7d71daf52bf6c6ca Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 22 Aug 2021 20:51:36 GMT via 1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront) last-modified Sat, 21 Jul 2018 20:46:57 GMT server AmazonS3 age 77720 etag "4f54289cb089883e9d6e868e5b79cb00" x-cache Hit from cloudfront x-amz-version-id pJ5gYy0b1B3Vw8Qw6uPNgVQ2b0vCPZZl x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-type image/jpeg content-length 3741 x-amz-cf-id uuCOIrGPOwPTfCqvh0cqjCcju9ljfCkvt8Ri1BO4gTs4sawsbFrYQQ==
GET H2	200	IMG_2454.jpg dbq8hrmshvuto.cloudfront.net/assets2/121/114/057/984/normal/	82 KB 82 KB	22ms 20ms	Image image/jpeg	2600:9000:20eb:c000:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/assets2/121/114/057/984/normal/IMG_2454.jpg Requested by Host: ask.fm URL: https://ask.fm/listrain07241 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:c000:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 68f3d9d01825de3ed12c8767d877770654bd7653d69a2c0f0b4024ac369da002 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 07 Aug 2021 12:13:59 GMT via 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront) last-modified Tue, 25 Aug 2015 13:03:11 GMT server AmazonS3 age 1404778 etag "28058f6be999f82afcbb79ad73affa20" x-cache Hit from cloudfront x-amz-version-id null x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 83951 x-amz-cf-id Gm_7CmA9YHqY6CjvVCKY74ou9ZDMAJb2TSnQ_3a7Ew7pD_D_lsajDQ== expires Mon, 01 Jan 2024 00:00:00 GMT
GET H2	200	1186329_638092392900255_2094709901_n.jpg dbq8hrmshvuto.cloudfront.net/assets2/101/855/885/824/normal/	53 KB 54 KB	26ms 23ms	Image image/jpeg	2600:9000:20eb:c000:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/assets2/101/855/885/824/normal/1186329_638092392900255_2094709901_n.jpg Requested by Host: ask.fm URL: https://ask.fm/listrain07241 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:c000:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 38b61cad7f6803540be077d71f4520c81393721818316a30eb7082e64a910ad8 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 Aug 2021 23:24:03 GMT via 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront) last-modified Fri, 22 May 2015 18:20:38 GMT server AmazonS3 age 154974 etag "596ecd37bb21681057c2dace6d22ec3f" x-cache Hit from cloudfront x-amz-version-id null x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 54536 x-amz-cf-id lVZyHUmLvESNBkthgKhEfOjWl5FHghtMEwe_H6fA16et1Hs871lH0w== expires Mon, 01 Jan 2024 00:00:00 GMT
GET H2	200	71356.png d16vsmxl4d5tw1.cloudfront.net/5f6/e0390/634a/4d93/8d6d/597b448bb221/thumb/	12 KB 13 KB	28ms 25ms	Image image/png	2600:9000:2190:d600:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/5f6/e0390/634a/4d93/8d6d/597b448bb221/thumb/71356.png Requested by Host: ask.fm URL: https://ask.fm/listrain07241 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:d600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ca2ea7446966448888bb0e01b3997b68744895094859667d6aa8730af75fdc1e Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 14:07:06 GMT via 1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront) last-modified Wed, 04 Dec 2019 19:37:41 GMT server AmazonS3 age 15591 etag "6d89214d987fb1cc2313ec82d15db88d" x-cache Hit from cloudfront x-amz-version-id UUOiIDKeiFCDOfZKHIr8Zjc00qub2Y5t x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-type image/png content-length 12389 x-amz-cf-id xcT5Oq9dWGcOuReIOy5egqEH5PH0b9bVryLO5p-Hj45HGTs5V0HSRg==
GET H2	200	avatar.jpg dbq8hrmshvuto.cloudfront.net/assets2/069/788/249/344/normal/	43 KB 43 KB	25ms 22ms	Image image/jpeg	2600:9000:20eb:c000:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/assets2/069/788/249/344/normal/avatar.jpg Requested by Host: ask.fm URL: https://ask.fm/listrain07241 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:c000:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6ce4df8f8751fa94b8cac5db18772ef83b9d5627bdcb1a9e07a266be6313a11e Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 17:56:53 GMT via 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront) last-modified Thu, 25 Dec 2014 04:59:08 GMT server AmazonS3 age 433804 etag "697a896dfee2fc5b24b8dfe941330915" x-cache Hit from cloudfront x-amz-version-id null x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 43995 x-amz-cf-id XSd35dra58SUR5WsTtKOQEKSjGKhhj3e705BcEioYfaLAEFFs1vR7w== expires Mon, 01 Jan 2024 00:00:00 GMT
GET H2	200	214115.jpg dbq8hrmshvuto.cloudfront.net/39f/1b0c5/0805/488a/99be/f4c917f7452d/thumb/	1 KB 2 KB	23ms 21ms	Image image/jpeg	2600:9000:20eb:c000:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/39f/1b0c5/0805/488a/99be/f4c917f7452d/thumb/214115.jpg Requested by Host: ask.fm URL: https://ask.fm/listrain07241 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:c000:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5e8af22fa0b7989af0d71d8e3b6ba781855784ac685f0048e65222a99f7e49a6 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 03:35:57 GMT via 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront) last-modified Thu, 28 Jan 2021 22:02:39 GMT server AmazonS3 age 53460 etag "bf7a163caaac7a8e6d79a3c0c11a1c16" x-cache Hit from cloudfront x-amz-version-id ncx_d6vHFOrUslu7LRlkAB5NbSnlBW7f x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 1206 x-amz-cf-id FfgKJ87rNvgXIsa_tVhn65YnWb0p4NbEtM96wkMyZA_VIiCJdCQD_w==
GET H2	200	39488.jpg d16vsmxl4d5tw1.cloudfront.net/be8/b7b4a/5767/4aaf/be2d/294fb0e3ec55/thumb/	2 KB 3 KB	32ms 30ms	Image image/jpeg	2600:9000:2190:d600:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/be8/b7b4a/5767/4aaf/be2d/294fb0e3ec55/thumb/39488.jpg Requested by Host: ask.fm URL: https://ask.fm/listrain07241 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:d600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ae1c3067b31707164e8392546e78d10bf320cfd4c737e4c8405088d68730828a Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id sm445n7VNTGm0N_byZqcMr8b4b4Ck_GX via 1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront) last-modified Sat, 11 May 2019 11:13:02 GMT server AmazonS3 age 3847 etag "6f39e6436e474e725ac0e1cdbc10951a" x-cache Hit from cloudfront content-type image/jpeg x-amz-storage-class REDUCED_REDUNDANCY date Mon, 23 Aug 2021 17:22:50 GMT x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 2290 x-amz-cf-id uG1sz63LdWr6oIUgBSBLWZVumallELfyoAPe1Zd9bU1PgT0jBAtWiw==
GET H2	200	fontello-4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316.woff2 d3r6ceqp4shltl.cloudfront.net/assets/	17 KB 18 KB	41ms 14ms	Font application/font-woff2	2600:9000:2190:5800:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/fontello-4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316.woff2 Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:5800:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Origin https://ask.fm Referer https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 07 Jul 2021 00:42:37 GMT via 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront) vary Accept-Encoding,Origin age 4124659 x-cache Hit from cloudfront strict-transport-security max-age=63072000 content-length 17880 last-modified Thu, 29 Apr 2021 05:41:49 GMT server Ask.FM Web Service etag "608a471d-45d8" access-control-max-age 3000 access-control-allow-methods GET content-type application/font-woff2 access-control-allow-origin https://ask.fm cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop ZRH50-C1 accept-ranges bytes x-amz-cf-id -6WOf4fUmy2o479FH5rkcprKGZplet2sQV0jlm17yyMuHrkq30DXLw== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	proximanova-semibold-41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401.woff2 d3r6ceqp4shltl.cloudfront.net/assets/	25 KB 25 KB	48ms 21ms	Font application/font-woff2	2600:9000:2190:5800:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/proximanova-semibold-41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401.woff2 Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:5800:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Origin https://ask.fm Referer https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 25 Feb 2021 11:14:43 GMT via 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront) vary Accept-Encoding,Origin age 15491533 x-cache Hit from cloudfront strict-transport-security max-age=63072000 content-length 25400 last-modified Wed, 06 Sep 2017 12:36:34 GMT server Ask.FM Web Service etag "59afebd2-6338" access-control-max-age 3000 access-control-allow-methods GET content-type application/font-woff2 access-control-allow-origin https://ask.fm cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop ZRH50-C1 accept-ranges bytes x-amz-cf-id cZ3FrH6BClUWpcBqZT2qk3N5HAiFowsqtlOsyCdmu3wNkXUPaHiung== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	proximanovareg-98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f.woff2 d3r6ceqp4shltl.cloudfront.net/assets/	51 KB 52 KB	53ms 26ms	Font application/font-woff2	2600:9000:2190:5800:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/proximanovareg-98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f.woff2 Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:5800:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Origin https://ask.fm Referer https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 25 Jul 2021 00:59:21 GMT via 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront) vary Accept-Encoding,Origin age 2568454 x-cache Hit from cloudfront strict-transport-security max-age=63072000 content-length 52204 last-modified Wed, 02 Aug 2017 08:00:22 GMT server Ask.FM Web Service etag "59818696-cbec" access-control-max-age 3000 access-control-allow-methods GET content-type application/font-woff2 access-control-allow-origin https://ask.fm cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop ZRH50-C1 accept-ranges bytes x-amz-cf-id 4iguH4NG480oG-DTr-qdQC0HfAdxNWWRbA2WclPeIaMYxw7OQK0C_Q== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	400	sync_cookie_image_decide mc.yandex.com/ Redirect Chain https://mc.yandex.com/sync_cookie_image_check https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9374.nziMiBSdzylLfA5SfVHfGnUVSnmy8hNvzWXAwZpfcy9OIbVyF4mV9_r13JaMF7RQ.dFr7BjjmTzUgC-EfoauVYASoFQA%2C https://mc.yandex.com/sync_cookie_image_decide?token=9374.ydJwrquswHiqSxumAY_Sov_PO8xaS4eILk-vaIkyhkTlLHKnAdmnuY6r1TEwwhuBxU8cQFl3BtNVzLZyjdpXjg%2C%2C.778cUT3GXTSSD7nYHItzVBHNv1o%2C	75 B 75 B	51ms 51ms	Image text/html	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/sync_cookie_image_decide?token=9374.ydJwrquswHiqSxumAY_Sov_PO8xaS4eILk-vaIkyhkTlLHKnAdmnuY6r1TEwwhuBxU8cQFl3BtNVzLZyjdpXjg%2C%2C.778cUT3GXTSSD7nYHItzVBHNv1o%2C Requested by Host: ask.fm URL: https://ask.fm/listrain07241 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 18:26:56 GMT strict-transport-security max-age=31536000 content-length 75 x-xss-protection 1; mode=block content-type text/html; charset=utf-8 Redirect headers location https://mc.yandex.com/sync_cookie_image_decide?token=9374.ydJwrquswHiqSxumAY_Sov_PO8xaS4eILk-vaIkyhkTlLHKnAdmnuY6r1TEwwhuBxU8cQFl3BtNVzLZyjdpXjg%2C%2C.778cUT3GXTSSD7nYHItzVBHNv1o%2C date Mon, 23 Aug 2021 18:26:56 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
GET H2	200	advert.gif mc.yandex.com/metrika/	43 B 100 B	48ms 48ms	Image image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/metrika/advert.gif Requested by Host: ask.fm URL: https://ask.fm/listrain07241 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 18:26:56 GMT last-modified Mon, 23 Aug 2021 15:54:40 GMT etag "6123bebf-2b" strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes content-length 43 expires Mon, 23 Aug 2021 19:26:56 GMT
GET H2	200	1 Show response mc.yandex.com/watch/48953915/ Redirect Chain https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Flistrain07241&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A3027%3Afu%3A0%3Aen%3Autf-8%... https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Flistrain07241&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A3027%3Afu%3A0%3Aen%3Autf-...	383 B 465 B	57ms 56ms	XHR application/json	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Flistrain07241&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A3027%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A624%3Acn%3A1%3Adp%3A0%3Als%3A707724651349%3Ahid%3A396447626%3Az%3A120%3Ai%3A20210823202656%3Aet%3A1629743216%3Ac%3A1%3Arn%3A834593787%3Au%3A1629743216944034492%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629743213160%3Ads%3A1%2C2419%2C416%2C0%2C0%2C0%2C%2C96%2C7%2C%2C%2C%2C2936%3Adsn%3A1%2C2419%2C416%2C1%2C0%2C0%2C%2C98%2C7%2C%2C%2C%2C2936%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629743216%3At%3AAccount%20Suspended%20-%20Ask.fm Requested by Host: ask.fm URL: https://ask.fm/listrain07241 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 01c75052a014eea7a040e2cb9b014f2584ac05b55cbed85768070ec559366a25 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 23 Aug 2021 18:26:56 GMT x-content-type-options nosniff last-modified Mon, 23-Aug-2021 18:26:56 GMT strict-transport-security max-age=31536000 content-type application/json; charset=utf-8 access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 383 x-xss-protection 1; mode=block expires Mon, 23-Aug-2021 18:26:56 GMT Redirect headers pragma no-cache date Mon, 23 Aug 2021 18:26:56 GMT last-modified Mon, 23-Aug-2021 18:26:56 GMT location /watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Flistrain07241&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A3027%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A624%3Acn%3A1%3Adp%3A0%3Als%3A707724651349%3Ahid%3A396447626%3Az%3A120%3Ai%3A20210823202656%3Aet%3A1629743216%3Ac%3A1%3Arn%3A834593787%3Au%3A1629743216944034492%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629743213160%3Ads%3A1%2C2419%2C416%2C0%2C0%2C0%2C%2C96%2C7%2C%2C%2C%2C2936%3Adsn%3A1%2C2419%2C416%2C1%2C0%2C0%2C%2C98%2C7%2C%2C%2C%2C2936%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629743216%3At%3AAccount%20Suspended%20-%20Ask.fm strict-transport-security max-age=31536000 access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Mon, 23-Aug-2021 18:26:56 GMT
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	3 KB 2 KB	6ms 6ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash fb010162c0bc23ed200747757660694cf241f3ca4cc33056d9f8ac5ad00ec0ce Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 7rERXa5OYWODTkQ8X3nyaQ== cross-origin-resource-policy cross-origin expires Mon, 23 Aug 2021 18:32:23 GMT alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 1687 x-fb-rlafr 0 x-fb-debug bGd5RUzgw9OvSo3J9pTXdWsaMw5F8aPVYh5WSFhaYWYhg3UEvY0xIn81Kq+N+D2jv9+T7VmoVorpzpskO3Dd0A== x-fb-trip-id 686109401 x-fb-content-md5 200ced0105d9db994254eaabee73f5df cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Mon, 23 Aug 2021 18:26:56 GMT x-frame-options DENY report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=1200,stale-while-revalidate=3600 etag "77713896d383fb6f56fb803903a457c6" timing-allow-origin * priority u=3,i access-control-expose-headers X-FB-Content-MD5
GET H2	200	gtm.js Show response www.googletagmanager.com/	90 KB 36 KB	14ms 14ms	Script application/javascript	2a00:1450:4001:828::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NDJVZHZ Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 929c345e574a393912ada894610354e833f938c4edceb2373ddbd0021128c69f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 18:26:56 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36436 x-xss-protection 0 last-modified Mon, 23 Aug 2021 18:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 23 Aug 2021 18:26:56 GMT
GET H2	200	3eb3366e-65c3-4a24-90f5-0026136a4131.min.js Show response cmp.optad360.io/items/	2 B 360 B	47ms 13ms	Script application/javascript	2600:9000:2190:ee00:6:b871:4f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.optad360.io/items/3eb3366e-65c3-4a24-90f5-0026136a4131.min.js Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:ee00:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 17:49:27 GMT via 1.1 b103085320b440f2b61bad94c412ff70.cloudfront.net (CloudFront) last-modified Wed, 28 Apr 2021 09:49:58 GMT server AmazonS3 age 2250 etag "99914b932bd37a50b983c5e7c90ae93b" x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=3600 x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 2 x-amz-cf-id hApVhKsqxiPSo7YWOn81LoXdCbU-mjh8ULu1aZaZz7Sct6-rKajJWA==
GET H2	200	plugin.min.js Show response get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/	222 KB 49 KB	38ms 7ms	Script application/javascript	2600:9000:21f3:dc00:11:a4de:2580:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:dc00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 523f7c911bad399274fd6b5344f416d976335ea365a709e7400335a1b8a29d59 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 18:19:20 GMT content-encoding gzip last-modified Tue, 17 Aug 2021 15:08:20 GMT server AmazonS3 age 457 etag W/"4f6443b257506669739f71e2a9030d1b" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront) cache-control public, max-age=3600 x-amz-cf-pop FRA2-C2 x-amz-cf-id tRe_IXYmV7AhB8xHSpqRBwsMJMnvltRQo-WTce771n2EhjCw8nV6qw==
GET H3-29	200	sdk.js Show response connect.facebook.net/en_US/	230 KB 67 KB	8ms 8ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js?hash=0048c8821946a3434bd61b446eea4817 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 23f0d3e8a2587afd02e1a7d737d43a541d7c6659f45259bdb1edd39c8c3ba32b Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 CETyFumfx2h6OhBOwXYkLw== cross-origin-resource-policy cross-origin expires Tue, 23 Aug 2022 17:43:34 GMT alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 68285 x-fb-rlafr 0 x-fb-debug Zch8zEzWoQZGdtpWLM93S719aJsnGekRt3jMPQpUzurWJVmEKRFgiqNQD8EzYIOGV9KEJXMBC1TkGHAbeWVNMg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-content-md5 8775345d2f9be23ec0ea75ce88e2b4dd cross-origin-opener-policy same-origin-allow-popups date Mon, 23 Aug 2021 18:26:56 GMT x-frame-options DENY report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable etag "ef949db003a05d679b114517270b4d8b" timing-allow-origin * priority u=3,i access-control-expose-headers X-FB-Content-MD5
GET H2	200	/ www.facebook.com/tr/	44 B 147 B	6ms 6ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=129215213762342&ev=fb_page_view&dl=https%3A%2F%2Fask.fm%2Flistrain07241&rl=&if=false&ts=1629743216651&sw=1600&sh=1200&at= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 18:26:56 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Mon, 23 Aug 2021 18:26:56 GMT
GET H2	200	prebid5.2.0.js Show response get.optad360.io/sf/	437 KB 135 KB	7ms 7ms	Script application/javascript	2600:9000:21f3:dc00:11:a4de:2580:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://get.optad360.io/sf/prebid5.2.0.js Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:dc00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a923230515fe265da1f93fcd02d41e37ef4e6bc157358768313d7cb9e5efb7a6 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 00:45:24 GMT content-encoding gzip last-modified Fri, 25 Jun 2021 12:08:33 GMT server AmazonS3 age 1186893 etag W/"3f120fb160292782175c18b2de386caf" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront) cache-control public, max-age=360000000 x-amz-cf-pop FRA2-C2 x-amz-cf-id 743ThWTfCHej6MuhXnxhcoXKc3Bp80P6ih5d1Xa73OLKE_ucMGp_Sg==
OPTIONS H2	200	json gum.criteo.com/sid/ Frame	0 0	38ms 12ms	Preflight application/json	2a02:2638:1::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1 Protocol H2 Server 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin https://ask.fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache content-type application/json; charset=utf-8 expires 0 strict-transport-security max-age=31536000 access-control-allow-origin https://ask.fm access-control-allow-headers content-type access-control-allow-credentials true access-control-allow-methods GET server-processing-duration-in-ticks 1462 date Mon, 23 Aug 2021 18:26:55 GMT content-encoding gzip vary Accept-Encoding
OPTIONS H2	200	openrtb adx.adform.net/adx/ Frame	0 0	577ms 263ms	Preflight	37.157.6.252 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/openrtb Protocol H2 Server 37.157.6.252 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS s1.adform.net Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://ask.fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers server nginx date Mon, 23 Aug 2021 18:26:57 GMT content-length 0 cache-control private access-control-allow-origin https://ask.fm access-control-allow-credentials true access-control-allow-methods GET, POST access-control-allow-headers Content-Type, Cache-Control, Accept-Encoding, X-Requested-With access-control-max-age 86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" strict-transport-security max-age=31536000; includeSubDomains
GET H2	200	latest.json Show response cdn.jsdelivr.net/gh/prebid/currency-file@1/	2 KB 1 KB	18ms 6ms	XHR application/json	2a04:4e42:3::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210823 Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 056ca9e5ccf8bebe6f90ab7cfc6a3405d4185929f1b8361eea81d51f9e7a7dd2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 11608 x-jsd-version 1.0.1078 x-cache HIT cross-origin-resource-policy cross-origin content-length 938 etag W/"6a0-VlQrY62cAsNgXyAvKNCtpPKSNCo" x-served-by cache-fra19165-FRA x-jsd-version-type version date Mon, 23 Aug 2021 18:26:56 GMT vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H2	200	sid Show response mug.criteo.com/ Redirect Chain https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1 https://mug.criteo.com/sid?cpp=HzFIP3xuQUJPRFhFU3NPeFBkOExkMWZsdUNuZC9wdGU0aGhVdWh4K0lLZXpqQ2NDM0RMRTNtVG4xeVBHU2ZoZHdEdmRMREFqalJ1aUxuVUM1SVR5VmZ1a3ovRHFrenpJU2JUNEZqVHIzdjc1a3d3MnVmbFN2K09OdVhoK2...	324 B 586 B	59ms 19ms	XHR application/json	178.250.0.157 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=HzFIP3xuQUJPRFhFU3NPeFBkOExkMWZsdUNuZC9wdGU0aGhVdWh4K0lLZXpqQ2NDM0RMRTNtVG4xeVBHU2ZoZHdEdmRMREFqalJ1aUxuVUM1SVR5VmZ1a3ovRHFrenpJU2JUNEZqVHIzdjc1a3d3MnVmbFN2K09OdVhoK2I2T2prbjIvQm9qOXV2UjNZckFJSUE5cEpJUUdiT3BCdW5UaDFSSytpYkxqOEc2M0N3cE9GNjlobUZQMjVWeGtkMTV2MHdNazdxSEwrYW1vQjBCdTQ1TngxLzR0NTVRPT18&cppv=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash 688f43ea3ccc15319db60fc1deec1485cad0fca22951b041f6c79919a6fe7d48 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 content-encoding gzip date Mon, 23 Aug 2021 18:26:57 GMT vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin null cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 2074 expires 0 Redirect headers pragma no-cache strict-transport-security max-age=31536000 date Mon, 23 Aug 2021 18:26:56 GMT location https://mug.criteo.com/sid?cpp=HzFIP3xuQUJPRFhFU3NPeFBkOExkMWZsdUNuZC9wdGU0aGhVdWh4K0lLZXpqQ2NDM0RMRTNtVG4xeVBHU2ZoZHdEdmRMREFqalJ1aUxuVUM1SVR5VmZ1a3ovRHFrenpJU2JUNEZqVHIzdjc1a3d3MnVmbFN2K09OdVhoK2I2T2prbjIvQm9qOXV2UjNZckFJSUE5cEpJUUdiT3BCdW5UaDFSSytpYkxqOEc2M0N3cE9GNjlobUZQMjVWeGtkMTV2MHdNazdxSEwrYW1vQjBCdTQ1TngxLzR0NTVRPT18&cppv=2 access-control-allow-methods GET content-type text/html; charset=utf-8 access-control-allow-origin https://ask.fm cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 1963 content-length 455 expires 0
POST H2	200	prebid-request Show response onetag-sys.com/	15 B 362 B	325ms 279ms	XHR application/json	51.89.9.253 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/prebid-request Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip253.ip-51-89-9.eu Software / Resource Hash 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=15552000 content-encoding gzip p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' access-control-allow-origin https://ask.fm cache-control no-transform, no-cache access-control-allow-credentials true content-type application/json access-control-allow-headers content-type, origin, referer, user-agent content-length 41
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	19 B 688 B	58ms 20ms	XHR application/json	185.33.221.15 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Mon, 23 Aug 2021 18:26:56 GMT X-Proxy-Origin 82.102.19.136; 82.102.19.136; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid c5573ae5-7855-41a9-a695-8395a577efb9 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://ask.fm Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	204	apacdex Show response useast.quantumdex.io/auction/	0 625 B	250ms 232ms	XHR text/plain	2606:4700:20::ac43:47f1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://useast.quantumdex.io/auction/apacdex Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Mon, 23 Aug 2021 18:26:57 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-allow-methods POST, GET access-control-allow-origin https://ask.fm report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eeOXLE%2Fv0IroCnTZVe%2F7EjZlX6pbdkcSS6H%2ByztLBvf4LpMeMQdkWxCFDkmcHRq6plKw9E9EEST3mjb8aOGVuyhsCQmN31JhTJTUS38PF2xvIJ9eF9FhH9I4%2FB4ZA6na7wCMloE3EFjrV%2BSXO6YO0vkO"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 683664617bc5c2e5-FRA
POST H2	200	c Show response prebid.a-mo.net/a/	861 B 780 B	563ms 104ms	XHR application/json	147.75.38.124 PACKET
General Check archive.org Show headers Download Go to Full URL https://prebid.a-mo.net/a/c Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash 8205573acaf1886cf6bb8e68548b5f7dffb2c29e21147aa101436a8e2066a89d Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Mon, 23 Aug 2021 18:26:56 GMT content-encoding gzip server envoy vary origin, accept-encoding content-type application/json; charset=utf-8 access-control-allow-origin https://ask.fm cache-control max-age=0, private, must-revalidate access-control-allow-credentials true x-envoy-upstream-service-time 13 content-length 356
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	139 B 809 B	80ms 24ms	XHR application/json	185.33.221.15 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 160db1a8b970984d9e0e67a8cb665e932897cb65a57290887cffcbb41bf59088 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Mon, 23 Aug 2021 18:26:56 GMT X-Proxy-Origin 82.102.19.136; 82.102.19.136; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 63151320-df99-4e41-8d7b-a6e0d243fbc4 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://ask.fm Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 139 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	cygnus Show response htlb.casalemedia.com/	25 B 365 B	92ms 48ms	XHR application/json	184.31.84.150 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://htlb.casalemedia.com/cygnus?s=425272&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2211dfc35bed79ab7%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fask.fm%2Flistrain07241%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.2.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2212a9a3dea4e3811%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2212a9a3dea4e3811%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22750x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A750%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2212a9a3dea4e3811%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-31-84-150.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 8b62effc3305b574db8430b90020130065a02131384953f5e983e96d9b3b331a Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 23 Aug 2021 18:26:56 GMT content-encoding gzip x-ak-initial-geo CC:[BE], RC:[], CN:[EU], CIP:[82.102.19.136], XFF:[] server Apache vary Is-Traffic-Invalid,Accept-Encoding content-type application/json access-control-allow-origin https://ask.fm x-cs-client-geo 28 cache-control max-age=0, no-cache, no-store access-control-allow-credentials true content-length 45 x-ak-client-geo 28 expires Mon, 23 Aug 2021 18:26:56 GMT
POST H2	204	openrtb Show response adx.adform.net/adx/	0 402 B	207ms 144ms	XHR text/plain	37.157.6.252 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/openrtb Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.252 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS s1.adform.net Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json Response headers pragma no-cache date Mon, 23 Aug 2021 18:26:57 GMT server nginx access-control-max-age 86400 access-control-allow-methods GET, POST p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin https://ask.fm cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers Content-Type, Cache-Control, Accept-Encoding, X-Requested-With expires -1
OPTIONS H2	200	sid mug.criteo.com/ Frame	0 0	1663ms 1582ms	Preflight application/json	178.250.0.157 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=HzFIP3xuQUJPRFhFU3NPeFBkOExkMWZsdUNuZC9wdGU0aGhVdWh4K0lLZXpqQ2NDM0RMRTNtVG4xeVBHU2ZoZHdEdmRMREFqalJ1aUxuVUM1SVR5VmZ1a3ovRHFrenpJU2JUNEZqVHIzdjc1a3d3MnVmbFN2K09OdVhoK2I2T2prbjIvQm9qOXV2UjNZckFJSUE5cEpJUUdiT3BCdW5UaDFSSytpYkxqOEc2M0N3cE9GNjlobUZQMjVWeGtkMTV2MHdNazdxSEwrYW1vQjBCdTQ1TngxLzR0NTVRPT18&cppv=2 Protocol H2 Server 178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin null User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache content-type application/json; charset=utf-8 expires 0 strict-transport-security max-age=31536000 access-control-allow-origin null access-control-allow-headers content-type access-control-allow-credentials true access-control-allow-methods GET server-processing-duration-in-ticks 1209 date Mon, 23 Aug 2021 18:26:57 GMT content-encoding gzip vary Accept-Encoding
POST H2	200	48953915 Show response mc.yandex.com/webvisor/	43 B 73 B	102ms 102ms	XHR image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=396447626&page-url=https%3A%2F%2Fask.fm%2Flistrain07241&rn=693128871&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1629743219%3Aw%3A1600x1200%3Av%3A624%3Az%3A120%3Ai%3A20210823202658%3Au%3A1629743216944034492%3Avf%3A25rt5xty9edhsiwwad%3Awe%3A1%3Ati%3A2%3Ast%3A1629743219 Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 23 Aug 2021 18:26:58 GMT last-modified Mon, 23-Aug-2021 18:26:58 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Mon, 23-Aug-2021 18:26:58 GMT
POST H2	200	48953915 Show response mc.yandex.com/webvisor/	43 B 157 B	93ms 92ms	XHR image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=396447626&page-url=https%3A%2F%2Fask.fm%2Flistrain07241&rn=890981346&wv-type=5&browser-info=gdpr%3A14%3Aet%3A1629743219%3Aw%3A1600x1200%3Av%3A624%3Az%3A120%3Ai%3A20210823202658%3Au%3A1629743216944034492%3Avf%3A25rt5xty9edhsiwwad%3Awe%3A1%3Ati%3A2%3Ast%3A1629743219 Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 23 Aug 2021 18:26:58 GMT last-modified Mon, 23-Aug-2021 18:26:58 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Mon, 23-Aug-2021 18:26:58 GMT
OPTIONS H2	200	openrtb adx.adform.net/adx/ Frame	0 0	269ms 269ms	Preflight	37.157.6.252 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/openrtb Protocol H2 Server 37.157.6.252 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS s1.adform.net Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://ask.fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers server nginx date Mon, 23 Aug 2021 18:26:59 GMT content-length 0 cache-control private access-control-allow-origin https://ask.fm access-control-allow-credentials true access-control-allow-methods GET, POST access-control-allow-headers Content-Type, Cache-Control, Accept-Encoding, X-Requested-With access-control-max-age 86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" strict-transport-security max-age=31536000; includeSubDomains
GET H2	200	optad360.js Show response serving.stat-rock.com/player/	304 KB 95 KB	211ms 100ms	Script application/javascript	95.217.114.174 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://serving.stat-rock.com/player/optad360.js Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.114.174 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS ap10.adplayer.pro Software nginx / Resource Hash 3ffd3c012ea6753cd0373b0c79c43ab8a1915dd112e15c821ea654e8b01739ed Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 18:26:59 GMT content-encoding gzip last-modified Fri, 18 Jun 2021 08:28:33 GMT server nginx etag W/"60cc5931-4beb9" vary Accept-Encoding content-type application/javascript cache-control public, max-age=600
POST H2	200	prebid-request Show response onetag-sys.com/	15 B 362 B	31ms 31ms	XHR application/json	51.89.9.253 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/prebid-request Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip253.ip-51-89-9.eu Software / Resource Hash 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=15552000 content-encoding gzip p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' access-control-allow-origin https://ask.fm cache-control no-transform, no-cache access-control-allow-credentials true content-type application/json access-control-allow-headers content-type, origin, referer, user-agent content-length 41
POST H2	204	openrtb Show response adx.adform.net/adx/	0 401 B	79ms 78ms	XHR text/plain	37.157.6.252 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/openrtb Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.252 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS s1.adform.net Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json Response headers pragma no-cache date Mon, 23 Aug 2021 18:27:00 GMT server nginx access-control-max-age 86400 access-control-allow-methods GET, POST p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin https://ask.fm cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers Content-Type, Cache-Control, Accept-Encoding, X-Requested-With expires -1
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	139 B 809 B	242ms 242ms	XHR application/json	185.33.221.15 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash ffad711d9b86a3d8125fe280ca9448a7fd4d5ba60889ce7c9a39d70d2e5f7f32 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Mon, 23 Aug 2021 18:26:59 GMT X-Proxy-Origin 82.102.19.136; 82.102.19.136; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid b6305f6d-621e-4424-ab69-b262f3b95368 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://ask.fm Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 139 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	19 B 688 B	20ms 20ms	XHR application/json	185.33.221.15 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Mon, 23 Aug 2021 18:26:59 GMT X-Proxy-Origin 82.102.19.136; 82.102.19.136; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 1e7fe5a9-b23f-4f15-8b6d-2246d7b7ca92 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://ask.fm Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET DATA	200 OK	truncated /	630 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	410 Gone	Cookie set listrain07241 Show response ask.fm/	11 KB 12 KB	408ms 408ms	XHR text/html	193.138.77.142 ASK-FM
General Check archive.org Show headers Download Go to Full URL https://ask.fm/listrain07241 Requested by Host: serving.stat-rock.com URL: https://serving.stat-rock.com/player/optad360.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.138.77.142 , Latvia, ASN395754 (ASK-FM, US), Reverse DNS Software Ask.FM Web Service / Resource Hash bc8ef9cb6471a46d82f112260bc2908fb112202bc24e03e0f48a7f856134a9fe Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host ask.fm Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Accept */* Cache-Control no-cache Sec-Fetch-Dest empty Referer https://ask.fm/listrain07241 Connection keep-alive Referer https://ask.fm/listrain07241 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 23 Aug 2021 18:27:00 GMT X-Content-Type-Options nosniff Server Ask.FM Web Service X-Frame-Options SAMEORIGIN Strict-Transport-Security max-age=63072000 Content-Type text/html; charset=utf-8 Status 410 Gone Cache-Control no-cache Transfer-Encoding chunked Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Set-Cookie locale=en; path=/; expires=Wed, 24 Aug 2022 00:27:00 -0000 uuid=d2491c11-61ea-44a3-92ab-8df5afbbfbb2; path=/; expires=Wed, 24 Aug 2022 00:27:00 -0000; secure; HttpOnly country=BE; path=/; expires=Wed, 24 Aug 2022 00:27:00 -0000 _m_ask_fm_session=UHZxWWxTU09UNVNOMjAySXB1eTFicjRldXJxRldpK3dOdDhIRmw0QmQ3R2hyeEoyM3ozbEhrby96QWNqY01ZdmxkRDBrWHJteFgrNlQ3NkM3U3lqSFBvZXBlZ1haekU1Y0psSGo5ZEFIWTZLK1E5UzVMZTVrN1IwSU1hTm1vUENnQUFzOTJvT2Q4QmJDeHZCcFJSeHp4Ni9EY0xlQzZoU2E3TzhtSnpQZCtLQ05DL2xoR1NhQi9KcTBHSXR0MnJ5d3hNYXJuSFc4Y1hvOExnOTg2ZUhUejg5T2I1b2tPOHRvTWlxVlNOTmpaMkpOem1uZFlpTFZLalVjUUJkaDBpeC0tZTFtM01oN3c2TEdTT29OU3FURVhjdz09--3f3900af89dbbe4e6bdb10646de6470e8ed7dd7d; path=/; expires=Thu, 26 Aug 2021 18:27:00 -0000; secure; HttpOnly X-XSS-Protection 1; mode=block
GET H2	200	1 serving.stat-rock.com/v1/log/js/	35 B 163 B	159ms 71ms	Image image/gif	95.217.114.174 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://serving.stat-rock.com/v1/log/js/1?id=1629743220400.874&type=INIT&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Flistrain07241&t=339&v=91&width=400&z=p%3Adf%3Bv%3AinView%3B&r=0.38689998701159656 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.114.174 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS ap10.adplayer.pro Software nginx / Resource Hash 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540 Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://ask.fm date Mon, 23 Aug 2021 18:27:00 GMT srvf 95.217.114.174 server nginx srvb 127.0.0.1:8082 content-length 35 content-type image/gif
GET H2	200	1 serving.stat-rock.com/v1/log/js/	35 B 162 B	159ms 71ms	Image image/gif	95.217.114.174 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://serving.stat-rock.com/v1/log/js/1?id=1629743220400.874&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Flistrain07241&t=346&v=91&width=400&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.6929938511033664 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.114.174 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS ap10.adplayer.pro Software nginx / Resource Hash 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540 Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://ask.fm date Mon, 23 Aug 2021 18:27:00 GMT srvf 95.217.114.174 server nginx srvb 127.0.0.1:8082 content-length 35 content-type image/gif
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/dmp/ Frame 2E68	52 KB 17 KB	111ms 48ms	Document text/html	2.18.232.130 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-232-130.deploy.static.akamaitechnologies.com Software nginx/1.13.10 / Resource Hash 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://ask.fm/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers Last-Modified Wed, 02 Dec 2020 20:56:47 GMT ETag "5fc7ff8f-cf34" Server nginx/1.13.10 Access-Control-Allow-Origin * Content-Type text/html Content-Encoding gzip Content-Length 17053 Cache-Control max-age=86402 Expires Tue, 24 Aug 2021 18:27:02 GMT Date Mon, 23 Aug 2021 18:27:00 GMT Connection keep-alive Vary Accept-Encoding
GET H2	200	/ Show response onetag-sys.com/usync/ Frame B156	2 KB 823 B	25ms 24ms	Document text/html	51.89.9.253 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/usync/?cb=1629743219827 Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip253.ip-51-89-9.eu Software / Resource Hash 37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers :method GET :authority onetag-sys.com :scheme https :path /usync/?cb=1629743219827 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ask.fm/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers content-type text/html cache-control no-transform, no-cache content-encoding gzip content-length 731 strict-transport-security max-age=15552000
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/dmp/ Frame 0FF1	52 KB 17 KB	1730ms 1620ms	Document text/html	2.18.232.130 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-232-130.deploy.static.akamaitechnologies.com Software nginx/1.13.10 / Resource Hash 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://ask.fm/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers Last-Modified Wed, 02 Dec 2020 20:56:47 GMT ETag "5fc7ff8f-cf34" Server nginx/1.13.10 Access-Control-Allow-Origin * Content-Type text/html Content-Encoding gzip Content-Length 17053 Cache-Control max-age=86402 Expires Tue, 24 Aug 2021 18:27:02 GMT Date Mon, 23 Aug 2021 18:27:00 GMT Connection keep-alive Vary Accept-Encoding
GET H2	200	apacdex Show response sync.quantumdex.io/usersync/ Frame 5E51	3 KB 1 KB	137ms 129ms	Document text/html	2606:4700:20::ac43:47f1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sync.quantumdex.io/usersync/apacdex Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b0eb58434e68fac619c9e550e9a59e75f7215542f662725e3a27fbea15ca5d5f Request headers :method GET :authority sync.quantumdex.io :scheme https :path /usersync/apacdex pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ask.fm/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers date Mon, 23 Aug 2021 18:27:00 GMT content-type text/html set-cookie uid=c99b9295-7e07-4d09-a069-a2641a363cc0; expires=Sun, 12 Sep 2021 18:27:00 GMT; domain=quantumdex.io; path=/; secure; SameSite=None cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pHrfPFnrQpdh57V%2BzJCGPILdB2O%2F6DRtFSym6F8OJmEJV7uTZuFIfr3nLkc1qfJn%2BmkZtpG5LFsvIQ%2FE0eKunzsDxvxAzUyC%2BxNLPbNw%2Bzce6ZN%2FY%2FCFxAa0OhsyTZCLEmVHURHowksQcR4UB3VkPg%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 683664791f71c2e5-FRA content-encoding br
GET H/1.1	200 OK	ixmatch.html Show response js-sec.indexww.com/um/ Frame EADF	2 KB 1 KB	149ms 85ms	Document text/html	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://js-sec.indexww.com/um/ixmatch.html Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c Request headers Host js-sec.indexww.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://ask.fm/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers Server Apache Last-Modified Thu, 11 Feb 2021 16:12:45 GMT ETag "e20015-90b-5bb11ca420f07" Accept-Ranges bytes P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type text/html; charset=UTF-8 Vary Accept-Encoding Content-Encoding gzip Content-Length 1151 Date Mon, 23 Aug 2021 18:27:00 GMT Connection keep-alive
GET H2	200	/ Show response onetag-sys.com/usync/ Frame B07D	2 KB 823 B	225ms 224ms	Document text/html	51.89.9.253 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/usync/?cb=1629743217178 Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip253.ip-51-89-9.eu Software / Resource Hash 37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers :method GET :authority onetag-sys.com :scheme https :path /usync/?cb=1629743217178 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ask.fm/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers content-type text/html cache-control no-transform, no-cache content-encoding gzip content-length 731 strict-transport-security max-age=15552000
GET H2	204	setuid prebid.a-mo.net/ Redirect Chain https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D138f7b85-7e8b-4738-81d3-df4c74ca799f%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D138f7b85-7e8b-4738-81d3-df4c74ca799f%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID https://prebid.a-mo.net/setuid?A=138f7b85-7e8b-4738-81d3-df4c74ca799f&D=&bidder=pubmatic&uid=AFBDC61D-23A6-4682-AE19-B7A973372CA7	0 158 B	92ms 92ms	Image text/plain	147.75.38.124 PACKET
General Check archive.org Show headers Download Go to Show image Full URL https://prebid.a-mo.net/setuid?A=138f7b85-7e8b-4738-81d3-df4c74ca799f&D=&bidder=pubmatic&uid=AFBDC61D-23A6-4682-AE19-B7A973372CA7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 18:27:00 GMT cache-control max-age=0, private, must-revalidate x-envoy-upstream-service-time 1 server envoy vary Accept-Encoding Redirect headers location https://prebid.a-mo.net/setuid?A=138f7b85-7e8b-4738-81d3-df4c74ca799f&D=&bidder=pubmatic&uid=AFBDC61D-23A6-4682-AE19-B7A973372CA7 date Mon, 23 Aug 2021 18:26:59 GMT cache-control no-store, no-cache, private server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H2	204	setuid prebid.a-mo.net/ Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D138f7b85-7e8b-4738-81d3-df4c74ca799f%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D138f7b85-7e8b-4738-81d3-df4c74ca799f%2526D%253D%2526bidder%253Dappnexus%2526uid%253D%2524UID https://prebid.a-mo.net/setuid?A=138f7b85-7e8b-4738-81d3-df4c74ca799f&D=&bidder=appnexus&uid=5821560265530307012	0 115 B	94ms 94ms	Image text/plain	147.75.38.124 PACKET
General Check archive.org Show headers Download Go to Show image Full URL https://prebid.a-mo.net/setuid?A=138f7b85-7e8b-4738-81d3-df4c74ca799f&D=&bidder=appnexus&uid=5821560265530307012 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 18:27:00 GMT cache-control max-age=0, private, must-revalidate x-envoy-upstream-service-time 3 server envoy vary Accept-Encoding Redirect headers Pragma no-cache Date Mon, 23 Aug 2021 18:27:00 GMT X-Proxy-Origin 82.102.19.136; 82.102.19.136; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 0fbcda8c-1646-494a-8593-7df850af65b3 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://prebid.a-mo.net/setuid?A=138f7b85-7e8b-4738-81d3-df4c74ca799f&D=&bidder=appnexus&uid=5821560265530307012 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	204	/ onetag-sys.com/usync/	0 52 B	26ms 23ms	Image text/plain	51.89.9.253 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/usync/?tag=img Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip253.ip-51-89-9.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000 cache-control no-cache, no-transform
GET H2	204	verizon_video prebid.a-mo.net/setuid/ Redirect Chain https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=138f7b85-7e8b-4738-81d3-df4c74ca799f https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=138f7b85-7e8b-4738-81d3-df4c74ca799f&verify=true https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=138f7b85-7e8b-4738-81d3-df4c74ca799f&apid=UPb4eeeb44-043f-11ec-9961-06778dd1898e https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=138f7b85-7e8b-4738-81d3-df4c74ca799f&apid=UPb4eeeb44-043f-11ec-9961-06778dd1898e&verify=true https://prebid.a-mo.net/setuid/verizon_video?uid=UPb4eeeb44-043f-11ec-9961-06778dd1898e&gdpr=0&gdpr_consent=	0 124 B	107ms 107ms	Image text/plain	147.75.38.124 PACKET
General Check archive.org Show headers Download Go to Show image Full URL https://prebid.a-mo.net/setuid/verizon_video?uid=UPb4eeeb44-043f-11ec-9961-06778dd1898e&gdpr=0&gdpr_consent= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 18:27:00 GMT cache-control max-age=0, private, must-revalidate x-envoy-upstream-service-time 2 server envoy vary Accept-Encoding Redirect headers Date Mon, 23 Aug 2021 18:27:00 GMT Server ATS/7.1.2.138 Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Location https://prebid.a-mo.net/setuid/verizon_video?uid=UPb4eeeb44-043f-11ec-9961-06778dd1898e&gdpr=0&gdpr_consent= Connection keep-alive Content-Length 0
GET H2	204	setuid prebid.a-mo.net/ Redirect Chain https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D138f7b85-7e8b-4738-81d3-df4c74ca799f%26D%3D%26bidder%3Dindex_rtb%26uid%3D https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D138f7b85-7e8b-4738-81d3-df4c74ca799f%26D%3D%26bidder%3Dindex_rtb%26uid%3D&s=191503&C=1 https://prebid.a-mo.net/setuid?A=138f7b85-7e8b-4738-81d3-df4c74ca799f&D=&bidder=index_rtb&uid=YSPodGMdlkMzfq8mfXktEwAA%261114	0 141 B	94ms 94ms	Image text/plain	147.75.38.124 PACKET
General Check archive.org Show headers Download Go to Show image Full URL https://prebid.a-mo.net/setuid?A=138f7b85-7e8b-4738-81d3-df4c74ca799f&D=&bidder=index_rtb&uid=YSPodGMdlkMzfq8mfXktEwAA%261114 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 18:26:59 GMT cache-control max-age=0, private, must-revalidate x-envoy-upstream-service-time 3 server envoy vary Accept-Encoding Redirect headers Pragma no-cache Date Mon, 23 Aug 2021 18:27:00 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://prebid.a-mo.net/setuid?A=138f7b85-7e8b-4738-81d3-df4c74ca799f&D=&bidder=index_rtb&uid=YSPodGMdlkMzfq8mfXktEwAA%261114 Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 321 Expires Mon, 23 Aug 2021 18:27:00 GMT
GET H2	204	setuid prebid.a-mo.net/ Redirect Chain https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D138f7b85-7e8b-4738-81d3-df4c74ca799f%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D138f7b85-7e8b-4738-81d3-df4c74ca799f%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true https://prebid.a-mo.net/setuid?A=138f7b85-7e8b-4738-81d3-df4c74ca799f&D=&bidder=sovrn&uid=3171cee3cac5f282ada41c8f	0 118 B	136ms 136ms	Image text/plain	147.75.38.124 PACKET
General Check archive.org Show headers Download Go to Show image Full URL https://prebid.a-mo.net/setuid?A=138f7b85-7e8b-4738-81d3-df4c74ca799f&D=&bidder=sovrn&uid=3171cee3cac5f282ada41c8f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 18:27:00 GMT cache-control max-age=0, private, must-revalidate x-envoy-upstream-service-time 2 server envoy vary Accept-Encoding Redirect headers Date Mon, 23 Aug 2021 18:27:00 GMT Server nginx Location https://prebid.a-mo.net/setuid?A=138f7b85-7e8b-4738-81d3-df4c74ca799f&D=&bidder=sovrn&uid=3171cee3cac5f282ada41c8f Access-Control-Allow-Methods GET, POST, DELETE, PUT Access-Control-Allow-Origin * Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap7ams1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 0
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame 2E68	0 731 B	19ms 19ms	Script text/html	185.33.221.15 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Mon, 23 Aug 2021 18:27:00 GMT X-Proxy-Origin 82.102.19.136; 82.102.19.136; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid def3e025-8fe8-4a0b-a591-35c8b6f63f42 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	200	48953915 Show response mc.yandex.com/webvisor/	43 B 145 B	143ms 48ms	XHR image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=2&wv-hit=396447626&page-url=https%3A%2F%2Fask.fm%2Flistrain07241&rn=327356515&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1629743221%3Aw%3A1600x1200%3Av%3A624%3Az%3A120%3Ai%3A20210823202700%3Au%3A1629743216944034492%3Avf%3A25rt5xty9edhsiwwad%3Awe%3A1%3Ati%3A2%3Ast%3A1629743221 Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 23 Aug 2021 18:27:00 GMT last-modified Mon, 23-Aug-2021 18:27:00 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Mon, 23-Aug-2021 18:27:00 GMT
GET H2	200	setuid sync.quantumdex.io/ Frame 5E51 Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5821560265530307012	43 B 335 B	140ms 140ms	Image image/gif	2606:4700:20::ac43:47f1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5821560265530307012 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 18:27:00 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FK9ka6cC2LmKhihGDoNhOJ900klIU6sb92wnDM1ojPxUb6Qan4r8cwtqFGYRTAvEAjDB%2FtRqxHj%2BcMID8plKWQ0sIvKNnOvOPInpm270rezgmj7tUT6fVCJA4nDOpHgVR2LsCgn1OXsotQu6wfjkkQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 6836647a1908c2e5-FRA content-length 43 Redirect headers Pragma no-cache Date Mon, 23 Aug 2021 18:27:00 GMT X-Proxy-Origin 82.102.19.136; 82.102.19.136; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 39ef33bd-0b75-4e59-a5d1-873c5c350587 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5821560265530307012 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	us sync.go.sonobi.com/ Frame 5E51	0 474 B	166ms 19ms	Image text/plain	178.162.133.149 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-sync.go.sonobi.com Software sonobi-go / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Mon, 23 Aug 2021 18:27:00 GMT Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-9 P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache, no-store, private Tcn Choice Content-Type text/plain; charset=utf8 Content-Length 0 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200	1.gif id5-sync.com/c/495/0/0/ Frame 5E51 Redirect Chain https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=	43 B 1 KB	52ms 51ms	Image image/gif	51.195.5.40 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent= Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.195.5.40 , France, ASN16276 (OVH, FR), Reverse DNS p17.id5-sync.com Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 23 Aug 2021 18:26:59 GMT Transfer-Encoding chunked Content-Type image/gif;charset=UTF-8 Strict-Transport-Security max-age=63072000; includeSubDomains; preload P3P CP="CAO PSA OUR" Redirect headers Location https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent= Date Mon, 23 Aug 2021 18:26:59 GMT Transfer-Encoding chunked Strict-Transport-Security max-age=63072000; includeSubDomains; preload P3P CP="CAO PSA OUR"
GET H2	200	setuid sync.quantumdex.io/ Frame 5E51 Redirect Chain https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true https://sync.quantumdex.io/setuid?bidder=sovrn&uid=12907025312ecaadc24dacec	43 B 328 B	135ms 134ms	Image image/gif	2606:4700:20::ac43:47f1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=sovrn&uid=12907025312ecaadc24dacec Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 18:27:01 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W4bAuwbdJMYk%2FkRc2AjX8ZS7kd0NdIY6tVNEwh4wau6S%2FlP1Nzf%2BwE4l3QQw60mnRZJs8a9hgjzKQn4hUd%2FA6xiWpQ6Xvu0vWCE9MgGJretZa8CdVjH7YLqa7NW1L0EhfGGlrBOztHU25BO77%2FqcoQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 6836647f18fbc2e5-FRA content-length 43 Redirect headers Date Mon, 23 Aug 2021 18:27:01 GMT Server nginx Location https://sync.quantumdex.io/setuid?bidder=sovrn&uid=12907025312ecaadc24dacec Access-Control-Allow-Methods GET, POST, DELETE, PUT Access-Control-Allow-Origin * Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap7ams1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 0
GET H2	200	setuid sync.quantumdex.io/ Frame 5E51 Redirect Chain https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=bf33e829-197a-4448-9e1e-7d606fc4f659	43 B 330 B	130ms 130ms	Image image/gif	2606:4700:20::ac43:47f1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=bf33e829-197a-4448-9e1e-7d606fc4f659 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 18:27:01 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oRSRZcrDyp%2B7b3u4QgRkrKVntV68YHqSY0qNXxadjAHOeWJG2LwAPKz%2FvnjPobPe4YcLbvXH9PX3%2FdY%2FmXTt0BV2FSAZZOl8c1jhgALOQv2I3hGiscu3noQTRRDcV%2FxmcJxZwRO8RQAhD56Xn%2BWA3A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 6836647c2c60c2e5-FRA content-length 43 Redirect headers location https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=bf33e829-197a-4448-9e1e-7d606fc4f659 date Mon, 23 Aug 2021 18:27:01 GMT content-length 0
GET H2	200	setuid sync.quantumdex.io/ Frame 5E51 Redirect Chain https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPb4eeeb44-043f-11ec-9961-06778dd1898e https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPb4eeeb44-043f-11ec-9961-06778dd1898e&verify=true https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPb4eeeb44-043f-11ec-9961-06778dd1898e	43 B 322 B	129ms 128ms	Image image/gif	2606:4700:20::ac43:47f1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPb4eeeb44-043f-11ec-9961-06778dd1898e Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 18:27:01 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gXBI7%2FSLt0E40v1pa40cPDaN887GTSYTR7yoNNx9HrQAsRjIdGs92k06Tozaog02fK5elI3giMUAgAlsyOhU2222Iv%2Btk1UiR85ysxfwXiZMJHfISQf9TQjEE2fjlq4OpgkcYMs0hJFkOgm%2FMcIQdg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 6836647b6b27c2e5-FRA content-length 43 Redirect headers Date Mon, 23 Aug 2021 18:27:01 GMT Server ATS/7.1.2.138 Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Location https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPb4eeeb44-043f-11ec-9961-06778dd1898e Connection keep-alive Content-Length 0
GET H2	200	setuid sync.quantumdex.io/ Frame 5E51 Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5821560265530307012	43 B 480 B	206ms 205ms	Image image/gif	2606:4700:20::ac43:47f1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5821560265530307012 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 18:27:01 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0MlqoP3sM%2BtCWUpXvNcl9o27LQ9sKYwms%2Bx9Eyp3xOtthIWU2sp3zKNHT7NGcaW335oyNhiJSVniMjzL%2FT1S%2FGJTiewZlNpL8QQkKwvi3zFyj6q0kmUqMkW6d2gi8bG4wxBN1pZQPUy%2BbRg0bf7HOw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 6836647b9b8ec2e5-FRA content-length 43 Redirect headers Pragma no-cache Date Mon, 23 Aug 2021 18:27:00 GMT X-Proxy-Origin 82.102.19.136; 82.102.19.136; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid caf4c0b9-53a0-4df7-b37c-21370b07cdbf Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5821560265530307012 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	setuid sync.quantumdex.io/ Frame 5E51 Redirect Chain https://ms.quantumdex.io/user/sync/quantumdex https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=7d6a861a-7dc3-4384-a888-41bf43e06c64	43 B 325 B	133ms 132ms	Image image/gif	2606:4700:20::ac43:47f1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=7d6a861a-7dc3-4384-a888-41bf43e06c64 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 18:27:01 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2BuT3b0%2Br9HBJgXRu7SbmT24ogFMtvcroYiTZqpIf01idrzISTdo0jt%2B6R0sE5OjwpiMs2jOQyX7KQZxQiX8uJejUcvUTMvSsU4IVbqMAFO25hmZIf1RJppJllHqtcigjcNqJXLznHfxQZwZKvaNgQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 6836647a99c8c2e5-FRA content-length 43 Redirect headers date Mon, 23 Aug 2021 18:27:00 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=olKDQjXy7u4a2P3ExLgPf%2B0KKF5h6VIEZyO3fewbKMO6RDsi9YuEDT7o%2FMTkCjdvLhQghO2kW0RrqBnd1PeRZ6YGl3GffDqknL718utPqKIpwlX1cjA2vBMN%2F1T%2FbghRNIAIePbH6yJPvIJYk3I%3D"}],"group":"cf-nel","max_age":604800} location https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=7d6a861a-7dc3-4384-a888-41bf43e06c64 cf-ray 6836647a08f0c2e5-FRA content-length 0
GET H2	200	setuid sync.quantumdex.io/ Frame 5E51 Redirect Chain https://ups.analytics.yahoo.com/ups/58424/occ https://ups.analytics.yahoo.com/ups/58424/occ?verify=true https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-YUQQfKRE2uF9gRwGCTaHRgtMZ37aH7o1VblG3Tg-~A	43 B 319 B	128ms 128ms	Image image/gif	2606:4700:20::ac43:47f1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-YUQQfKRE2uF9gRwGCTaHRgtMZ37aH7o1VblG3Tg-~A Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 18:27:01 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5TJ9B7iIrqpHQZwRiC7CSoQVdNcWb5iNzl0mnjT5dHaBiA0c7Thi2eiOfQid4olPfIXpqtSIdlbKUuhr2gGYl6NB2LxG73Df9GsngT0Zo1Cv5LtmAOTnDEwa3Vou2v38SK9TELLXrLGMU5J3pS6zew%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 6836647b9b7dc2e5-FRA content-length 43 Redirect headers Date Mon, 23 Aug 2021 18:27:01 GMT Server ATS/7.1.2.138 Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Location https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-YUQQfKRE2uF9gRwGCTaHRgtMZ37aH7o1VblG3Tg-~A Connection keep-alive Content-Length 0
GET H/1.1	200 OK	Cookie set usermatch Show response ssum-sec.casalemedia.com/ Frame 17BE	2 KB 3 KB	99ms 39ms	Document text/html	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 66f0780a5faa2e6b4a6cf070c18db84c28d7a9cceb5aac62d46391d1d08933a4 Request headers Host ssum-sec.casalemedia.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://sync.quantumdex.io/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie CMID=YSPodGMdlkMzfq8mfXktEwAA; CMPS=1132 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://sync.quantumdex.io/ Response headers Server Apache Content-Type text/html Dropped-Udsids 241|45|39|230|90|191|88|4 P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Vary Is-Traffic-Usersync Content-Length 1821 Expires Mon, 23 Aug 2021 18:27:00 GMT Cache-Control max-age=0, no-cache, no-store Pragma no-cache Date Mon, 23 Aug 2021 18:27:00 GMT Connection keep-alive Set-Cookie CMID=YSPodGMdlkMzfq8mfXktEwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 23 Aug 2022 18:27:00 GMT CMPS=1132;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 21 Nov 2021 18:27:00 GMT CMPRO=1114;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 21 Nov 2021 18:27:00 GMT CMRUM3=046123e87405a0&5a6123e87405a0&f16123e87405a0&276123e8740b40&586123e87405a0&bf6123e87405a0&2d6123e87405a0&e66123e8742760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 23 Aug 2022 18:27:00 GMT CMST=YSPodGEj6HQA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 24 Aug 2021 18:27:00 GMT
GET H/1.1	200 OK	Cookie set uc.html Show response sync.go.sonobi.com/ Frame 2BF9	43 B 555 B	144ms 20ms	Document text/html	178.162.133.149 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-sync.go.sonobi.com Software sonobi-go / Resource Hash bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25 Security Headers Name Value X-Xss-Protection 0 Request headers Host sync.go.sonobi.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://sync.quantumdex.io/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://sync.quantumdex.io/ Response headers Date Mon, 23 Aug 2021 18:27:00 GMT Content-Type text/html Transfer-Encoding chunked Expires Sat, 26 Jul 1997 05:00:00 GMT Cache-Control no-cache, no-store, private P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Pragma no-cache Tcn Choice Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-129 X-Xss-Protection 0 Content-Encoding gzip Server sonobi-go Set-Cookie HAPLB5S=s57129|YSPod; path=/; domain=.go.sonobi.com
GET H2	200	user_sync.html Show response ads.pubmatic.com/AdServer/js/ Frame 7269	14 KB 5 KB	1061ms 1000ms	Document text/html	2.18.233.180 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-233-180.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba Request headers :method GET :authority ads.pubmatic.com :scheme https :path /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://sync.quantumdex.io/ accept-encoding gzip, deflate, br accept-language en-US cookie KTPCACOOKIE=true; KADUSERCOOKIE=AFBDC61D-23A6-4682-AE19-B7A973372CA7 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://sync.quantumdex.io/ Response headers last-modified Tue, 15 Jun 2021 06:08:03 GMT etag "1300708-3945-5c4c7cc02bd56" server Apache/2.2.15 (CentOS) accept-ranges bytes content-encoding gzip p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 5054 content-type text/html; charset=UTF-8 cache-control max-age=116076 expires Wed, 25 Aug 2021 02:41:36 GMT date Mon, 23 Aug 2021 18:27:00 GMT vary Accept-Encoding
GET H2	200	/ Show response onetag-sys.com/usync/ Frame EB09	2 KB 823 B	83ms 83ms	Document text/html	51.89.9.253 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/usync/?pubId=2bb78272a859ca6 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip253.ip-51-89-9.eu Software / Resource Hash 37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers :method GET :authority onetag-sys.com :scheme https :path /usync/?pubId=2bb78272a859ca6 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://sync.quantumdex.io/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://sync.quantumdex.io/ Response headers content-type text/html cache-control no-transform, no-cache content-encoding gzip content-length 731 strict-transport-security max-age=15552000
GET H/1.1	200 OK	Cookie set usermatch Show response ssum-sec.casalemedia.com/ Frame D8A9	2 KB 3 KB	98ms 40ms	Document text/html	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/um/ixmatch.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 7beddd41bd8ffeccc89d99d917f15c8fe4525af43c7e37716e939eba92217614 Request headers Host ssum-sec.casalemedia.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://js-sec.indexww.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie CMID=YSPodGMdlkMzfq8mfXktEwAA; CMPS=1132 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://js-sec.indexww.com/ Response headers Server Apache Content-Type text/html Dropped-Udsids 45|241|230|39|10|152|64|3 P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Vary Is-Traffic-Usersync Content-Length 1713 Expires Mon, 23 Aug 2021 18:27:00 GMT Cache-Control max-age=0, no-cache, no-store Pragma no-cache Date Mon, 23 Aug 2021 18:27:00 GMT Connection keep-alive Set-Cookie CMID=YSPodGMdlkMzfq8mfXktEwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 23 Aug 2022 18:27:00 GMT CMPS=1132;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 21 Nov 2021 18:27:00 GMT CMPRO=1114;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 21 Nov 2021 18:27:00 GMT CMRUM3=2d6123e87405a0&e66123e8742760&0a6123e87427600&276123e8740b40&f16123e87405a0&986123e87405a00&406123e87405a0&036123e87405a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 23 Aug 2022 18:27:00 GMT CMST=YSPodGEj6HQA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 24 Aug 2021 18:27:00 GMT
GET H/1.1	410 Gone	Cookie set listrain07241 Show response ask.fm/	11 KB 12 KB	188ms 187ms	XHR text/html	193.138.77.142 ASK-FM
General Check archive.org Show headers Download Go to Full URL https://ask.fm/listrain07241 Requested by Host: serving.stat-rock.com URL: https://serving.stat-rock.com/player/optad360.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.138.77.142 , Latvia, ASN395754 (ASK-FM, US), Reverse DNS Software Ask.FM Web Service / Resource Hash bb148fb83c14e7ba5aaf62a20c68bc5d27d96715fdf94d1376f7608a3a69693a Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host ask.fm Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Accept */* Cache-Control no-cache Sec-Fetch-Dest empty Referer https://ask.fm/listrain07241 Cookie locale=en; uuid=d2491c11-61ea-44a3-92ab-8df5afbbfbb2; country=BE; _m_ask_fm_session=UHZxWWxTU09UNVNOMjAySXB1eTFicjRldXJxRldpK3dOdDhIRmw0QmQ3R2hyeEoyM3ozbEhrby96QWNqY01ZdmxkRDBrWHJteFgrNlQ3NkM3U3lqSFBvZXBlZ1haekU1Y0psSGo5ZEFIWTZLK1E5UzVMZTVrN1IwSU1hTm1vUENnQUFzOTJvT2Q4QmJDeHZCcFJSeHp4Ni9EY0xlQzZoU2E3TzhtSnpQZCtLQ05DL2xoR1NhQi9KcTBHSXR0MnJ5d3hNYXJuSFc4Y1hvOExnOTg2ZUhUejg5T2I1b2tPOHRvTWlxVlNOTmpaMkpOem1uZFlpTFZLalVjUUJkaDBpeC0tZTFtM01oN3c2TEdTT29OU3FURVhjdz09--3f3900af89dbbe4e6bdb10646de6470e8ed7dd7d Connection keep-alive Referer https://ask.fm/listrain07241 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 23 Aug 2021 18:27:00 GMT X-Content-Type-Options nosniff Server Ask.FM Web Service X-Frame-Options SAMEORIGIN Strict-Transport-Security max-age=63072000 Content-Type text/html; charset=utf-8 Status 410 Gone Cache-Control no-cache Transfer-Encoding chunked Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Set-Cookie locale=en; path=/; expires=Wed, 24 Aug 2022 00:27:00 -0000 _m_ask_fm_session=ekNOV0U3ZWNJL2c5Q1RYektaREdRSnJNb1pJOFp3RXJSalB4SGVFOEdkK1FrVGlESnVwRmh6TWFJaiswQ0xBSDNsbTE4R3pqdHowTGhlMGFJamhiZk03d1M2UVpaUDRtaG9kMVloWkI4ZVMycitILzdEa01MNk5lVXRRR25adGVxMFRoeGR6T0xDbU5UakxpVHkwWkpYRW83MmlEN0ZnMUlkZjhhQ2lPcGkvY2FaYldocmIxaHFCV1Rzb0JYYUtNQTJYQmxCR0dCOThWeWdZektYY3BSRzQwYXpPTWIrVUJjNFBUODdWR1hFdmRUaVdBTDFnNkFKcjhlMnMycXJ3dS0tTUdzMUtTTjBuTHpiQzZuaXdUZUUzdz09--739ac0e27d7d57002db55d99af06e1906cd7fd96; path=/; expires=Thu, 26 Aug 2021 18:27:00 -0000; secure; HttpOnly X-XSS-Protection 1; mode=block
GET H2	200	1 serving.stat-rock.com/v1/log/js/	35 B 162 B	45ms 45ms	Image image/gif	95.217.114.174 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://serving.stat-rock.com/v1/log/js/1?d=1&id=1629743220400.874&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Flistrain07241&t=758&v=91&width=400&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.45040477994603223 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.114.174 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS ap10.adplayer.pro Software nginx / Resource Hash 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540 Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://ask.fm date Mon, 23 Aug 2021 18:27:00 GMT srvf 95.217.114.174 server nginx srvb 127.0.0.1:8082 content-length 35 content-type image/gif
GET H/1.1	200 OK	dcm s.amazon-adsystem.com/ Frame 17BE Redirect Chain https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSPodGMdlkMzfq8mfXktEwAABFoAAAAB https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSPodGMdlkMzfq8mfXktEwAABFoAAAAB&dcc=t	43 B 645 B	429ms 324ms	Image image/gif	52.46.154.242 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSPodGMdlkMzfq8mfXktEwAABFoAAAAB&dcc=t Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Mon, 23 Aug 2021 18:27:01 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid SXF9TN7AHX30M9AG5T1P Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Mon, 23 Aug 2021 18:27:01 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid TS4EW7ZHYPEHB7DEXKDW Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSPodGMdlkMzfq8mfXktEwAABFoAAAAB&dcc=t Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame 17BE Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YSPodGMdlkMzfq8mfXktEwAA https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL7_tS0KYDZCZGAljog-1Aw&google_cver=1&gdpr=1	43 B 999 B	42ms 41ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL7_tS0KYDZCZGAljog-1Aw&google_cver=1&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Mon, 23 Aug 2021 18:27:01 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Mon, 23 Aug 2021 18:27:01 GMT Redirect headers pragma no-cache date Mon, 23 Aug 2021 18:27:01 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL7_tS0KYDZCZGAljog-1Aw&google_cver=1&gdpr=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 325 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	casale match.adsrvr.org/track/cmf/ Frame 17BE	70 B 264 B	217ms 133ms	Image image/gif	76.223.111.131 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YSPodGMdlkMzfq8mfXktEwAA&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 76.223.111.131 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a97adde81b00f2ca4.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 23 Aug 2021 18:27:01 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H/1.1	200 OK	usermatchredir ssum-sec.casalemedia.com/ Frame 17BE Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YSPodGMdlkMzfq8mfXktEwAABFoAAAAB&gdpr_consent=&us_privacy=&gdpr=1 https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YSPodGMdlkMzfq8mfXktEwAABFoAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEP-BtiriEGlddhMBH9qebyo&google_cver=1	43 B 315 B	471ms 470ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEP-BtiriEGlddhMBH9qebyo&google_cver=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Mon, 23 Aug 2021 18:27:01 GMT Server Apache Vary Is-Traffic-Usersync Content-Type image/gif Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 43 Expires Mon, 23 Aug 2021 18:27:01 GMT Redirect headers pragma no-cache date Mon, 23 Aug 2021 18:27:01 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEP-BtiriEGlddhMBH9qebyo&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 343 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	no_match_opted_out um.simpli.fi/ Frame 17BE Redirect Chain https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 https://um.simpli.fi/no_match_opted_out	0 272 B	28ms 28ms	Image text/plain	169.50.137.190 SOFTLAYER
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/no_match_opted_out Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 169.50.137.190 , United States, ASN36351 (SOFTLAYER, US), Reverse DNS be.89.32a9.ip4.static.sl-reverse.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Mon, 23 Aug 2021 18:27:01 GMT x-content-type-options nosniff access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type strict-transport-security max-age=63072000; includeSubdomains; preload access-control-allow-methods GET, POST, OPTIONS Redirect headers date Mon, 23 Aug 2021 18:27:00 GMT x-content-type-options nosniff server nginx location /no_match_opted_out strict-transport-security max-age=63072000; includeSubdomains; preload access-control-allow-methods GET, POST, OPTIONS content-type text/html access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 154 expires Sun, 22 Aug 2021 18:27:00 GMT
GET H2	200	index dmp.brand-display.com/cm/api/ Frame 17BE	43 B 253 B	3763ms 3255ms	Image image/gif	35.241.40.233 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 233.40.241.35.bc.googleusercontent.com Software nginx/1.20.1 / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 23 Aug 2021 18:27:04 GMT via 1.1 google last-modified Mon, 23 Aug 2021 18:27:04 GMT server nginx/1.20.1 content-type image/gif cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 alt-svc clear content-length 43 expires Mon, 23 Aug 2021 18:27:05 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 17BE Redirect Chain https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YSPodQADwC6Y1wBg https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YSPodQADwC6Y1wBg&gdpr=1&_test=YSPodQADwC6Y1wBg	43 B 988 B	726ms 725ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YSPodQADwC6Y1wBg&gdpr=1&_test=YSPodQADwC6Y1wBg Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Mon, 23 Aug 2021 18:27:02 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Mon, 23 Aug 2021 18:27:02 GMT Redirect headers pragma no-cache date Mon, 23 Aug 2021 18:27:01 GMT via 1.1 varnish server Varnish x-timer S1629743221.275923,VS0,VE0 x-served-by cache-fra19162-FRA x-cache HIT location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YSPodQADwC6Y1wBg&gdpr=1&_test=YSPodQADwC6Y1wBg cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 17BE Redirect Chain https://ad.turn.com/r/cs?pid=21&gdpr=1 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7182825396338177316	43 B 1 KB	93ms 35ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7182825396338177316 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Mon, 23 Aug 2021 18:27:01 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Mon, 23 Aug 2021 18:27:01 GMT Redirect headers location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7182825396338177316 pragma no-cache date Mon, 23 Aug 2021 18:27:00 GMT cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 content-length 0 p3p policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
GET H2	200	setuid sync.quantumdex.io/ Frame 17BE	43 B 355 B	133ms 132ms	Image image/gif	2606:4700:20::ac43:47f1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=ix&uid=YSPodGMdlkMzfq8mfXktEwAABFoAAAAB Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 18:27:01 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2F%2FayI%2BdY0N6%2BFY87I5AIY36qzQXs0cKXqfJjQ1D3YYf33kWSJ2dj5OqseQyutr3lr4xUrEds%2B%2FlLfHTIPEmGIuRjA37Q52ezBBdHe8nHlUnrWuE89ZLfyAF%2FSiJLBxRzVTYsqYTdtnDSzWAQIRKxw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 6836647a99bfc2e5-FRA content-length 43
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame D8A9 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YSPodGMdlkMzfq8mfXktEwAA https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG7zxbIl17AlcUnRIGQBWic&google_cver=1&gdpr=1	43 B 999 B	487ms 487ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG7zxbIl17AlcUnRIGQBWic&google_cver=1&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Mon, 23 Aug 2021 18:27:01 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Mon, 23 Aug 2021 18:27:01 GMT Redirect headers pragma no-cache date Mon, 23 Aug 2021 18:27:01 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG7zxbIl17AlcUnRIGQBWic&google_cver=1&gdpr=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 325 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	dcm s.amazon-adsystem.com/ Frame D8A9 Redirect Chain https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSPodGMdlkMzfq8mfXktEwAABFoAAAAB https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSPodGMdlkMzfq8mfXktEwAABFoAAAAB&dcc=t	43 B 645 B	431ms 105ms	Image image/gif	52.46.154.242 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSPodGMdlkMzfq8mfXktEwAABFoAAAAB&dcc=t Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Mon, 23 Aug 2021 18:27:01 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid 950QBV85TW7QMD7QFYC9 Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Mon, 23 Aug 2021 18:27:01 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid GY248SN45XCD9P4SDVHY Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSPodGMdlkMzfq8mfXktEwAABFoAAAAB&dcc=t Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	usermatchredir ssum-sec.casalemedia.com/ Frame D8A9 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YSPodGMdlkMzfq8mfXktEwAABFoAAAAB&gdpr_consent=&us_privacy=&gdpr=1 https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YSPodGMdlkMzfq8mfXktEwAABFoAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOqWDiI_K03rmadrv6-ZHKY&google_cver=1	43 B 315 B	36ms 35ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOqWDiI_K03rmadrv6-ZHKY&google_cver=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Mon, 23 Aug 2021 18:27:01 GMT Server Apache Vary Is-Traffic-Usersync Content-Type image/gif Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 43 Expires Mon, 23 Aug 2021 18:27:01 GMT Redirect headers pragma no-cache date Mon, 23 Aug 2021 18:27:01 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOqWDiI_K03rmadrv6-ZHKY&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 343 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	casale match.adsrvr.org/track/cmf/ Frame D8A9	70 B 265 B	202ms 132ms	Image image/gif	76.223.111.131 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YSPodGMdlkMzfq8mfXktEwAA&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 76.223.111.131 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a97adde81b00f2ca4.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 23 Aug 2021 18:27:01 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame D8A9 Redirect Chain https://ums.acuityplatform.com/tum?umid=8 https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=601917756376	43 B 1 KB	45ms 45ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=601917756376 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Mon, 23 Aug 2021 18:27:02 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Mon, 23 Aug 2021 18:27:02 GMT Redirect headers access-control-allow-origin * content-length 0 location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=601917756376
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame D8A9 Redirect Chain https://sync.extend.tv/r.gif?exchange=index https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=57c68094-c1df-4498-81fa-eeb7d82a1fc8	43 B 1 KB	270ms 269ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=57c68094-c1df-4498-81fa-eeb7d82a1fc8 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Mon, 23 Aug 2021 18:27:02 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Mon, 23 Aug 2021 18:27:02 GMT Redirect headers Pragma no-cache Date Mon, 23 Aug 2021 18:27:01 GMT Access-Control-Allow-Origin * Content-Type text/html; charset=utf-8 Location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=57c68094-c1df-4498-81fa-eeb7d82a1fc8 Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection keep-alive Content-Length 132 Expires Tue, 29 May 1984 15:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame D8A9 Redirect Chain https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1632335220	43 B 1 KB	55ms 41ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1632335220 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Mon, 23 Aug 2021 18:27:01 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Mon, 23 Aug 2021 18:27:01 GMT Redirect headers pragma no-cache date Mon, 23 Aug 2021 18:27:00 GMT server AC1.1 p3p CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1632335220 cache-control max-age=0,no-cache,no-store content-length 0 expires Tue, 11 Oct 1977 12:34:56 GMT
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame D8A9 Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=918b6123-e875-4900-9de5-5e06123f8144&gdpr=1&gdpr_consent=	43 B 1 KB	38ms 38ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=918b6123-e875-4900-9de5-5e06123f8144&gdpr=1&gdpr_consent= Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Mon, 23 Aug 2021 18:27:02 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Mon, 23 Aug 2021 18:27:02 GMT Redirect headers Date Mon, 23 Aug 2021 18:29:45 GMT Server MT3 3853 9552a83 master cdg-pixel-x24 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=918b6123-e875-4900-9de5-5e06123f8144&gdpr=1&gdpr_consent= Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Mon, 23 Aug 2021 18:29:44 GMT
GET H/1.1	200 OK	htw-pixel.gif js-sec.indexww.com/ht/ Frame D8A9	43 B 425 B	30ms 29ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://js-sec.indexww.com/ht/htw-pixel.gif?YSPodGMdlkMzfq8mfXktEwAA%261114 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 23 Aug 2021 18:27:00 GMT Last-Modified Tue, 24 Jan 2017 19:36:04 GMT Server Apache ETag "902a3d-2b-546dc3a097100" P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=3549 Connection keep-alive Accept-Ranges bytes Content-Type image/gif Content-Length 43 Expires Mon, 23 Aug 2021 19:26:09 GMT
GET H2	200	1 serving.stat-rock.com/v1/log/js/	35 B 162 B	47ms 46ms	Image image/gif	95.217.114.174 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://serving.stat-rock.com/v1/log/js/1?id=1629743220400.874&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Flistrain07241&t=948&v=91&width=400&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.1699691822295064 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.114.174 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS ap10.adplayer.pro Software nginx / Resource Hash 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540 Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://ask.fm date Mon, 23 Aug 2021 18:27:01 GMT srvf 95.217.114.174 server nginx srvb 127.0.0.1:8082 content-length 35 content-type image/gif
GET H2	200	1 serving.stat-rock.com/v1/log/js/	35 B 162 B	281ms 280ms	Image image/gif	95.217.114.174 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://serving.stat-rock.com/v1/log/js/1?d=1&id=1629743220400.874&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Flistrain07241&t=948&v=91&width=400&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.18386834481396908 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.114.174 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS ap10.adplayer.pro Software nginx / Resource Hash 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540 Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://ask.fm date Mon, 23 Aug 2021 18:27:01 GMT srvf 95.217.114.174 server nginx srvb 127.0.0.1:8082 content-length 35 content-type image/gif
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame 2E68	0 731 B	18ms 17ms	Script text/html	185.33.221.15 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Mon, 23 Aug 2021 18:27:01 GMT X-Proxy-Origin 82.102.19.136; 82.102.19.136; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 56a411b5-9333-47a4-b66b-2c3029636dac Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame 0FF1	0 731 B	48ms 48ms	Script text/html	185.33.221.15 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Mon, 23 Aug 2021 18:27:02 GMT X-Proxy-Origin 82.102.19.136; 82.102.19.136; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid a3d3c182-4b19-4fe4-9cb8-5d4a9a0bf4b5 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	PugMaster Show response image6.pubmatic.com/AdServer/ Frame 7269	0 42 B	336ms 46ms	Script text/plain	185.64.189.115 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=12832329&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 18:27:02 GMT content-length 0
POST H2	200	48953915 Show response mc.yandex.com/webvisor/	43 B 145 B	51ms 51ms	XHR image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=3&wv-hit=396447626&page-url=https%3A%2F%2Fask.fm%2Flistrain07241&rn=517572544&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1629743223%3Aw%3A1600x1200%3Av%3A624%3Az%3A120%3Ai%3A20210823202702%3Au%3A1629743216944034492%3Avf%3A25rt5xty9edhsiwwad%3Awe%3A1%3Ati%3A2%3Ast%3A1629743223 Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 23 Aug 2021 18:27:02 GMT last-modified Mon, 23-Aug-2021 18:27:02 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Mon, 23-Aug-2021 18:27:02 GMT
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame 0FF1	0 731 B	21ms 21ms	Script text/html	185.33.221.15 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Mon, 23 Aug 2021 18:27:03 GMT X-Proxy-Origin 82.102.19.136; 82.102.19.136; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid afcfeb1e-f6fb-4c4a-9b5e-33d889850143 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT