ask.fm Open in urlscan Pro
193.138.77.141  Public Scan

14 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

• https://mc.yandex.com/sync_cookie_image_check HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9374.2ytUBo_3S4GtaGhwlXug1jciwiHCpTOhuy8v_3jtPWonz18TCiwHQXhqtl1IyaMA.hKsamFQ98rib0kBzLHsoiX1NO1c%2C HTTP 302
• https://mc.yandex.com/sync_cookie_image_decide?token=9374.DHmy4-SgRimgCaE13OVAsQpY53lppo6UEdSTPqDkBVWBaclBuHOLZO9SDNkj0JdIcN3jFroiHXAFrNOolxPplg%2C%2C.wpfmpC8O072AgIKAtKgzKElPt6Q%2C

Request Chain 33

• https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fcloudyarch601&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A738%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A624%3Acn%3A1%3Adp%3A0%3Als%3A1475694268030%3Ahid%3A538969228%3Az%3A120%3Ai%3A20210824040620%3Aet%3A1629770781%3Ac%3A1%3Arn%3A906327391%3Au%3A1629770781782379249%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629770779687%3Ads%3A1%2C403%2C186%2C4%2C0%2C0%2C%2C68%2C5%2C%2C%2C%2C663%3Adsn%3A1%2C403%2C187%2C4%2C%2C0%2C%2C66%2C6%2C%2C%2C%2C662%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629770781%3At%3AAccount%20Suspended%20-%20Ask.fm HTTP 302
• https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fcloudyarch601&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A738%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A624%3Acn%3A1%3Adp%3A0%3Als%3A1475694268030%3Ahid%3A538969228%3Az%3A120%3Ai%3A20210824040620%3Aet%3A1629770781%3Ac%3A1%3Arn%3A906327391%3Au%3A1629770781782379249%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629770779687%3Ads%3A1%2C403%2C186%2C4%2C0%2C0%2C%2C68%2C5%2C%2C%2C%2C663%3Adsn%3A1%2C403%2C187%2C4%2C%2C0%2C%2C66%2C6%2C%2C%2C%2C662%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629770781%3At%3AAccount%20Suspended%20-%20Ask.fm

Request Chain 44

• https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=lbQ4yHxmakUvT1cxZEFDSWd6aDg2SjVqU1I2YlNWRWhpNFB6QjFkd25OTEhvZEpOL0x2UlJRZ0FRVCtWRXVsYTRhS1MxbHpKcDRwZXNtS2owSGQwaEZXWXAxcjYrL1hsNDZ0S21ick1qMHdRcnVRSWF6aWtlSUFLeGxMdUVHTVBkcXViMFdkQllIbHFldnRpMXRoY21EUXdZRmJHUTJmaTFJLy90NGxqbElGVk9kdG9ISDFzd2tKdmU5eHVPWlQwWEl1ZmFUSVBNYmxUMDVLeGd2ZXlndW5VSmVPVUNHUkNDTURMYlhwaWZ2OUwxL1NRPXw&cppv=2

Request Chain 71

• https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3De8e325bf-ae90-408b-95ad-82a9d4c25a64%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
• https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3De8e325bf-ae90-408b-95ad-82a9d4c25a64%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
• https://prebid.a-mo.net/setuid?A=e8e325bf-ae90-408b-95ad-82a9d4c25a64&D=&bidder=sovrn&uid=41baaf0d99f4e714bc46a8b0

Request Chain 72

• https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3De8e325bf-ae90-408b-95ad-82a9d4c25a64%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
• https://prebid.a-mo.net/setuid?A=e8e325bf-ae90-408b-95ad-82a9d4c25a64&D=&bidder=appnexus&uid=2795173456352819425

Request Chain 73

• https://onetag-sys.com/usync/?tag=img HTTP 302
• https://x.bidswitch.net/sync?ssp=onetag HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=onetag HTTP 302
• https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Donetag%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
• https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Donetag%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
• https://x.bidswitch.net/sync?dsp_id=429&user_id=66c31d32-a1d2-52ec-9fc5-f5ccfee1a1ec&ssp=onetag&expires=30&user_group=1 HTTP 302
• https://onetag-sys.com/match/?int_id=30&uid=0e33aa42-e880-4cf8-924d-fda8ef6f43d2&gdpr=&gdpr_consent=&us_privacy=

Request Chain 74

• https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=e8e325bf-ae90-408b-95ad-82a9d4c25a64 HTTP 302
• https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=e8e325bf-ae90-408b-95ad-82a9d4c25a64&verify=true HTTP 302
• https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=e8e325bf-ae90-408b-95ad-82a9d4c25a64&apid=UPe24edef1-047f-11ec-bbc1-06adfbc6bb52 HTTP 302
• https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=e8e325bf-ae90-408b-95ad-82a9d4c25a64&apid=UPe24edef1-047f-11ec-bbc1-06adfbc6bb52&verify=true HTTP 302
• https://prebid.a-mo.net/setuid/verizon_video?uid=UPe24edef1-047f-11ec-bbc1-06adfbc6bb52&gdpr=0&gdpr_consent=

Request Chain 75

• https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3De8e325bf-ae90-408b-95ad-82a9d4c25a64%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
• https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3De8e325bf-ae90-408b-95ad-82a9d4c25a64%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
• https://prebid.a-mo.net/setuid?A=e8e325bf-ae90-408b-95ad-82a9d4c25a64&D=&bidder=pubmatic&uid=6D90804E-712C-4AA8-978F-FFB4077AB7EA

Request Chain 76

• https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3De8e325bf-ae90-408b-95ad-82a9d4c25a64%26D%3D%26bidder%3Dindex_rtb%26uid%3D HTTP 302
• https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3De8e325bf-ae90-408b-95ad-82a9d4c25a64%26D%3D%26bidder%3Dindex_rtb%26uid%3D&s=191503&C=1 HTTP 302
• https://prebid.a-mo.net/setuid?A=e8e325bf-ae90-408b-95ad-82a9d4c25a64&D=&bidder=index_rtb&uid=YSRUIBXdlXrZnsMzm5SFyQAA%26222

Request Chain 79

• https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D HTTP 302
• https://onetag-sys.com/sync/i,1/845a6124-5420-4800-af39-f7667b502737

Request Chain 81

• https://dmp.adform.net/serving/cookie/match?party=1167&cid=iUKrJMagcndb6on5Avy0wJq3bNIfK-gBcPElZ6tfbkk HTTP 302
• https://dmp.adform.net/serving/cookie/match?CC=1&party=1167&cid=iUKrJMagcndb6on5Avy0wJq3bNIfK-gBcPElZ6tfbkk HTTP 302
• https://onetag-sys.com/sync/i,34/3458510128347476915

Request Chain 82

• https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm&no_r=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm=&no_r=1&google_tc= HTTP 302
• https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESENtAAhUFWClErI26GxtYgqg&google_cver=1

Request Chain 85

• https://ups.analytics.yahoo.com/ups/58488/occ HTTP 302
• https://ups.analytics.yahoo.com/ups/58488/occ?verify=true HTTP 302
• https://onetag-sys.com/match/?int_id=92&uid=y-EkjveWlE2uGp92l470hEwLvVEEytAjkNpbFq_zE-~A

Request Chain 86

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
• https://onetag-sys.com/sync/i,29/?tdid=7f6eb142-f202-406a-be87-d2318142cb42&ttl=1632362784

Request Chain 87

• https://x.bidswitch.net/sync?ssp=onetag HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=onetag HTTP 302
• https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag HTTP 302
• https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=onetag HTTP 302
• https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=bfc71f06-f93e-47cd-9c10-48da0ebde212&ssp=onetag&user_group=1 HTTP 302
• https://onetag-sys.com/match/?int_id=30&uid=0e33aa42-e880-4cf8-924d-fda8ef6f43d2&gdpr=&gdpr_consent=&us_privacy=

Request Chain 88

• https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D HTTP 302
• https://onetag-sys.com/sync/i,1/34636124-5420-4400-9074-6af149fbec83

Request Chain 90

• https://dmp.adform.net/serving/cookie/match?party=1167&cid=iUKrJMagcndb6on5Avy0wJq3bNIfK-gBcPElZ6tfbkk HTTP 302
• https://dmp.adform.net/serving/cookie/match?CC=1&party=1167&cid=iUKrJMagcndb6on5Avy0wJq3bNIfK-gBcPElZ6tfbkk HTTP 302
• https://onetag-sys.com/sync/i,34/3392884567442272686

Request Chain 91

• https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm&no_r=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm=&no_r=1&google_tc= HTTP 302
• https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEDfPOcurns4s7NqSbdcL8PQ&google_cver=1

Request Chain 94

• https://ups.analytics.yahoo.com/ups/58488/occ HTTP 302
• https://ups.analytics.yahoo.com/ups/58488/occ?verify=true HTTP 302
• https://onetag-sys.com/match/?int_id=92&uid=y-Q8RTUDxE2uHyDEzDOGDughUQs.fvSLZARZVGb.E-~A

Request Chain 95

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
• https://onetag-sys.com/sync/i,29/?tdid=d6074ec5-2c2d-45a5-8554-25075d0d996f&ttl=1632362784

Request Chain 96

• https://x.bidswitch.net/sync?ssp=onetag HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=onetag HTTP 302
• https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=onetag&gdpr=&gdpr_consent= HTTP 302
• https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=onetag&gdpr=1&user_id=YvCgMGH1oDZ58_dnZ_S_MWP3o2d5-PRhYfe_ev_5

Request Chain 97

• https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
• https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
• https://sync.quantumdex.io/setuid?bidder=sovrn&uid=34c9e090ab9e4c64284ce955

Request Chain 98

• https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
• https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=8a1bc7c4-219f-49cb-a68c-fa867b7d678b

Request Chain 99

• https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
• https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2795173456352819425

Request Chain 101

• https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
• https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=6ecc58ef-661b-4756-b4fb-4bae97b95efc

Request Chain 102

• https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
• https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2795173456352819425

Request Chain 103

• https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
• https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
• https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-lBRdl.xE2uHgU3eLeRL6jFilOEm6k4GiRoMXnDc-~A

Request Chain 104

• https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
• https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPe24edef1-047f-11ec-bbc1-06adfbc6bb52 HTTP 302
• https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPe24edef1-047f-11ec-bbc1-06adfbc6bb52&verify=true HTTP 302
• https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPe24edef1-047f-11ec-bbc1-06adfbc6bb52

Request Chain 105

• https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
• https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Request Chain 106

• https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
• https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 110

• https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
• https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 113

• https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D HTTP 302
• https://onetag-sys.com/sync/i,1/45da6124-5420-4c00-a35b-9027e73fdd88

Request Chain 115

• https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm&no_r=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm=&no_r=1&google_tc= HTTP 302
• https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEHy6xTxykJjL6vHqndFrqkM&google_cver=1

Request Chain 116

• https://ups.analytics.yahoo.com/ups/58488/occ HTTP 302
• https://ups.analytics.yahoo.com/ups/58488/occ?verify=true HTTP 302
• https://onetag-sys.com/match/?int_id=92&uid=y-VJlfLBpE2uFzl4.m3QQzNbkQN2.SwwCZoEcMXck-~A

Request Chain 117

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
• https://onetag-sys.com/sync/i,29/?tdid=d6074ec5-2c2d-45a5-8554-25075d0d996f&ttl=1632362784

Request Chain 118

• https://x.bidswitch.net/sync?ssp=onetag HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=onetag HTTP 302
• https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Donetag%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
• https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Donetag%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
• https://x.bidswitch.net/sync?dsp_id=429&user_id=66c31d32-a1d2-52ec-9fc5-f5ccfee1a1ec&ssp=onetag&expires=30&user_group=1 HTTP 302
• https://onetag-sys.com/match/?int_id=30&uid=0e33aa42-e880-4cf8-924d-fda8ef6f43d2&gdpr=&gdpr_consent=&us_privacy=

Request Chain 119

• https://dmp.adform.net/serving/cookie/match?party=1167&cid=EzP9y05RjPIkPXlyr4QoARRtFOoS18jFGedX4O3vqXU HTTP 302
• https://onetag-sys.com/sync/i,34/8808293369395702241

Request Chain 127

• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSRUIBXdlXrZnsMzm5SFzQAAAN4AAAAB HTTP 302
• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSRUIBXdlXrZnsMzm5SFzQAAAN4AAAAB&dcc=t

Request Chain 128

• https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YSRUIBXdlXrZnsMzm5SFzQAAAN4AAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFuBPcUXfRVrLuk3QoYuFwk&google_cver=1

Request Chain 129

• https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YSRUIBXdlXrZnsMzm5SFzQAA HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELRZLwOSP6IJWtNDqAdl8FA&google_cver=1&gdpr=1

Request Chain 131

• https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
• https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

Request Chain 133

• https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-54a9040b-c96b-4440-9ff6-7288be0a95eb

Request Chain 135

• https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YSRUIBXdlXrZnsMzm5SF0AAAAN4AAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFuBPcUXfRVrLuk3QoYuFwk&google_cver=1

Request Chain 136

• https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YSRUIBXdlXrZnsMzm5SF0AAA HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELRZLwOSP6IJWtNDqAdl8FA&google_cver=1&gdpr=1

Request Chain 137

• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSRUIBXdlXrZnsMzm5SF0AAAAN4AAAAB HTTP 302
• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSRUIBXdlXrZnsMzm5SF0AAAAN4AAAAB&dcc=t

Request Chain 139

• https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
• https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1 HTTP 303
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABS_k7CSKgAACTALuSksg&expiration=1630980388&gdpr=1 HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABS_k7CSKgAACTALuSksg&expiration=1630980388&gdpr=1&C=1

Request Chain 141

• https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-2c422ca0-d9f5-40c6-ba31-a167fcd43653

Request Chain 142

• https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06a022040095a4e1940600c4&expiration=[EXPIRATION]&gdpr=1

147 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	410 Gone	Primary Request Cookie set cloudyarch601 Show response ask.fm/	11 KB 12 KB	591ms 187ms	Document text/html	193.138.77.141 ASK-FM
General Check archive.org Show headers Download Go to Full URL https://ask.fm/cloudyarch601 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.138.77.141 , Latvia, ASN395754 (ASK-FM, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 877062d97e15f0e6b437461d4129996faceb651267208311e843a1adf406b030 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Host ask.fm Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Status 410 Gone Cache-Control no-cache X-Frame-Options SAMEORIGIN X-XSS-Protection 1; mode=block X-Content-Type-Options nosniff Date Tue, 24 Aug 2021 02:06:20 GMT Set-Cookie locale=en; path=/; expires=Wed, 24 Aug 2022 08:06:20 -0000 uuid=8a29f83a-46b5-43bf-86fb-cca32967642d; path=/; expires=Wed, 24 Aug 2022 08:06:20 -0000; secure; HttpOnly country=SE; path=/; expires=Wed, 24 Aug 2022 08:06:20 -0000 _m_ask_fm_session=dlJ5Y2VGSjVvS0p4eWZjUW9oTHRhQTZiS0tEeStNdUREanFBS2ZhUUEwMzNIWHk3RzY1MUk4TkNkV2ZiS1hlSEc3dEJWbjVDVWJYMVljYmtrOCtocnFtMEFyT0RVZU04VmVDd0VZZDNFOGRPdXBkc2ZiT05IK203N01GaHlvV0NRa0xMVUhtR2l0SHozek1CaG5KNStoTW1yL0pDSmJ4R3gxNE1taFVOMWFLd3l2ZkpjRjA5bFFKaWxmejg1THI0Zndpazd3SEdIV29KK0tHbjhielhMd1ROTlRaYlVpMUJJc0dkdHRkQVBhWFZpVjlyOGZpYmhKZW44Q2pyWWl0Zy0tbENyZktxbVpXS3o1OG8wNGVoTitGUT09--fbc3bcc47d68f01e2bec224c5a121653bff4bdb6; path=/; expires=Fri, 27 Aug 2021 02:06:20 -0000; secure; HttpOnly Server Ask.FM Web Service Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000
GET H2	200	application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css d3r6ceqp4shltl.cloudfront.net/assets/	184 KB 39 KB	32ms 7ms	Stylesheet text/css	2600:9000:21f3:3c00:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css Requested by Host: ask.fm URL: https://ask.fm/cloudyarch601 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:3c00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 6bf4d1a5ab84231d4d77a7aa49811be50601ad46f93002a7dfc4b29403980787 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 12:23:34 GMT content-encoding gzip age 481366 x-cache Hit from cloudfront access-control-max-age 3000 content-length 39692 access-control-allow-origin https://ask.fm last-modified Wed, 18 Aug 2021 12:19:47 GMT server Ask.FM Web Service etag "611cfae3-9b0c" strict-transport-security max-age=63072000 access-control-allow-methods GET content-type text/css via 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront) cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA2-C2 x-amz-cf-id l72e760WzZ-9MFqmuwhwQEQGgdmVm9wYEl9jKC-OxFdgEbCF5cWiBA== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js Show response d3r6ceqp4shltl.cloudfront.net/assets/	217 KB 68 KB	38ms 13ms	Script application/javascript	2600:9000:21f3:3c00:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js Requested by Host: ask.fm URL: https://ask.fm/cloudyarch601 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:3c00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 12:06:37 GMT content-encoding gzip age 482383 x-cache Hit from cloudfront access-control-max-age 3000 content-length 69074 access-control-allow-origin https://ask.fm last-modified Wed, 18 Aug 2021 07:22:53 GMT server Ask.FM Web Service etag "611cb54d-10dd2" strict-transport-security max-age=63072000 access-control-allow-methods GET content-type application/javascript via 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront) cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA2-C2 x-amz-cf-id UlP35wP90h2aF_G7ZYwDnpi1ndHYsPHmyEI7svyUnd4rUUI3iJgwyQ== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	account-suspended.gif d3r6ceqp4shltl.cloudfront.net/images/errors/	380 KB 381 KB	10ms 9ms	Image image/gif	2600:9000:21f3:3c00:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3r6ceqp4shltl.cloudfront.net/images/errors/account-suspended.gif Requested by Host: ask.fm URL: https://ask.fm/cloudyarch601 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:3c00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash b570d38ee9fb9d3c62cdd3395021b23cf0c1b8d6e55aa0f4c31496723a30c202 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 15:38:28 GMT via 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront) age 469672 x-cache Hit from cloudfront content-length 388641 last-modified Wed, 18 Aug 2021 12:19:47 GMT server Ask.FM Web Service etag "611cfae3-5ee21" strict-transport-security max-age=63072000 content-type image/gif cache-control max-age=315360000, public content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA2-C2 accept-ranges bytes x-amz-cf-id FOQbkICWCaps5Pqd4QorhJKpa6dUrshtdsh2q59h_0QDHyvt2CG27Q== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	tag.js Show response mc.yandex.ru/metrika/	224 KB 72 KB	132ms 44ms	Script application/javascript	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/tag.js Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash ff1343d1a8da5acf42773c36549ced52929ee8cb0e95eaa11acc91a3c8c76914 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 24 Aug 2021 02:06:20 GMT content-encoding br last-modified Mon, 23 Aug 2021 15:54:40 GMT etag "6123bebf-11d30" strict-transport-security max-age=31536000 content-type application/javascript access-control-allow-origin * cache-control max-age=3600 content-length 73008 expires Tue, 24 Aug 2021 03:06:20 GMT
GET H2	200	53494.jpg d16vsmxl4d5tw1.cloudfront.net/a54/74db1/9f9a/47f7/a769/63ebbf3af3e2/thumb/	1 KB 2 KB	47ms 11ms	Image image/jpeg	2600:9000:21f3:9e00:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/a54/74db1/9f9a/47f7/a769/63ebbf3af3e2/thumb/53494.jpg Requested by Host: ask.fm URL: https://ask.fm/cloudyarch601 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:9e00:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8a5127cb431073ae0c200d74207cc9e281ca148e0963d2801275023224dd38e2 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 23:09:30 GMT via 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront) last-modified Fri, 17 Aug 2018 14:36:00 GMT server AmazonS3 age 10611 etag "6f5721399a0d411d1cba15e0ff26f5d1" x-cache Hit from cloudfront x-amz-version-id RtAooJAPOy0kGbuDh9nibHQP_XOo8Ytc x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C2 accept-ranges bytes content-type image/jpeg content-length 1440 x-amz-cf-id xCnQ0_KKP4_SqHvqH-q_NzS5rot88LTzpJGNM3uSPjhKOjfBWucIig==
GET H2	200	1177125.jpg dbq8hrmshvuto.cloudfront.net/e39/d85fd/3eb5/4151/beac/5bad6bccf7a7/normal/	46 KB 47 KB	62ms 27ms	Image image/jpeg	2600:9000:20eb:9800:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/e39/d85fd/3eb5/4151/beac/5bad6bccf7a7/normal/1177125.jpg Requested by Host: ask.fm URL: https://ask.fm/cloudyarch601 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:9800:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b3ca2571adea8f13389605784c829e43f72b4d53f3385cdadf3c6b3faef182cb Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id 0p99kSlzmuihlszK29wO_bUb_begcD3q via 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront) last-modified Tue, 21 Feb 2017 22:07:15 GMT server AmazonS3 age 10663 etag "2f6213a09aed5fa246e4c801e716d0cc" x-cache Hit from cloudfront content-type image/jpeg x-amz-storage-class REDUCED_REDUNDANCY date Mon, 23 Aug 2021 23:08:38 GMT x-amz-cf-pop FRA2-C1 accept-ranges bytes content-length 47437 x-amz-cf-id 8tiqYqL1y8XMpWBgQIzOE0_aK24tZcZEB2fJuHm-6FVj5vgTD3u3tg==
GET H2	200	file.jpg dbq8hrmshvuto.cloudfront.net/assets2/062/042/465/536/normal/	106 KB 107 KB	51ms 17ms	Image image/jpeg	2600:9000:20eb:9800:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/assets2/062/042/465/536/normal/file.jpg Requested by Host: ask.fm URL: https://ask.fm/cloudyarch601 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:9800:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 09800a933755e324b362912ea3edb8895dd68dd792db411ece44ea32756f180a Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 08 Aug 2021 18:50:56 GMT via 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront) last-modified Mon, 10 Nov 2014 22:12:07 GMT server AmazonS3 age 1322125 etag "c74a707988a38898c71d3f7febf3afdd" x-cache Hit from cloudfront x-amz-version-id null x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 108577 x-amz-cf-id FZkWKayxemwpg4S7TyBtjqLGQkGJRmqTVbfQSFeEC30guh5wnVLG7g== expires Mon, 01 Jan 2024 00:00:00 GMT
GET H2	200	file.jpg dbq8hrmshvuto.cloudfront.net/assets2/162/389/215/488/normal/	132 KB 133 KB	59ms 24ms	Image image/jpeg	2600:9000:20eb:9800:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/assets2/162/389/215/488/normal/file.jpg Requested by Host: ask.fm URL: https://ask.fm/cloudyarch601 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:9800:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash efc367f81cb1dfbc8985f353900e6dbc97c0ab9260ee36cce33ee9cf50e125a6 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 19 Aug 2021 02:04:33 GMT via 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront) last-modified Sun, 26 Jun 2016 08:09:24 GMT server AmazonS3 age 432108 etag "c2e39ed72a52917ea8d7aedaca721095" x-cache Hit from cloudfront x-amz-version-id MStJ3Zr0hmDggnEVFQofqTt.i6U2Gzng x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 135404 x-amz-cf-id 57_-XAyBjb3uzYrBPuTrKkhW8ch7LWWTxlwN1EZji1d9NiwXaxEqPQ== expires Mon, 01 Jan 2024 00:00:00 GMT
GET H2	200	file.jpg dbq8hrmshvuto.cloudfront.net/assets2/151/412/674/816/normal/	63 KB 63 KB	51ms 16ms	Image image/jpeg	2600:9000:20eb:9800:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/assets2/151/412/674/816/normal/file.jpg Requested by Host: ask.fm URL: https://ask.fm/cloudyarch601 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:9800:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d529e8ba371c4a11e23b4d3f6a37bf05a89695b3fc78136b4bc68d7264a7bbea Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 08 Aug 2021 18:51:09 GMT via 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront) last-modified Tue, 22 Mar 2016 19:45:50 GMT server AmazonS3 age 1322111 etag "08d095cffde7301f533a813b944f56ad" x-cache Hit from cloudfront x-amz-version-id lbQZDGQUKi53GRpOkjKaZxVHiQuhTwqh x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 64268 x-amz-cf-id bqJ9Ozg4blqcjuJF8Kc9lbnUC8OKLbw4OFl8MUHMhmP2kuBQahwrrA== expires Mon, 01 Jan 2024 00:00:00 GMT
GET H2	200	1895438.jpg dbq8hrmshvuto.cloudfront.net/84a/c540d/64a9/4512/bcc4/584b0ed484c9/normal/	97 KB 97 KB	45ms 10ms	Image image/jpeg	2600:9000:20eb:9800:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/84a/c540d/64a9/4512/bcc4/584b0ed484c9/normal/1895438.jpg Requested by Host: ask.fm URL: https://ask.fm/cloudyarch601 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:9800:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 711e9c9a3d4c8c3e6b9f8d0afc73492d58cef2a3554dbe27c5bac7bcb249ff2c Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id hRnzdwpFaioNRRktM9kpl5iKhB3ryRgp via 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront) last-modified Tue, 18 Oct 2016 19:29:37 GMT server AmazonS3 age 11881 etag "aa4434bee7a39b6f26af3ee0bff7c71a" x-cache Hit from cloudfront content-type image/jpeg x-amz-storage-class REDUCED_REDUNDANCY date Mon, 23 Aug 2021 22:48:20 GMT x-amz-cf-pop FRA2-C1 accept-ranges bytes content-length 98847 x-amz-cf-id fJH3ExWWdmTljdYnUf8D9naAHuBBLkLAgbsuiNF8e9PzghWrfLZV9Q==
GET H2	200	IMG_20151231_184556.jpg dbq8hrmshvuto.cloudfront.net/assets2/141/729/120/000/normal/	40 KB 41 KB	65ms 31ms	Image image/jpeg	2600:9000:20eb:9800:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/assets2/141/729/120/000/normal/IMG_20151231_184556.jpg Requested by Host: ask.fm URL: https://ask.fm/cloudyarch601 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:9800:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 35ac68e64e07e870f18b489a5a88a29aec7d1bcce8c3f6259740c3ade65b5471 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 08 Aug 2021 18:51:09 GMT via 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront) last-modified Sun, 03 Jan 2016 00:12:53 GMT server AmazonS3 age 1322112 etag "faeea9be31bc38dd70785596f7e03d30" x-cache Hit from cloudfront x-amz-version-id null x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 41173 x-amz-cf-id lAEBV9tBzTVJHq2Wpj2uTXKCLOX-kWB18uw8tO-DZmHy6ATSBiV49A== expires Mon, 01 Jan 2024 00:00:00 GMT
GET H2	200	avatar.jpg dbq8hrmshvuto.cloudfront.net/assets2/127/223/107/840/normal/	55 KB 56 KB	34ms 33ms	Image image/jpeg	2600:9000:20eb:9800:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/assets2/127/223/107/840/normal/avatar.jpg Requested by Host: ask.fm URL: https://ask.fm/cloudyarch601 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:9800:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bb2594fde8f7166728ae99fb984472d19148d6e3e80152642a204709d0172879 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 22 Aug 2021 19:26:02 GMT via 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront) last-modified Thu, 01 Oct 2015 11:04:05 GMT server AmazonS3 age 110419 etag "d67d2830f8d8f42d86cfa558123d7c37" x-cache Hit from cloudfront x-amz-version-id null x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 56714 x-amz-cf-id rdGxoc7AIUXdja818rflGz_E8SOCLlft_tvveUC25S_GAfCjmxlbGQ== expires Mon, 01 Jan 2024 00:00:00 GMT
GET H2	200	snapchat_1099.jpg dbq8hrmshvuto.cloudfront.net/assets/143/052/568/normal/	29 KB 29 KB	33ms 32ms	Image image/jpeg	2600:9000:20eb:9800:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/assets/143/052/568/normal/snapchat_1099.jpg Requested by Host: ask.fm URL: https://ask.fm/cloudyarch601 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:9800:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ff83e8522ba64891935ece743631d749d358d31e819378e0b5d6445eb0d56a53 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 19 Aug 2021 20:05:43 GMT via 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront) last-modified Mon, 08 Apr 2013 21:47:52 GMT server AmazonS3 age 367237 etag "362ff23820c09bf27ce12ef31256a36e" x-cache Hit from cloudfront x-amz-version-id null x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 29701 x-amz-cf-id 06BkCa7udM2Y7SRRUHXrjN6COd4-4Tf-wb5mucy9Hjnb8eYZYkh8AA== expires Sat, 08 Apr 2023 14:45:19 GMT
GET H2	200	file.jpg dbq8hrmshvuto.cloudfront.net/assets2/112/133/186/304/normal/	120 KB 121 KB	42ms 41ms	Image image/jpeg	2600:9000:20eb:9800:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/assets2/112/133/186/304/normal/file.jpg Requested by Host: ask.fm URL: https://ask.fm/cloudyarch601 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:9800:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e5eb4e1290f829ff3cca98c69e6028d762678b98cfc4a870918fe091960440e9 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 10:56:57 GMT via 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront) last-modified Thu, 09 Jul 2015 19:51:45 GMT server AmazonS3 age 313764 etag "97373757923af9d7c2ebeec7b1d21d54" x-cache Hit from cloudfront x-amz-version-id null x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 123367 x-amz-cf-id yHo9Dc0JWdNxp2eZ7xGJwNzoMOjaUX9SMzjn6Ttm-J7lXyyoXuthKg== expires Mon, 01 Jan 2024 00:00:00 GMT
GET H2	200	500217.jpg dbq8hrmshvuto.cloudfront.net/b61/42c1c/7943/4f51/8b51/ce073c94bbfc/thumb/	2 KB 3 KB	35ms 34ms	Image image/jpeg	2600:9000:20eb:9800:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/b61/42c1c/7943/4f51/8b51/ce073c94bbfc/thumb/500217.jpg Requested by Host: ask.fm URL: https://ask.fm/cloudyarch601 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:9800:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 20b5531fb511df09e7ba6c6ba2dc4e3ed6321f8a6a78255fb55485ac6cc89fe6 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id yPg8_ZD6F_eBj7bednlJyKL04RVYmcSU via 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront) last-modified Mon, 16 Nov 2020 14:20:47 GMT server AmazonS3 age 10196 etag "b7f21d774833d3f36d5e41b6fe54f8b7" x-cache Hit from cloudfront content-type image/jpeg x-amz-storage-class REDUCED_REDUNDANCY date Mon, 23 Aug 2021 23:16:25 GMT x-amz-cf-pop FRA2-C1 accept-ranges bytes content-length 2288 x-amz-cf-id AeL9dyslY382sctED6cYlGEriKKe2GM4c2xExtq7YX_JgyniJk87bQ==
GET H2	200	image.png dbq8hrmshvuto.cloudfront.net/assets2/127/537/078/016/normal/	38 KB 39 KB	41ms 40ms	Image image/png	2600:9000:20eb:9800:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/assets2/127/537/078/016/normal/image.png Requested by Host: ask.fm URL: https://ask.fm/cloudyarch601 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:9800:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b238268082d7e6e9416dea0f2471a1c8ba8a6918cabc67009396c39d68874fd1 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 07 Aug 2021 00:53:22 GMT via 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront) last-modified Sat, 03 Oct 2015 13:02:13 GMT server AmazonS3 age 1473179 etag "45195051d8154f5b74be87f8b8ce0bf2" x-cache Hit from cloudfront x-amz-version-id null x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/png content-length 39107 x-amz-cf-id cQ28PJUSuW0FNUhUu0FveIK-0yqykZhMZ9wzhKfyOT_NU0rLekbYQA== expires Mon, 01 Jan 2024 00:00:00 GMT
GET H2	200	39199.png d16vsmxl4d5tw1.cloudfront.net/6ea/cc485/ba1c/402e/853a/675f1604cda7/thumb/	14 KB 14 KB	43ms 10ms	Image image/png	2600:9000:21f3:9e00:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/6ea/cc485/ba1c/402e/853a/675f1604cda7/thumb/39199.png Requested by Host: ask.fm URL: https://ask.fm/cloudyarch601 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:9e00:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a9e6af7eb10a16b71a7a86c5d7aba1b9aff0d8a54ad62cf8beb3d1c51e1de39e Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id PdshhiKwHVKHuAWH4yTYkBSe6aDp1TNe via 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront) last-modified Sat, 15 Dec 2018 15:02:34 GMT server AmazonS3 age 11881 etag "f09883c9f6a75051b3b17de9d35a9088" x-cache Hit from cloudfront content-type image/png x-amz-storage-class REDUCED_REDUNDANCY date Mon, 23 Aug 2021 22:48:20 GMT x-amz-cf-pop FRA2-C2 accept-ranges bytes content-length 13990 x-amz-cf-id wEaMD2YDFwFg0-EQfac2fZ2Wcs0So6Llb2lCGueThOoTS2098SqE7w==
GET H2	200	186211.jpg d16vsmxl4d5tw1.cloudfront.net/3d9/67dfe/b426/41eb/b8ca/0500ab64b54e/thumb/	4 KB 4 KB	46ms 12ms	Image image/jpeg	2600:9000:21f3:9e00:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/3d9/67dfe/b426/41eb/b8ca/0500ab64b54e/thumb/186211.jpg Requested by Host: ask.fm URL: https://ask.fm/cloudyarch601 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:9e00:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8959734661766b124bbe340f1263b5640ef73ff70ec2d5949dd7bcbf104c19b3 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id CEGluEjzIFIhpZzn9ms.2ImBO.h8k0z. via 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront) last-modified Tue, 13 Nov 2018 15:25:18 GMT server AmazonS3 age 11881 etag "3e6c48c9972717e12507c63670111a22" x-cache Hit from cloudfront content-type image/jpeg x-amz-storage-class REDUCED_REDUNDANCY date Mon, 23 Aug 2021 22:48:20 GMT x-amz-cf-pop FRA2-C2 accept-ranges bytes content-length 4055 x-amz-cf-id 3NYXZM5VGS8wg2jVg5SUkkHj3fWrpMQ_b_eBGC2UBvN1FZOn7f134Q==
GET H2	200	lolworm.png dbq8hrmshvuto.cloudfront.net/assets2/065/901/606/144/normal/	3 KB 4 KB	38ms 37ms	Image image/png	2600:9000:20eb:9800:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/assets2/065/901/606/144/normal/lolworm.png Requested by Host: ask.fm URL: https://ask.fm/cloudyarch601 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:9800:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash fecb42cb82be3df0a2d556a15a25e3b301f7f0e5f3e3d22e56765751c047aea2 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 16:04:02 GMT via 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront) last-modified Wed, 03 Dec 2014 15:26:10 GMT server AmazonS3 age 295339 etag "0075b1c0d09a5ba2c1f468e9ad2be2f5" x-cache Hit from cloudfront x-amz-version-id null x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/png content-length 3524 x-amz-cf-id g1X68dzqT4quclkyuOB-tkygJccsVFUcqxOLr4d9-MXnTHqUqFaE2g== expires Mon, 01 Jan 2024 00:00:00 GMT
GET H2	200	file.jpg dbq8hrmshvuto.cloudfront.net/assets2/108/097/194/752/normal/	124 KB 124 KB	39ms 38ms	Image image/jpeg	2600:9000:20eb:9800:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/assets2/108/097/194/752/normal/file.jpg Requested by Host: ask.fm URL: https://ask.fm/cloudyarch601 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:9800:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d5c9ba30ae2dbc33af29584fd72fd6026f30b173e0c093eaeb6b9a501f74fc7d Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 16 Aug 2021 17:37:16 GMT via 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront) last-modified Sat, 20 Jun 2015 21:59:27 GMT server AmazonS3 age 635345 etag "a9c5212b102bb09959f1ddecc9409b19" x-cache Hit from cloudfront x-amz-version-id null x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 126524 x-amz-cf-id c9tUGraKhk_svTlls3ZtESK5ozOzMuYZsLxUQg7lLwxB8ReNH2GXbQ== expires Mon, 01 Jan 2024 00:00:00 GMT
GET H2	200	161146.jpg dbq8hrmshvuto.cloudfront.net/1a2/28b4f/d6f3/4ad9/859a/d9daab903958/normal/	91 KB 92 KB	36ms 35ms	Image image/jpeg	2600:9000:20eb:9800:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/1a2/28b4f/d6f3/4ad9/859a/d9daab903958/normal/161146.jpg Requested by Host: ask.fm URL: https://ask.fm/cloudyarch601 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:9800:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6606847ffa075760763f08609e8afa7a1273df32317da9803b90730fc6b142ce Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id WDG75zHHdjjxmcN62liplZlSazDA1mCN via 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront) last-modified Sat, 16 Jul 2016 16:37:53 GMT server AmazonS3 age 10613 etag "cf4fd3f421c9ed393b289e5efaae46a6" x-cache Hit from cloudfront content-type image/jpeg x-amz-storage-class REDUCED_REDUNDANCY date Mon, 23 Aug 2021 23:09:28 GMT x-amz-cf-pop FRA2-C1 accept-ranges bytes content-length 93584 x-amz-cf-id XJe3SYF_52A4P_9UTtTOGebiejik5V6-P1gCWdm1ygmSdBbNYPAvuQ==
GET H2	200	file.jpg dbq8hrmshvuto.cloudfront.net/assets2/093/022/342/656/normal/	99 KB 100 KB	38ms 37ms	Image image/jpeg	2600:9000:20eb:9800:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/assets2/093/022/342/656/normal/file.jpg Requested by Host: ask.fm URL: https://ask.fm/cloudyarch601 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:9800:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 783d894c134fda111b00793235f25f48dc6418fc419509e1aab7cc9660043320 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 07:49:38 GMT via 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront) last-modified Sat, 11 Apr 2015 02:17:42 GMT server AmazonS3 age 65803 etag "cf57ea080d93eefeffadfdfae72025ba" x-cache Hit from cloudfront x-amz-version-id null x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 101418 x-amz-cf-id IDPDMzIOpA5Vfn6rccAiWqGTVkUGuKYpZa7YL1mu-7t35yMYv_bygQ== expires Mon, 01 Jan 2024 00:00:00 GMT
GET H2	200	761322.jpg dbq8hrmshvuto.cloudfront.net/c35/19c67/42f5/4abf/aa69/d4c3e46ec9fc/normal/	96 KB 96 KB	43ms 42ms	Image image/jpeg	2600:9000:20eb:9800:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/c35/19c67/42f5/4abf/aa69/d4c3e46ec9fc/normal/761322.jpg Requested by Host: ask.fm URL: https://ask.fm/cloudyarch601 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:9800:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5545faa8bc1899e35e97847fedc41dff30e28e8a4a05574373348e8731c01979 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 07:49:38 GMT via 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront) last-modified Sat, 13 Aug 2016 17:16:04 GMT server AmazonS3 age 65803 etag "d3a1eadcda8b20d1f7846fdd09d6a2e2" x-cache Hit from cloudfront x-amz-version-id 7urTxLOpjtnnkJ1y1pLqbMe0QkWe7pP9 x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 98098 x-amz-cf-id Vu8OpbZdTB1r78C2VbCjsHygOrFjhcIf8ZoVBzWS-eHKiAkb8fZ9AA==
GET H2	200	file.jpg dbq8hrmshvuto.cloudfront.net/assets2/152/360/253/440/normal/	96 KB 97 KB	44ms 44ms	Image image/jpeg	2600:9000:20eb:9800:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/assets2/152/360/253/440/normal/file.jpg Requested by Host: ask.fm URL: https://ask.fm/cloudyarch601 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:9800:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a13cd7012c9fc18a83ff9975be2c67ce410ef1f66442fc2a547e2051a160f56f Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 16:04:02 GMT via 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront) last-modified Mon, 28 Mar 2016 23:05:11 GMT server AmazonS3 age 295339 etag "32b2bdf191778e7705347e1eb9cbe901" x-cache Hit from cloudfront x-amz-version-id ba9_MTCWUVkXrHGuZkCbNlamUKahzDQP x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 98388 x-amz-cf-id rL8SDrnm1iC77lYFF0fjhbuuy0-d3wTag36VNJcKlcolcGapOM5YgA== expires Mon, 01 Jan 2024 00:00:00 GMT
GET H2	200	1835315.jpg dbq8hrmshvuto.cloudfront.net/707/18e35/2276/49a0/84a8/2fbee9dfda7a/normal/	77 KB 78 KB	44ms 43ms	Image image/jpeg	2600:9000:20eb:9800:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/707/18e35/2276/49a0/84a8/2fbee9dfda7a/normal/1835315.jpg Requested by Host: ask.fm URL: https://ask.fm/cloudyarch601 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:9800:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 91aa1b99010ca62e5ea1141e1eaf7b3011f57d7ab1a8d75f8185574326451c80 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 15:57:15 GMT via 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront) last-modified Sat, 14 Jan 2017 22:36:56 GMT server AmazonS3 age 36546 etag "1801202dad2f50656051e69ad072e89f" x-cache Hit from cloudfront x-amz-version-id ujKvmT.TSDoxjdnT7E_JeoVAjPsnH.Co x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 79220 x-amz-cf-id gtzBCd_P85URqjMuyzQvTheNp3htBWD2bbNp9w-a2CI6OEYA_6mYPA==
GET H2	200	433136.jpg dbq8hrmshvuto.cloudfront.net/1b7/68ed8/3e7e/4e49/b6d3/afe59ae8aac5/normal/	83 KB 83 KB	44ms 43ms	Image image/jpeg	2600:9000:20eb:9800:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/1b7/68ed8/3e7e/4e49/b6d3/afe59ae8aac5/normal/433136.jpg Requested by Host: ask.fm URL: https://ask.fm/cloudyarch601 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:9800:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7a5fe76168cef12ad32f511b19c1b9d6a2e29253cd2a5ec2a34641a075bad68b Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 06:43:00 GMT via 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront) last-modified Mon, 22 Aug 2016 08:44:32 GMT server AmazonS3 age 69801 etag "2a06f4abbd7a0f0fc20f2bcfc97c10c8" x-cache Hit from cloudfront x-amz-version-id mEMdNmZbABq1aSOkK2FRLNBCLusy6Aq0 x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 84906 x-amz-cf-id SaSrBn_oxtdZIX4y3AfmXhUVEt8I9DNWfYwyW3wk9D8hf2k4Z6x3Eg==
GET H2	200	233911.jpg dbq8hrmshvuto.cloudfront.net/591/354e4/5707/46d5/abc4/176ba1875f40/thumb/	3 KB 3 KB	44ms 43ms	Image image/jpeg	2600:9000:20eb:9800:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/591/354e4/5707/46d5/abc4/176ba1875f40/thumb/233911.jpg Requested by Host: ask.fm URL: https://ask.fm/cloudyarch601 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:9800:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 75289b21864fcc7a41fa568e674618cd362a0b5952f6cbf7cb182f5c560b8644 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 14:05:59 GMT via 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront) last-modified Tue, 28 Jul 2020 08:32:45 GMT server AmazonS3 age 43222 etag "b75beb71edc6c4312a52ff9afda51ba4" x-cache Hit from cloudfront x-amz-version-id DauDOHYJQUTqMfNQJ3fAEhb1nRVhui1i x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 2725 x-amz-cf-id n56UuXulHiKPpQ6kg_jrghqhUjH9QTV1KkKYWtHHDltJ7gY9RmlonQ==
GET H2	200	file.jpg dbq8hrmshvuto.cloudfront.net/assets2/127/075/751/680/normal/	193 KB 194 KB	45ms 44ms	Image image/jpeg	2600:9000:20eb:9800:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/assets2/127/075/751/680/normal/file.jpg Requested by Host: ask.fm URL: https://ask.fm/cloudyarch601 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:9800:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash fc69a63577c15886abbcf01006714d5ade169ffa54ccdb265f17a50405774f53 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 07 Aug 2021 00:53:22 GMT via 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront) last-modified Wed, 30 Sep 2015 08:57:39 GMT server AmazonS3 age 1473179 etag "f204987da337cdd64140b4f77a87542e" x-cache Hit from cloudfront x-amz-version-id null x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 197941 x-amz-cf-id MagQiMAK2aMpQU2Kjms6l_4F00PhEJqVOm3ArH3nB1iTqL1NTgslYw== expires Mon, 01 Jan 2024 00:00:00 GMT
GET H2	200	fontello-4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316.woff2 d3r6ceqp4shltl.cloudfront.net/assets/	17 KB 18 KB	23ms 8ms	Font application/font-woff2	2600:9000:21f3:3c00:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/fontello-4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316.woff2 Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:3c00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Origin https://ask.fm Referer https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 29 Apr 2021 07:03:25 GMT via 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront) vary Accept-Encoding,Origin age 10090975 x-cache Hit from cloudfront strict-transport-security max-age=63072000 content-length 17880 last-modified Thu, 29 Apr 2021 05:41:49 GMT server Ask.FM Web Service etag "608a471d-45d8" access-control-max-age 3000 access-control-allow-methods GET content-type application/font-woff2 access-control-allow-origin https://ask.fm cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA2-C2 accept-ranges bytes x-amz-cf-id MGjGHVKZFrlvAGtMNtfA1OMEzgnl1Tuz5t0j-Tr2rZCp1dg4iK3mHA== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	proximanova-semibold-41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401.woff2 d3r6ceqp4shltl.cloudfront.net/assets/	25 KB 25 KB	27ms 12ms	Font application/font-woff2	2600:9000:21f3:3c00:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/proximanova-semibold-41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401.woff2 Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:3c00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Origin https://ask.fm Referer https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 25 Feb 2021 11:14:43 GMT via 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront) vary Accept-Encoding,Origin age 15519097 x-cache Hit from cloudfront strict-transport-security max-age=63072000 content-length 25400 last-modified Wed, 06 Sep 2017 12:36:34 GMT server Ask.FM Web Service etag "59afebd2-6338" access-control-max-age 3000 access-control-allow-methods GET content-type application/font-woff2 access-control-allow-origin https://ask.fm cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA2-C2 accept-ranges bytes x-amz-cf-id 5__KFkSaYkUJEZCUtDwTnJbaPNwvbf3hZ4K6mvVlRZoPQzYNWyzUfw== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	proximanovareg-98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f.woff2 d3r6ceqp4shltl.cloudfront.net/assets/	51 KB 52 KB	29ms 14ms	Font application/font-woff2	2600:9000:21f3:3c00:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/proximanovareg-98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f.woff2 Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:3c00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Origin https://ask.fm Referer https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 17 Apr 2021 07:55:47 GMT via 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront) vary Accept-Encoding,Origin age 11124633 x-cache Hit from cloudfront strict-transport-security max-age=63072000 content-length 52204 last-modified Wed, 02 Aug 2017 08:00:22 GMT server Ask.FM Web Service etag "59818696-cbec" access-control-max-age 3000 access-control-allow-methods GET content-type application/font-woff2 access-control-allow-origin https://ask.fm cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA2-C2 accept-ranges bytes x-amz-cf-id BjErbyIhKK2gJfacNnobmVf-sOkyXXMcSU6myc5wEV09BfIsOr1-Pg== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	400	sync_cookie_image_decide mc.yandex.com/ Redirect Chain https://mc.yandex.com/sync_cookie_image_check https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9374.2ytUBo_3S4GtaGhwlXug1jciwiHCpTOhuy8v_3jtPWonz18TCiwHQXhqtl1IyaMA.hKsamFQ98rib0kBzLHsoiX1NO1c%2C https://mc.yandex.com/sync_cookie_image_decide?token=9374.DHmy4-SgRimgCaE13OVAsQpY53lppo6UEdSTPqDkBVWBaclBuHOLZO9SDNkj0JdIcN3jFroiHXAFrNOolxPplg%2C%2C.wpfmpC8O072AgIKAtKgzKElPt6Q%2C	75 B 75 B	48ms 47ms	Image text/html	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/sync_cookie_image_decide?token=9374.DHmy4-SgRimgCaE13OVAsQpY53lppo6UEdSTPqDkBVWBaclBuHOLZO9SDNkj0JdIcN3jFroiHXAFrNOolxPplg%2C%2C.wpfmpC8O072AgIKAtKgzKElPt6Q%2C Requested by Host: ask.fm URL: https://ask.fm/cloudyarch601 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 24 Aug 2021 02:06:20 GMT strict-transport-security max-age=31536000 content-length 75 x-xss-protection 1; mode=block content-type text/html; charset=utf-8 Redirect headers location https://mc.yandex.com/sync_cookie_image_decide?token=9374.DHmy4-SgRimgCaE13OVAsQpY53lppo6UEdSTPqDkBVWBaclBuHOLZO9SDNkj0JdIcN3jFroiHXAFrNOolxPplg%2C%2C.wpfmpC8O072AgIKAtKgzKElPt6Q%2C date Tue, 24 Aug 2021 02:06:20 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
GET H2	200	advert.gif mc.yandex.com/metrika/	43 B 112 B	45ms 44ms	Image image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/metrika/advert.gif Requested by Host: ask.fm URL: https://ask.fm/cloudyarch601 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 24 Aug 2021 02:06:20 GMT last-modified Mon, 23 Aug 2021 15:54:40 GMT etag "6123bebf-2b" strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes content-length 43 expires Tue, 24 Aug 2021 03:06:20 GMT
GET H2	200	1 Show response mc.yandex.com/watch/48953915/ Redirect Chain https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fcloudyarch601&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A738%3Afu%3A0%3Aen%3Autf-8%3... https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fcloudyarch601&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A738%3Afu%3A0%3Aen%3Autf-8...	383 B 465 B	48ms 47ms	XHR application/json	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fcloudyarch601&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A738%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A624%3Acn%3A1%3Adp%3A0%3Als%3A1475694268030%3Ahid%3A538969228%3Az%3A120%3Ai%3A20210824040620%3Aet%3A1629770781%3Ac%3A1%3Arn%3A906327391%3Au%3A1629770781782379249%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629770779687%3Ads%3A1%2C403%2C186%2C4%2C0%2C0%2C%2C68%2C5%2C%2C%2C%2C663%3Adsn%3A1%2C403%2C187%2C4%2C%2C0%2C%2C66%2C6%2C%2C%2C%2C662%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629770781%3At%3AAccount%20Suspended%20-%20Ask.fm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 6f2b61a280d487d60dccecb64fbfd1a4a61cf6600ecc6acabc0beb710ceb1426 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 24 Aug 2021 02:06:20 GMT x-content-type-options nosniff last-modified Tue, 24-Aug-2021 02:06:20 GMT strict-transport-security max-age=31536000 content-type application/json; charset=utf-8 access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 383 x-xss-protection 1; mode=block expires Tue, 24-Aug-2021 02:06:20 GMT Redirect headers pragma no-cache date Tue, 24 Aug 2021 02:06:20 GMT last-modified Tue, 24-Aug-2021 02:06:20 GMT location /watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fcloudyarch601&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A738%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A624%3Acn%3A1%3Adp%3A0%3Als%3A1475694268030%3Ahid%3A538969228%3Az%3A120%3Ai%3A20210824040620%3Aet%3A1629770781%3Ac%3A1%3Arn%3A906327391%3Au%3A1629770781782379249%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629770779687%3Ads%3A1%2C403%2C186%2C4%2C0%2C0%2C%2C68%2C5%2C%2C%2C%2C663%3Adsn%3A1%2C403%2C187%2C4%2C%2C0%2C%2C66%2C6%2C%2C%2C%2C662%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629770781%3At%3AAccount%20Suspended%20-%20Ask.fm strict-transport-security max-age=31536000 access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Tue, 24-Aug-2021 02:06:20 GMT
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	3 KB 2 KB	6ms 6ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 55e54c8128a9f3aef4defd4e0307e75fd813d78f290b11d3926715c21ae8aaf3 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 t40h70PEkJsZijQtLD4exA== cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 1684 x-fb-rlafr 0 x-fb-debug hFGw49rDb7RRdmSkFVhf3N13860BIZi2OqWRcm8bqEQpgE4pCF4/Y7AjeTcKREeOi37Yw2AYfETaB0hEK6K57w== x-fb-trip-id 917726464 x-fb-content-md5 f67d671223ceec4f20f180b684f15c9c x-frame-options DENY date Tue, 24 Aug 2021 02:06:20 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 etag "e65db97504e8ef592e7cde8dcea6d26e" timing-allow-origin * priority u=3,i expires Tue, 24 Aug 2021 02:08:04 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	90 KB 36 KB	15ms 15ms	Script application/javascript	2a00:1450:4001:82a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NDJVZHZ Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 5e5bbd451ead116a3ea0fbd3036069b07d24e99d5b9eef4cff9765b114242439 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 24 Aug 2021 02:06:20 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36548 x-xss-protection 0 last-modified Tue, 24 Aug 2021 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 24 Aug 2021 02:06:20 GMT
GET H2	200	3eb3366e-65c3-4a24-90f5-0026136a4131.min.js Show response cmp.optad360.io/items/	2 B 362 B	123ms 8ms	Script application/javascript	2600:9000:21f3:de00:6:b871:4f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.optad360.io/items/3eb3366e-65c3-4a24-90f5-0026136a4131.min.js Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:de00:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 24 Aug 2021 01:53:56 GMT via 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront) last-modified Wed, 28 Apr 2021 09:49:58 GMT server AmazonS3 age 745 etag "99914b932bd37a50b983c5e7c90ae93b" x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=3600 x-amz-cf-pop FRA2-C2 accept-ranges bytes content-length 2 x-amz-cf-id UvTEwRaTaxuWHp2SPkGvGJRmkkRfAqj9sgtwVqSUyCijGMHGDVJCOA==
GET H2	200	plugin.min.js Show response get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/	222 KB 50 KB	121ms 7ms	Script application/javascript	2600:9000:21f3:1c00:11:a4de:2580:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:1c00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 523f7c911bad399274fd6b5344f416d976335ea365a709e7400335a1b8a29d59 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 24 Aug 2021 01:19:45 GMT content-encoding gzip last-modified Tue, 17 Aug 2021 15:08:20 GMT server AmazonS3 age 2796 etag W/"4f6443b257506669739f71e2a9030d1b" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront) cache-control public, max-age=3600 x-amz-cf-pop FRA2-C2 x-amz-cf-id yy0gfwtVOYrjvef6AeR-86jbV7Iu--8AHypg2UN8vcZkElm7GkxhZg==
GET H3-29	200	sdk.js Show response connect.facebook.net/en_US/	230 KB 67 KB	13ms 6ms	Script application/x-javascript	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js?hash=eaa056e8ed65e52e9f3faafca6c30a41 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash d66696cc269975a9bed14b21c90725a22e6c6be792bd70f8c84812de240e78c4 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 CnLssqjjz6Z5E4VnSxWC+A== cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 68320 x-fb-rlafr 0 x-fb-debug 7kac0CJHsIcba5sYME3l7XqUC9AJOaKJUALbAmu1KYPJPjkUMumyymSJsz6vYE3JBlN/s0BzKBIq/j6SAJjY9g== x-fb-content-md5 322f2e7a6fa17e9a8b107cd3bd307a50 x-frame-options DENY date Tue, 24 Aug 2021 02:06:20 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable etag "b87e2117358b4f97e28d1bb59451a722" timing-allow-origin * priority u=3,i expires Wed, 24 Aug 2022 01:41:10 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 147 B	6ms 6ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=129215213762342&ev=fb_page_view&dl=https%3A%2F%2Fask.fm%2Fcloudyarch601&rl=&if=false&ts=1629770780909&sw=1600&sh=1200&at= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 24 Aug 2021 02:06:20 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Tue, 24 Aug 2021 02:06:20 GMT
GET H2	200	prebid5.2.0.js Show response get.optad360.io/sf/	437 KB 135 KB	7ms 7ms	Script application/javascript	2600:9000:21f3:1c00:11:a4de:2580:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://get.optad360.io/sf/prebid5.2.0.js Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:1c00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a923230515fe265da1f93fcd02d41e37ef4e6bc157358768313d7cb9e5efb7a6 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 00:45:24 GMT content-encoding gzip last-modified Fri, 25 Jun 2021 12:08:33 GMT server AmazonS3 age 1214457 etag W/"3f120fb160292782175c18b2de386caf" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront) cache-control public, max-age=360000000 x-amz-cf-pop FRA2-C2 x-amz-cf-id NtuJ4Ye-OdkVqLS2yXuqWGXOzw9f0oJnefJVhMjn9WEPt3afXLekMg==
OPTIONS H2	200	json gum.criteo.com/sid/ Frame	0 0	73ms 24ms	Preflight application/json	2a02:2638::1c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1 Protocol H2 Server 2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin https://ask.fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache content-type application/json; charset=utf-8 expires 0 strict-transport-security max-age=31536000 access-control-allow-origin https://ask.fm access-control-allow-headers content-type access-control-allow-credentials true access-control-allow-methods GET server-processing-duration-in-ticks 1432 date Tue, 24 Aug 2021 02:06:21 GMT content-encoding gzip vary Accept-Encoding
OPTIONS H2	200	openrtb adx.adform.net/adx/ Frame	0 0	116ms 37ms	Preflight	37.157.6.246 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/openrtb Protocol H2 Server 37.157.6.246 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://ask.fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers server nginx date Tue, 24 Aug 2021 02:06:21 GMT content-length 0 cache-control private access-control-allow-origin https://ask.fm access-control-allow-credentials true access-control-allow-methods GET, POST access-control-allow-headers Content-Type, Cache-Control, Accept-Encoding, X-Requested-With access-control-max-age 86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" strict-transport-security max-age=31536000; includeSubDomains
GET H2	200	latest.json Show response cdn.jsdelivr.net/gh/prebid/currency-file@1/	2 KB 1 KB	18ms 6ms	XHR application/json	2a04:4e42:3::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210824 Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 056ca9e5ccf8bebe6f90ab7cfc6a3405d4185929f1b8361eea81d51f9e7a7dd2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 39172 x-jsd-version 1.0.1078 x-cache HIT cross-origin-resource-policy cross-origin content-length 938 etag W/"6a0-VlQrY62cAsNgXyAvKNCtpPKSNCo" x-served-by cache-fra19165-FRA x-jsd-version-type version date Tue, 24 Aug 2021 02:06:21 GMT vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H2	200	sid Show response mug.criteo.com/ Redirect Chain https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1 https://mug.criteo.com/sid?cpp=lbQ4yHxmakUvT1cxZEFDSWd6aDg2SjVqU1I2YlNWRWhpNFB6QjFkd25OTEhvZEpOL0x2UlJRZ0FRVCtWRXVsYTRhS1MxbHpKcDRwZXNtS2owSGQwaEZXWXAxcjYrL1hsNDZ0S21ick1qMHdRcnVRSWF6aWtlSUFLeGxMdU...	324 B 587 B	205ms 71ms	XHR application/json	178.250.0.157 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=lbQ4yHxmakUvT1cxZEFDSWd6aDg2SjVqU1I2YlNWRWhpNFB6QjFkd25OTEhvZEpOL0x2UlJRZ0FRVCtWRXVsYTRhS1MxbHpKcDRwZXNtS2owSGQwaEZXWXAxcjYrL1hsNDZ0S21ick1qMHdRcnVRSWF6aWtlSUFLeGxMdUVHTVBkcXViMFdkQllIbHFldnRpMXRoY21EUXdZRmJHUTJmaTFJLy90NGxqbElGVk9kdG9ISDFzd2tKdmU5eHVPWlQwWEl1ZmFUSVBNYmxUMDVLeGd2ZXlndW5VSmVPVUNHUkNDTURMYlhwaWZ2OUwxL1NRPXw&cppv=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash 478edfea0f204e898894fb3fe456e26b655b9a348f2a102106a3d49408d7385e Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 content-encoding gzip date Tue, 24 Aug 2021 02:06:20 GMT vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin null cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 5077 expires 0 Redirect headers pragma no-cache strict-transport-security max-age=31536000 date Tue, 24 Aug 2021 02:06:20 GMT location https://mug.criteo.com/sid?cpp=lbQ4yHxmakUvT1cxZEFDSWd6aDg2SjVqU1I2YlNWRWhpNFB6QjFkd25OTEhvZEpOL0x2UlJRZ0FRVCtWRXVsYTRhS1MxbHpKcDRwZXNtS2owSGQwaEZXWXAxcjYrL1hsNDZ0S21ick1qMHdRcnVRSWF6aWtlSUFLeGxMdUVHTVBkcXViMFdkQllIbHFldnRpMXRoY21EUXdZRmJHUTJmaTFJLy90NGxqbElGVk9kdG9ISDFzd2tKdmU5eHVPWlQwWEl1ZmFUSVBNYmxUMDVLeGd2ZXlndW5VSmVPVUNHUkNDTURMYlhwaWZ2OUwxL1NRPXw&cppv=2 access-control-allow-methods GET content-type text/html; charset=utf-8 access-control-allow-origin https://ask.fm cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 1682 content-length 482 expires 0
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	144 B 1 KB	163ms 67ms	XHR application/json	185.33.221.15 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash a8fa47b6bdf45f89f196ee353d33729a4eebc697602c63d94b9831bb18942647 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Tue, 24 Aug 2021 02:06:21 GMT X-Proxy-Origin 185.236.42.214; 185.236.42.214; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 4ca3d0f2-fd6d-4bd2-942a-17a6c4887155 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://ask.fm Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 144 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	200	c Show response prebid.a-mo.net/a/	861 B 778 B	397ms 167ms	XHR application/json	147.75.38.124 PACKET
General Check archive.org Show headers Download Go to Full URL https://prebid.a-mo.net/a/c Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash 042b93e357d56321cfe73026dfbb7f5fbcd0a96190ea9408a1673cae272c10a5 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Tue, 24 Aug 2021 02:06:20 GMT content-encoding gzip server envoy vary origin, accept-encoding content-type application/json; charset=utf-8 access-control-allow-origin https://ask.fm cache-control max-age=0, private, must-revalidate access-control-allow-credentials true x-envoy-upstream-service-time 51 content-length 355
POST H2	200	prebid-request Show response onetag-sys.com/	15 B 502 B	182ms 67ms	XHR application/json	51.89.9.254 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/prebid-request Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip254.ip-51-89-9.eu Software / Resource Hash 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=15552000 content-encoding gzip p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' access-control-allow-origin https://ask.fm cache-control no-transform, no-cache access-control-allow-credentials true content-type application/json access-control-allow-headers content-type, origin, referer, user-agent content-length 41
POST H2	204	apacdex Show response useast.quantumdex.io/auction/	0 622 B	246ms 230ms	XHR text/plain	2606:4700:20::681a:34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://useast.quantumdex.io/auction/apacdex Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Tue, 24 Aug 2021 02:06:21 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-allow-methods POST, GET access-control-allow-origin https://ask.fm report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OHdeVHYKdtzRbri7J7HACZPsHLW7b2s1RRADYnltsJRu0fkr7R%2FWH9hyfN4tTNSXQTAEi%2FBpE%2BEPfKHlZsha92cRUb8HqCCA9Kn1VoVsIZbU81jfspJzhQGXFEfkFL6Muo%2B%2BAFeoIDA5LL1YlP6I9mqe"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 68390555bb974e5b-FRA
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	145 B 1 KB	166ms 67ms	XHR application/json	185.33.221.15 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash a64464cf20519c279cfddebd30667fb7ebe2d2c1eec169ab5e7fd5e373482571 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Tue, 24 Aug 2021 02:06:21 GMT X-Proxy-Origin 185.236.42.214; 185.236.42.214; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 76046645-08f5-4001-9ddf-d81b7fa4814f Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://ask.fm Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 145 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	204	openrtb Show response adx.adform.net/adx/	0 402 B	196ms 120ms	XHR text/plain	37.157.6.246 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/openrtb Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.246 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json Response headers pragma no-cache date Tue, 24 Aug 2021 02:06:21 GMT server nginx access-control-max-age 86400 access-control-allow-methods GET, POST p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin https://ask.fm cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers Content-Type, Cache-Control, Accept-Encoding, X-Requested-With expires -1
GET H2	200	cygnus Show response htlb.casalemedia.com/	25 B 368 B	187ms 74ms	XHR application/json	184.31.84.150 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://htlb.casalemedia.com/cygnus?s=425272&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22130a09e6069c457%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fask.fm%2Fcloudyarch601%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.2.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214521b32eb5a203%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2214521b32eb5a203%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22750x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A750%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2214521b32eb5a203%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-31-84-150.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 41a0640fd348a714b428b103642c6b71c9a951f380f3d76d6ba7f0f83e79cd41 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 24 Aug 2021 02:06:21 GMT content-encoding gzip x-ak-initial-geo CC:[SE], RC:[AB], CN:[EU], CIP:[185.236.42.214], XFF:[] server Apache vary Is-Traffic-Invalid,Accept-Encoding content-type application/json access-control-allow-origin https://ask.fm x-cs-client-geo 10 cache-control max-age=0, no-cache, no-store access-control-allow-credentials true content-length 45 x-ak-client-geo 10 expires Tue, 24 Aug 2021 02:06:21 GMT
OPTIONS H2	200	sid mug.criteo.com/ Frame	0 0	200ms 65ms	Preflight application/json	178.250.0.157 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=lbQ4yHxmakUvT1cxZEFDSWd6aDg2SjVqU1I2YlNWRWhpNFB6QjFkd25OTEhvZEpOL0x2UlJRZ0FRVCtWRXVsYTRhS1MxbHpKcDRwZXNtS2owSGQwaEZXWXAxcjYrL1hsNDZ0S21ick1qMHdRcnVRSWF6aWtlSUFLeGxMdUVHTVBkcXViMFdkQllIbHFldnRpMXRoY21EUXdZRmJHUTJmaTFJLy90NGxqbElGVk9kdG9ISDFzd2tKdmU5eHVPWlQwWEl1ZmFUSVBNYmxUMDVLeGd2ZXlndW5VSmVPVUNHUkNDTURMYlhwaWZ2OUwxL1NRPXw&cppv=2 Protocol H2 Server 178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin null User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache content-type application/json; charset=utf-8 expires 0 strict-transport-security max-age=31536000 access-control-allow-origin null access-control-allow-headers content-type access-control-allow-credentials true access-control-allow-methods GET server-processing-duration-in-ticks 2404 date Tue, 24 Aug 2021 02:06:21 GMT content-encoding gzip vary Accept-Encoding
POST H2	200	48953915 Show response mc.yandex.com/webvisor/	43 B 145 B	90ms 90ms	XHR image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=538969228&page-url=https%3A%2F%2Fask.fm%2Fcloudyarch601&rn=549068970&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1629770783%3Aw%3A1600x1200%3Av%3A624%3Az%3A120%3Ai%3A20210824040623%3Au%3A1629770781782379249%3Avf%3A25rt5xty9edhsiwwad%3Awe%3A1%3Ati%3A2%3Ast%3A1629770783 Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 24 Aug 2021 02:06:23 GMT last-modified Tue, 24-Aug-2021 02:06:23 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Tue, 24-Aug-2021 02:06:23 GMT
POST H2	200	48953915 Show response mc.yandex.com/webvisor/	43 B 73 B	89ms 88ms	XHR image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=538969228&page-url=https%3A%2F%2Fask.fm%2Fcloudyarch601&rn=907431012&wv-type=5&browser-info=gdpr%3A14%3Aet%3A1629770783%3Aw%3A1600x1200%3Av%3A624%3Az%3A120%3Ai%3A20210824040623%3Au%3A1629770781782379249%3Avf%3A25rt5xty9edhsiwwad%3Awe%3A1%3Ati%3A2%3Ast%3A1629770783 Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 24 Aug 2021 02:06:23 GMT last-modified Tue, 24-Aug-2021 02:06:23 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Tue, 24-Aug-2021 02:06:23 GMT
OPTIONS H2	200	openrtb adx.adform.net/adx/ Frame	0 0	37ms 37ms	Preflight	37.157.6.246 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/openrtb Protocol H2 Server 37.157.6.246 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://ask.fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers server nginx date Tue, 24 Aug 2021 02:06:24 GMT content-length 0 cache-control private access-control-allow-origin https://ask.fm access-control-allow-credentials true access-control-allow-methods GET, POST access-control-allow-headers Content-Type, Cache-Control, Accept-Encoding, X-Requested-With access-control-max-age 86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" strict-transport-security max-age=31536000; includeSubDomains
GET H2	200	optad360.js Show response serving.stat-rock.com/player/	304 KB 95 KB	153ms 34ms	Script application/javascript	95.217.114.174 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://serving.stat-rock.com/player/optad360.js Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.114.174 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS ap10.adplayer.pro Software nginx / Resource Hash 3ffd3c012ea6753cd0373b0c79c43ab8a1915dd112e15c821ea654e8b01739ed Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 24 Aug 2021 02:06:24 GMT content-encoding gzip last-modified Fri, 18 Jun 2021 08:28:33 GMT server nginx etag W/"60cc5931-4beb9" vary Accept-Encoding content-type application/javascript cache-control public, max-age=600
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	145 B 1 KB	54ms 54ms	XHR application/json	185.33.221.15 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 33be2612bc35e4fa55afa18007e31704a68e40f2d2d37cfce7f2a107de3b7bf8 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Tue, 24 Aug 2021 02:06:24 GMT X-Proxy-Origin 185.236.42.214; 185.236.42.214; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 898d89de-e36f-430e-8521-e327f5b564cc Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://ask.fm Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 145 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	200	prebid-request Show response onetag-sys.com/	15 B 502 B	76ms 75ms	XHR application/json	51.89.9.254 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/prebid-request Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip254.ip-51-89-9.eu Software / Resource Hash 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=15552000 content-encoding gzip p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' access-control-allow-origin https://ask.fm cache-control no-transform, no-cache access-control-allow-credentials true content-type application/json access-control-allow-headers content-type, origin, referer, user-agent content-length 41
POST H2	204	openrtb Show response adx.adform.net/adx/	0 401 B	93ms 93ms	XHR text/plain	37.157.6.246 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/openrtb Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.246 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json Response headers pragma no-cache date Tue, 24 Aug 2021 02:06:24 GMT server nginx access-control-max-age 86400 access-control-allow-methods GET, POST p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin https://ask.fm cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers Content-Type, Cache-Control, Accept-Encoding, X-Requested-With expires -1
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	139 B 811 B	47ms 47ms	XHR application/json	185.33.221.15 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash b54030ddfd847d71174bbe092ff4ff7373a5665af1f5166aae34c262dda01cd2 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Tue, 24 Aug 2021 02:06:24 GMT X-Proxy-Origin 185.236.42.214; 185.236.42.214; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 470a331b-120c-45bd-abb6-6f852a56e4d8 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://ask.fm Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 139 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET DATA	200 OK	truncated /	630 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	410 Gone	Cookie set cloudyarch601 Show response ask.fm/	11 KB 12 KB	187ms 187ms	XHR text/html	193.138.77.141 ASK-FM
General Check archive.org Show headers Download Go to Full URL https://ask.fm/cloudyarch601 Requested by Host: serving.stat-rock.com URL: https://serving.stat-rock.com/player/optad360.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.138.77.141 , Latvia, ASN395754 (ASK-FM, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 1c571422d74575db53dbdc04e296bc6cf143a8eaccdcdc781e31eb7f8a51e1c3 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host ask.fm Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Accept */* Cache-Control no-cache Sec-Fetch-Dest empty Referer https://ask.fm/cloudyarch601 Connection keep-alive Referer https://ask.fm/cloudyarch601 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 24 Aug 2021 02:06:24 GMT X-Content-Type-Options nosniff Server Ask.FM Web Service X-Frame-Options SAMEORIGIN Strict-Transport-Security max-age=63072000 Content-Type text/html; charset=utf-8 Status 410 Gone Cache-Control no-cache Transfer-Encoding chunked Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Set-Cookie locale=en; path=/; expires=Wed, 24 Aug 2022 08:06:24 -0000 uuid=92259efc-b3d6-4271-b35c-b6a17ca86cca; path=/; expires=Wed, 24 Aug 2022 08:06:24 -0000; secure; HttpOnly country=SE; path=/; expires=Wed, 24 Aug 2022 08:06:24 -0000 _m_ask_fm_session=V1V0Z1ladzJxd3AwQ2E4UldHK05iVjlTRlpoRVF2alRtcXNNKzE5Nmxsek1pKzhOaTBEZXNBRER3aXJ4OHBzcERvSmdHYjZHcXJjMG9IVDAwMitmb3BHNjFPb2dRNEl2bHl5eHpRTkd0RmNUNmpxTTVnUVBBWHR0V2ptVzdNSnNWcG1LSXdwWnk2SnNKalpQbHRJd1NMR05wWlVUbkZ4eCt2dGNJMExjRzB4a082Q1g3TmNOcit2QWdHajM4RUt5UkRhTktCRDlmTmpVN21xN3hlRERsMXRCQlAwbEdIcHV1OEdDMVVyUm5DT0UyWGFkd1lzMHg2NlY3VUlUeFZtMi0tNGVjVWUwNVVRRXZlNHJxOEkyVkdudz09--fa584cfa22cda1af52e6577fe30e6f128b596941; path=/; expires=Fri, 27 Aug 2021 02:06:24 -0000; secure; HttpOnly X-XSS-Protection 1; mode=block
GET H2	200	1 serving.stat-rock.com/v1/log/js/	35 B 163 B	105ms 34ms	Image image/gif	95.217.114.174 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://serving.stat-rock.com/v1/log/js/1?id=1629770784305.2786&type=INIT&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fcloudyarch601&t=88&v=91&width=400&z=p%3Adf%3Bv%3AinView%3B&r=0.38460332369496397 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.114.174 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS ap10.adplayer.pro Software nginx / Resource Hash 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540 Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://ask.fm date Tue, 24 Aug 2021 02:06:24 GMT srvf 95.217.114.174 server nginx srvb 127.0.0.1:8082 content-length 35 content-type image/gif
GET H2	200	1 serving.stat-rock.com/v1/log/js/	35 B 162 B	105ms 35ms	Image image/gif	95.217.114.174 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://serving.stat-rock.com/v1/log/js/1?id=1629770784305.2786&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fcloudyarch601&t=94&v=91&width=400&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.3158448853753191 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.114.174 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS ap10.adplayer.pro Software nginx / Resource Hash 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540 Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://ask.fm date Tue, 24 Aug 2021 02:06:24 GMT srvf 95.217.114.174 server nginx srvb 127.0.0.1:8082 content-length 35 content-type image/gif
GET H2	200	apacdex Show response sync.quantumdex.io/usersync/ Frame AA6B	3 KB 1 KB	144ms 136ms	Document text/html	2606:4700:20::681a:34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sync.quantumdex.io/usersync/apacdex Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dba3dd123a55911b89473e71bbed38b73c47a66af886cac8aefe51eae04a7494 Request headers :method GET :authority sync.quantumdex.io :scheme https :path /usersync/apacdex pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ask.fm/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers date Tue, 24 Aug 2021 02:06:24 GMT content-type text/html set-cookie uid=1f2db1f6-5652-405d-9718-d1f73d22f810; expires=Mon, 13 Sep 2021 02:06:24 GMT; domain=quantumdex.io; path=/; secure; SameSite=None cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Cyd2oDGnM6tTfORKbqCDw2W0mU15dIZUQm9dpSgO5iUGpSMxDVHgCliQa8vrXXMe8G3zdz1vSBe%2B30u0tp1NolczrpOohag44kKZ9NcnyTy7h6JXGZIC6JsrlgBI%2Bgrls1LjUwuoYVWk1FWaEZ1dA%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6839056aefb84e5b-FRA content-encoding br
GET H2	200	/ Show response onetag-sys.com/usync/ Frame 9FC6	3 KB 1 KB	60ms 60ms	Document text/html	51.89.9.254 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/usync/?cb=1629770781241 Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip254.ip-51-89-9.eu Software / Resource Hash b425c56e0c2a9f035d71017cf657f189bfae03668647b4383de7b3a1e2cf0dcb Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers :method GET :authority onetag-sys.com :scheme https :path /usync/?cb=1629770781241 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ask.fm/ accept-encoding gzip, deflate, br accept-language en-US cookie OTP=iUKrJMagcndb6on5Avy0wJq3bNIfK-gBcPElZ6tfbkk Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' set-cookie OTP=1acLOUT6NfTZ2WAgofd0un_5F34QGbNDcxvzSrmmUnc; path=/; expires=Thu, 24 Aug 2023 02:06:24; domain=onetag-sys.com; SameSite=None; Secure content-type text/html cache-control no-transform, no-cache content-encoding gzip content-length 1130 strict-transport-security max-age=15552000
GET H/1.1	200 OK	ixmatch.html Show response js-sec.indexww.com/um/ Frame 2383	2 KB 1 KB	185ms 56ms	Document text/html	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://js-sec.indexww.com/um/ixmatch.html Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c Request headers Host js-sec.indexww.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://ask.fm/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers Server Apache Last-Modified Thu, 11 Feb 2021 16:12:45 GMT ETag "e20015-90b-5bb11ca420f07" Accept-Ranges bytes P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type text/html; charset=UTF-8 Vary Accept-Encoding Content-Encoding gzip Content-Length 1151 Date Tue, 24 Aug 2021 02:06:24 GMT Connection keep-alive
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/dmp/ Frame 5CE9	52 KB 17 KB	182ms 54ms	Document text/html	151.101.13.108 FASTLY
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx/1.13.10 / Resource Hash 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://ask.fm/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie icu=ChgI_t1aEAoYASABKAEwoKiRiQY4AUABSAEQoKiRiQYYAA..; uuid2=2795173456352819425 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers Connection keep-alive Content-Length 17053 Server nginx/1.13.10 Content-Type text/html Last-Modified Wed, 02 Dec 2020 20:56:47 GMT ETag W/"5fc7ff8f-cf34" Expires Fri, 30 Jul 2021 04:43:13 GMT Cache-Control max-age=86402 Access-Control-Allow-Origin * Content-Encoding gzip Via 1.1 varnish, 1.1 varnish Accept-Ranges bytes Date Tue, 24 Aug 2021 02:06:24 GMT Age 76867 X-Served-By cache-lga21936-LGA, cache-fra19127-FRA X-Cache HIT, HIT X-Cache-Hits 1, 497900 X-Timer S1629770785.615808,VS0,VE0 Vary Accept-Encoding
GET H2	200	/ Show response onetag-sys.com/usync/ Frame A3E5	3 KB 1 KB	60ms 59ms	Document text/html	51.89.9.254 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/usync/?cb=1629770784078 Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip254.ip-51-89-9.eu Software / Resource Hash b425c56e0c2a9f035d71017cf657f189bfae03668647b4383de7b3a1e2cf0dcb Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers :method GET :authority onetag-sys.com :scheme https :path /usync/?cb=1629770784078 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ask.fm/ accept-encoding gzip, deflate, br accept-language en-US cookie OTP=iUKrJMagcndb6on5Avy0wJq3bNIfK-gBcPElZ6tfbkk Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' set-cookie OTP=EzP9y05RjPIkPXlyr4QoARRtFOoS18jFGedX4O3vqXU; path=/; expires=Thu, 24 Aug 2023 02:06:24; domain=onetag-sys.com; SameSite=None; Secure content-type text/html cache-control no-transform, no-cache content-encoding gzip content-length 1130 strict-transport-security max-age=15552000
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/dmp/ Frame E07D	52 KB 17 KB	185ms 59ms	Document text/html	151.101.13.108 FASTLY
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx/1.13.10 / Resource Hash 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://ask.fm/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie icu=ChgI_t1aEAoYASABKAEwoKiRiQY4AUABSAEQoKiRiQYYAA..; uuid2=2795173456352819425 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers Connection keep-alive Content-Length 17053 Server nginx/1.13.10 Content-Type text/html Last-Modified Wed, 02 Dec 2020 20:56:47 GMT ETag W/"5fc7ff8f-cf34" Expires Fri, 30 Jul 2021 04:43:13 GMT Cache-Control max-age=86402 Access-Control-Allow-Origin * Content-Encoding gzip Via 1.1 varnish, 1.1 varnish Accept-Ranges bytes Date Tue, 24 Aug 2021 02:06:24 GMT Age 76867 X-Served-By cache-lga21936-LGA, cache-fra19177-FRA X-Cache HIT, HIT X-Cache-Hits 1, 520062 X-Timer S1629770785.620897,VS0,VE0 Vary Accept-Encoding
GET H2	204	setuid prebid.a-mo.net/ Redirect Chain https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3De8e325bf-ae90-408b-95ad-82a9d4c25a64%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3De8e325bf-ae90-408b-95ad-82a9d4c25a64%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true https://prebid.a-mo.net/setuid?A=e8e325bf-ae90-408b-95ad-82a9d4c25a64&D=&bidder=sovrn&uid=41baaf0d99f4e714bc46a8b0	0 116 B	120ms 120ms	Image text/plain	147.75.38.124 PACKET
General Check archive.org Show headers Download Go to Show image Full URL https://prebid.a-mo.net/setuid?A=e8e325bf-ae90-408b-95ad-82a9d4c25a64&D=&bidder=sovrn&uid=41baaf0d99f4e714bc46a8b0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 24 Aug 2021 02:06:24 GMT cache-control max-age=0, private, must-revalidate x-envoy-upstream-service-time 4 server envoy vary Accept-Encoding Redirect headers Date Tue, 24 Aug 2021 02:06:24 GMT Server nginx Location https://prebid.a-mo.net/setuid?A=e8e325bf-ae90-408b-95ad-82a9d4c25a64&D=&bidder=sovrn&uid=41baaf0d99f4e714bc46a8b0 Access-Control-Allow-Methods GET, POST, DELETE, PUT Access-Control-Allow-Origin * Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap7ams1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 0
GET H2	204	setuid prebid.a-mo.net/ Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3De8e325bf-ae90-408b-95ad-82a9d4c25a64%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID https://prebid.a-mo.net/setuid?A=e8e325bf-ae90-408b-95ad-82a9d4c25a64&D=&bidder=appnexus&uid=2795173456352819425	0 154 B	120ms 112ms	Image text/plain	147.75.38.124 PACKET
General Check archive.org Show headers Download Go to Show image Full URL https://prebid.a-mo.net/setuid?A=e8e325bf-ae90-408b-95ad-82a9d4c25a64&D=&bidder=appnexus&uid=2795173456352819425 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 24 Aug 2021 02:06:23 GMT cache-control max-age=0, private, must-revalidate x-envoy-upstream-service-time 1 server envoy vary Accept-Encoding Redirect headers Pragma no-cache Date Tue, 24 Aug 2021 02:06:24 GMT X-Proxy-Origin 185.236.42.214; 185.236.42.214; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 7d7ae250-bb31-468a-8d0d-3ee2c02cf87c Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://prebid.a-mo.net/setuid?A=e8e325bf-ae90-408b-95ad-82a9d4c25a64&D=&bidder=appnexus&uid=2795173456352819425 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ onetag-sys.com/match/ Redirect Chain https://onetag-sys.com/usync/?tag=img https://x.bidswitch.net/sync?ssp=onetag https://x.bidswitch.net/ul_cb/sync?ssp=onetag https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Donetag%26expires%3D30%26user_group%3D%24%7... https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Donetag%26expires%3D30%26user_group%3D%24%7... https://x.bidswitch.net/sync?dsp_id=429&user_id=66c31d32-a1d2-52ec-9fc5-f5ccfee1a1ec&ssp=onetag&expires=30&user_group=1 https://onetag-sys.com/match/?int_id=30&uid=0e33aa42-e880-4cf8-924d-fda8ef6f43d2&gdpr=&gdpr_consent=&us_privacy=	0 291 B	57ms 57ms	Image text/plain	51.89.9.254 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/match/?int_id=30&uid=0e33aa42-e880-4cf8-924d-fda8ef6f43d2&gdpr=&gdpr_consent=&us_privacy= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip254.ip-51-89-9.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000 cache-control no-transform, no-cache content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Redirect headers location //onetag-sys.com/match/?int_id=30&uid=0e33aa42-e880-4cf8-924d-fda8ef6f43d2&gdpr=&gdpr_consent=&us_privacy= date Tue, 24 Aug 2021 02:06:25 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H2	204	verizon_video prebid.a-mo.net/setuid/ Redirect Chain https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=e8e325bf-ae90-408b-95ad-82a9d4c25a64 https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=e8e325bf-ae90-408b-95ad-82a9d4c25a64&verify=true https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=e8e325bf-ae90-408b-95ad-82a9d4c25a64&apid=UPe24edef1-047f-11ec-bbc1-06adfbc6bb52 https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=e8e325bf-ae90-408b-95ad-82a9d4c25a64&apid=UPe24edef1-047f-11ec-bbc1-06adfbc6bb52&verify=true https://prebid.a-mo.net/setuid/verizon_video?uid=UPe24edef1-047f-11ec-bbc1-06adfbc6bb52&gdpr=0&gdpr_consent=	0 125 B	115ms 115ms	Image text/plain	147.75.38.124 PACKET
General Check archive.org Show headers Download Go to Show image Full URL https://prebid.a-mo.net/setuid/verizon_video?uid=UPe24edef1-047f-11ec-bbc1-06adfbc6bb52&gdpr=0&gdpr_consent= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 24 Aug 2021 02:06:24 GMT cache-control max-age=0, private, must-revalidate x-envoy-upstream-service-time 1 server envoy vary Accept-Encoding Redirect headers Date Tue, 24 Aug 2021 02:06:24 GMT Server ATS/7.1.2.138 Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Location https://prebid.a-mo.net/setuid/verizon_video?uid=UPe24edef1-047f-11ec-bbc1-06adfbc6bb52&gdpr=0&gdpr_consent= Connection keep-alive Content-Length 0
GET H2	204	setuid prebid.a-mo.net/ Redirect Chain https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3De8e325bf-ae90-408b-95ad-82a9d4c25a64%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3De8e325bf-ae90-408b-95ad-82a9d4c25a64%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID https://prebid.a-mo.net/setuid?A=e8e325bf-ae90-408b-95ad-82a9d4c25a64&D=&bidder=pubmatic&uid=6D90804E-712C-4AA8-978F-FFB4077AB7EA	0 147 B	119ms 119ms	Image text/plain	147.75.38.124 PACKET
General Check archive.org Show headers Download Go to Show image Full URL https://prebid.a-mo.net/setuid?A=e8e325bf-ae90-408b-95ad-82a9d4c25a64&D=&bidder=pubmatic&uid=6D90804E-712C-4AA8-978F-FFB4077AB7EA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 24 Aug 2021 02:06:24 GMT cache-control max-age=0, private, must-revalidate x-envoy-upstream-service-time 4 server envoy vary Accept-Encoding Redirect headers location https://prebid.a-mo.net/setuid?A=e8e325bf-ae90-408b-95ad-82a9d4c25a64&D=&bidder=pubmatic&uid=6D90804E-712C-4AA8-978F-FFB4077AB7EA date Tue, 24 Aug 2021 02:06:24 GMT cache-control no-store, no-cache, private server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H2	204	setuid prebid.a-mo.net/ Redirect Chain https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3De8e325bf-ae90-408b-95ad-82a9d4c25a64%26D%3D%26bidder%3Dindex_rtb%26uid%3D https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3De8e325bf-ae90-408b-95ad-82a9d4c25a64%26D%3D%26bidder%3Dindex_rtb%26uid%3D&s=191503&C=1 https://prebid.a-mo.net/setuid?A=e8e325bf-ae90-408b-95ad-82a9d4c25a64&D=&bidder=index_rtb&uid=YSRUIBXdlXrZnsMzm5SFyQAA%26222	0 118 B	117ms 117ms	Image text/plain	147.75.38.124 PACKET
General Check archive.org Show headers Download Go to Show image Full URL https://prebid.a-mo.net/setuid?A=e8e325bf-ae90-408b-95ad-82a9d4c25a64&D=&bidder=index_rtb&uid=YSRUIBXdlXrZnsMzm5SFyQAA%26222 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 24 Aug 2021 02:06:24 GMT cache-control max-age=0, private, must-revalidate x-envoy-upstream-service-time 2 server envoy vary Accept-Encoding Redirect headers Pragma no-cache Date Tue, 24 Aug 2021 02:06:24 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://prebid.a-mo.net/setuid?A=e8e325bf-ae90-408b-95ad-82a9d4c25a64&D=&bidder=index_rtb&uid=YSRUIBXdlXrZnsMzm5SFyQAA%26222 Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 320 Expires Tue, 24 Aug 2021 02:06:24 GMT
GET H/1.1	410 Gone	Cookie set cloudyarch601 Show response ask.fm/	11 KB 12 KB	181ms 179ms	XHR text/html	193.138.77.141 ASK-FM
General Check archive.org Show headers Download Go to Full URL https://ask.fm/cloudyarch601 Requested by Host: serving.stat-rock.com URL: https://serving.stat-rock.com/player/optad360.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.138.77.141 , Latvia, ASN395754 (ASK-FM, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 39e631f5410e214026f630ea41bd6a8474342b7187796c8d75a1eb3f0e059e89 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host ask.fm Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Accept */* Cache-Control no-cache Sec-Fetch-Dest empty Referer https://ask.fm/cloudyarch601 Cookie locale=en; uuid=92259efc-b3d6-4271-b35c-b6a17ca86cca; country=SE; _m_ask_fm_session=V1V0Z1ladzJxd3AwQ2E4UldHK05iVjlTRlpoRVF2alRtcXNNKzE5Nmxsek1pKzhOaTBEZXNBRER3aXJ4OHBzcERvSmdHYjZHcXJjMG9IVDAwMitmb3BHNjFPb2dRNEl2bHl5eHpRTkd0RmNUNmpxTTVnUVBBWHR0V2ptVzdNSnNWcG1LSXdwWnk2SnNKalpQbHRJd1NMR05wWlVUbkZ4eCt2dGNJMExjRzB4a082Q1g3TmNOcit2QWdHajM4RUt5UkRhTktCRDlmTmpVN21xN3hlRERsMXRCQlAwbEdIcHV1OEdDMVVyUm5DT0UyWGFkd1lzMHg2NlY3VUlUeFZtMi0tNGVjVWUwNVVRRXZlNHJxOEkyVkdudz09--fa584cfa22cda1af52e6577fe30e6f128b596941 Connection keep-alive Referer https://ask.fm/cloudyarch601 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 24 Aug 2021 02:06:24 GMT X-Content-Type-Options nosniff Server Ask.FM Web Service X-Frame-Options SAMEORIGIN Strict-Transport-Security max-age=63072000 Content-Type text/html; charset=utf-8 Status 410 Gone Cache-Control no-cache Transfer-Encoding chunked Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Set-Cookie locale=en; path=/; expires=Wed, 24 Aug 2022 08:06:24 -0000 _m_ask_fm_session=aGhjeEwwUHU2SUovNXYxczVkaTlBNzRrZ2pVVVZzUHM0czNxV2pBaUZ0S01BcEROaW5XZWNpWkUwbENoK0FERFlCRGc3SVBHUUJYdUluQkhIOGVKVmdzMktIdnVxZnV2b0llZC9iQ2xybGZ4ajlqZzJPcHJhMnA1MTlaZ21HTVZYZmI5UnNJZlFmUElGclJYdHQzTDBSN0JkRmVVYkVEdTRXdlROSkVnb0U5NmZVQWNLcFppY01GMk42VEcrcnpHS1JMeXBVYUZLdHdRTnZhdWtvZlRzdE1sck5FMThWbXFvZUd0T0ZiS3dWNkRpWnNjRHVySERFc3E2bDhueC9lay0temhkZWxNV3JiNXdCRVh1d0JHQ2xZZz09--56be83f8b16b2d733ef3e9893b40443ff73664fa; path=/; expires=Fri, 27 Aug 2021 02:06:24 -0000; secure; HttpOnly X-XSS-Protection 1; mode=block
GET H2	200	1 serving.stat-rock.com/v1/log/js/	35 B 162 B	43ms 42ms	Image image/gif	95.217.114.174 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://serving.stat-rock.com/v1/log/js/1?d=1&id=1629770784305.2786&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fcloudyarch601&t=294&v=91&width=400&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.11500318244525287 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.114.174 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS ap10.adplayer.pro Software nginx / Resource Hash 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540 Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://ask.fm date Tue, 24 Aug 2021 02:06:24 GMT srvf 95.217.114.174 server nginx srvb 127.0.0.1:8082 content-length 35 content-type image/gif
GET H2	200	845a6124-5420-4800-af39-f7667b502737 onetag-sys.com/sync/i,1/ Frame 9FC6 Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D https://onetag-sys.com/sync/i,1/845a6124-5420-4800-af39-f7667b502737	0 290 B	58ms 58ms	Image text/plain	51.89.9.254 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/sync/i,1/845a6124-5420-4800-af39-f7667b502737 Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?cb=1629770781241 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip254.ip-51-89-9.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000 cache-control no-cache, no-transform content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Redirect headers Date Tue, 24 Aug 2021 02:06:24 GMT Server MT3 3865 cc0e612 master zrh-pixel-x4 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://onetag-sys.com/sync/i,1/845a6124-5420-4800-af39-f7667b502737 Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Tue, 24 Aug 2021 02:06:23 GMT
GET H/1.1	204 No Content	sync.php pixel-eu.rubiconproject.com/exchange/ Frame 9FC6	0 239 B	206ms 50ms	Image image/gif	69.173.144.138 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?cb=1629770781241 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 6f9fd0201ed801884e5299d5aabca094 Content-Type image/gif
GET H2	200	3458510128347476915 onetag-sys.com/sync/i,34/ Frame 9FC6 Redirect Chain https://dmp.adform.net/serving/cookie/match?party=1167&cid=iUKrJMagcndb6on5Avy0wJq3bNIfK-gBcPElZ6tfbkk https://dmp.adform.net/serving/cookie/match?CC=1&party=1167&cid=iUKrJMagcndb6on5Avy0wJq3bNIfK-gBcPElZ6tfbkk https://onetag-sys.com/sync/i,34/3458510128347476915	0 290 B	58ms 57ms	Image text/plain	51.89.9.254 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/sync/i,34/3458510128347476915 Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?cb=1629770781241 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip254.ip-51-89-9.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000 cache-control no-cache, no-transform content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Redirect headers pragma no-cache date Tue, 24 Aug 2021 02:06:24 GMT server nginx location https://onetag-sys.com/sync/i,34/3458510128347476915 access-control-max-age 86400 access-control-allow-methods GET access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H2	204	/ onetag-sys.com/sync/i,19/ Frame 9FC6 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm&no_r=1 https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm=&no_r=1&google_tc= https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESENtAAhUFWClErI26GxtYgqg&google_cver=1	0 287 B	58ms 57ms	Image text/plain	51.89.9.254 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESENtAAhUFWClErI26GxtYgqg&google_cver=1 Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?cb=1629770781241 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip254.ip-51-89-9.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000 cache-control no-cache, no-transform p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Redirect headers pragma no-cache date Tue, 24 Aug 2021 02:06:24 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESENtAAhUFWClErI26GxtYgqg&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 298 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame 9FC6	0 239 B	204ms 51ms	Image image/gif	69.173.144.165 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=iUKrJMagcndb6on5Avy0wJq3bNIfK-gBcPElZ6tfbkk Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?cb=1629770781241 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost a66cbf3142c6ef39e3614b84a34262cf Content-Type image/gif
GET H2	204	sync pixel.advertising.com/ups/58198/ Frame 9FC6	0 124 B	60ms 49ms	Image text/plain	18.184.95.242 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?cb=1629770781241 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.184.95.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-184-95-242.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 24 Aug 2021 02:06:24 GMT strict-transport-security max-age=31536000 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H2	200	/ onetag-sys.com/match/ Frame 9FC6 Redirect Chain https://ups.analytics.yahoo.com/ups/58488/occ https://ups.analytics.yahoo.com/ups/58488/occ?verify=true https://onetag-sys.com/match/?int_id=92&uid=y-EkjveWlE2uGp92l470hEwLvVEEytAjkNpbFq_zE-~A	0 291 B	58ms 58ms	Image text/plain	51.89.9.254 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/match/?int_id=92&uid=y-EkjveWlE2uGp92l470hEwLvVEEytAjkNpbFq_zE-~A Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?cb=1629770781241 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip254.ip-51-89-9.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000 cache-control no-transform, no-cache content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Redirect headers Date Tue, 24 Aug 2021 02:06:24 GMT Server ATS/7.1.2.138 Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Location https://onetag-sys.com/match/?int_id=92&uid=y-EkjveWlE2uGp92l470hEwLvVEEytAjkNpbFq_zE-~A Connection keep-alive Content-Length 0
GET H2	200	/ onetag-sys.com/sync/i,29/ Frame 9FC6 Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= https://onetag-sys.com/sync/i,29/?tdid=7f6eb142-f202-406a-be87-d2318142cb42&ttl=1632362784	43 B 379 B	58ms 58ms	Image image/gif	51.89.9.254 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/sync/i,29/?tdid=7f6eb142-f202-406a-be87-d2318142cb42&ttl=1632362784 Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?cb=1629770781241 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip254.ip-51-89-9.eu Software / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000 content-encoding gzip cache-control no-cache, no-transform content-length 64 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Redirect headers pragma no-cache date Tue, 24 Aug 2021 02:06:24 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://onetag-sys.com/sync/i,29/?tdid=7f6eb142-f202-406a-be87-d2318142cb42&ttl=1632362784 cache-control private,no-cache, must-revalidate content-type text/html content-length 211
GET H2	200	/ onetag-sys.com/match/ Frame 9FC6 Redirect Chain https://x.bidswitch.net/sync?ssp=onetag https://x.bidswitch.net/ul_cb/sync?ssp=onetag https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=onetag https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=bfc71f06-f93e-47cd-9c10-48da0ebde212&ssp=onetag&user_group=1 https://onetag-sys.com/match/?int_id=30&uid=0e33aa42-e880-4cf8-924d-fda8ef6f43d2&gdpr=&gdpr_consent=&us_privacy=	0 291 B	58ms 58ms	Image text/plain	51.89.9.254 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/match/?int_id=30&uid=0e33aa42-e880-4cf8-924d-fda8ef6f43d2&gdpr=&gdpr_consent=&us_privacy= Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?cb=1629770781241 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip254.ip-51-89-9.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000 cache-control no-transform, no-cache content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Redirect headers location //onetag-sys.com/match/?int_id=30&uid=0e33aa42-e880-4cf8-924d-fda8ef6f43d2&gdpr=&gdpr_consent=&us_privacy= date Tue, 24 Aug 2021 02:06:25 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H2	200	34636124-5420-4400-9074-6af149fbec83 onetag-sys.com/sync/i,1/ Frame A3E5 Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D https://onetag-sys.com/sync/i,1/34636124-5420-4400-9074-6af149fbec83	0 290 B	58ms 58ms	Image text/plain	51.89.9.254 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/sync/i,1/34636124-5420-4400-9074-6af149fbec83 Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?cb=1629770784078 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip254.ip-51-89-9.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000 cache-control no-cache, no-transform content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Redirect headers Date Tue, 24 Aug 2021 02:06:24 GMT Server MT3 3865 cc0e612 master zrh-pixel-x27 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://onetag-sys.com/sync/i,1/34636124-5420-4400-9074-6af149fbec83 Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Tue, 24 Aug 2021 02:06:23 GMT
GET H/1.1	204 No Content	sync.php pixel-eu.rubiconproject.com/exchange/ Frame A3E5	0 239 B	199ms 50ms	Image image/gif	69.173.144.138 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?cb=1629770784078 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 6f9fd0201ed801884e5299d5aabca094 Content-Type image/gif
GET H2	200	3392884567442272686 onetag-sys.com/sync/i,34/ Frame A3E5 Redirect Chain https://dmp.adform.net/serving/cookie/match?party=1167&cid=iUKrJMagcndb6on5Avy0wJq3bNIfK-gBcPElZ6tfbkk https://dmp.adform.net/serving/cookie/match?CC=1&party=1167&cid=iUKrJMagcndb6on5Avy0wJq3bNIfK-gBcPElZ6tfbkk https://onetag-sys.com/sync/i,34/3392884567442272686	0 290 B	58ms 58ms	Image text/plain	51.89.9.254 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/sync/i,34/3392884567442272686 Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?cb=1629770784078 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip254.ip-51-89-9.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000 cache-control no-cache, no-transform content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Redirect headers pragma no-cache date Tue, 24 Aug 2021 02:06:24 GMT server nginx location https://onetag-sys.com/sync/i,34/3392884567442272686 access-control-max-age 86400 access-control-allow-methods GET access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H2	204	/ onetag-sys.com/sync/i,19/ Frame A3E5 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm&no_r=1 https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm=&no_r=1&google_tc= https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEDfPOcurns4s7NqSbdcL8PQ&google_cver=1	0 287 B	58ms 58ms	Image text/plain	51.89.9.254 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEDfPOcurns4s7NqSbdcL8PQ&google_cver=1 Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?cb=1629770784078 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip254.ip-51-89-9.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000 cache-control no-cache, no-transform p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Redirect headers pragma no-cache date Tue, 24 Aug 2021 02:06:24 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEDfPOcurns4s7NqSbdcL8PQ&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 298 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame A3E5	0 239 B	205ms 50ms	Image image/gif	69.173.144.165 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=iUKrJMagcndb6on5Avy0wJq3bNIfK-gBcPElZ6tfbkk Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?cb=1629770784078 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost a66cbf3142c6ef39e3614b84a34262cf Content-Type image/gif
GET H2	204	sync pixel.advertising.com/ups/58198/ Frame A3E5	0 124 B	53ms 49ms	Image text/plain	18.184.95.242 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?cb=1629770784078 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.184.95.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-184-95-242.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 24 Aug 2021 02:06:24 GMT strict-transport-security max-age=31536000 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H2	200	/ onetag-sys.com/match/ Frame A3E5 Redirect Chain https://ups.analytics.yahoo.com/ups/58488/occ https://ups.analytics.yahoo.com/ups/58488/occ?verify=true https://onetag-sys.com/match/?int_id=92&uid=y-Q8RTUDxE2uHyDEzDOGDughUQs.fvSLZARZVGb.E-~A	0 291 B	58ms 57ms	Image text/plain	51.89.9.254 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/match/?int_id=92&uid=y-Q8RTUDxE2uHyDEzDOGDughUQs.fvSLZARZVGb.E-~A Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?cb=1629770784078 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip254.ip-51-89-9.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000 cache-control no-transform, no-cache content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Redirect headers Date Tue, 24 Aug 2021 02:06:24 GMT Server ATS/7.1.2.138 Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Location https://onetag-sys.com/match/?int_id=92&uid=y-Q8RTUDxE2uHyDEzDOGDughUQs.fvSLZARZVGb.E-~A Connection keep-alive Content-Length 0
GET H2	200	/ onetag-sys.com/sync/i,29/ Frame A3E5 Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= https://onetag-sys.com/sync/i,29/?tdid=d6074ec5-2c2d-45a5-8554-25075d0d996f&ttl=1632362784	43 B 379 B	58ms 58ms	Image image/gif	51.89.9.254 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/sync/i,29/?tdid=d6074ec5-2c2d-45a5-8554-25075d0d996f&ttl=1632362784 Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?cb=1629770784078 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip254.ip-51-89-9.eu Software / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000 content-encoding gzip cache-control no-cache, no-transform content-length 64 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Redirect headers pragma no-cache date Tue, 24 Aug 2021 02:06:24 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://onetag-sys.com/sync/i,29/?tdid=d6074ec5-2c2d-45a5-8554-25075d0d996f&ttl=1632362784 cache-control private,no-cache, must-revalidate content-type text/html content-length 211
GET H2	200	sync x.bidswitch.net/ Frame A3E5 Redirect Chain https://x.bidswitch.net/sync?ssp=onetag https://x.bidswitch.net/ul_cb/sync?ssp=onetag https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=onetag&gdpr=&gdpr_consent= https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=onetag&gdpr=1&user_id=YvCgMGH1oDZ58_dnZ_S_MWP3o2d5-PRhYfe_ev_5	43 B 145 B	49ms 49ms	Image image/gif	3.124.93.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=onetag&gdpr=1&user_id=YvCgMGH1oDZ58_dnZ_S_MWP3o2d5-PRhYfe_ev_5 Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?cb=1629770784078 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.124.93.74 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-124-93-74.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 24 Aug 2021 02:06:26 GMT cache-control no-cache, no-store, must-revalidate content-length 43 content-type image/gif Redirect headers pragma no-cache date Tue, 24 Aug 2021 02:06:26 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" location https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=onetag&gdpr=1&user_id=YvCgMGH1oDZ58_dnZ_S_MWP3o2d5-PRhYfe_ev_5 cache-control private, no-cache, no-store, proxy-revalidate content-length 0 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H2	200	setuid sync.quantumdex.io/ Frame AA6B Redirect Chain https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true https://sync.quantumdex.io/setuid?bidder=sovrn&uid=34c9e090ab9e4c64284ce955	43 B 323 B	129ms 129ms	Image image/gif	2606:4700:20::681a:34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=sovrn&uid=34c9e090ab9e4c64284ce955 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 24 Aug 2021 02:06:24 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2FPiekJEkSo3Uwc18k7QWdX9BnlKax6vcWs5ccreHfmpFgUBoeX8eQulCw8KiRJ28XPdlMHA7jGAydOEPnRa5ckSiWbDEntJ19DRZrJbw%2Bjj1rVTs1SI%2Bpa6EoDAn6w1h6SIckaWvRFTmWSyYT9taw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 6839056cc9d34e5b-FRA content-length 43 Redirect headers Date Tue, 24 Aug 2021 02:06:24 GMT Server nginx Location https://sync.quantumdex.io/setuid?bidder=sovrn&uid=34c9e090ab9e4c64284ce955 Access-Control-Allow-Methods GET, POST, DELETE, PUT Access-Control-Allow-Origin * Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap7ams1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 0
GET H2	200	setuid sync.quantumdex.io/ Frame AA6B Redirect Chain https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=8a1bc7c4-219f-49cb-a68c-fa867b7d678b	43 B 324 B	458ms 458ms	Image image/gif	2606:4700:20::681a:34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=8a1bc7c4-219f-49cb-a68c-fa867b7d678b Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 24 Aug 2021 02:06:25 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uJEltOOIZmekZr4DpR2lUQnUHPplCgonkTMGzHt9fGNBU3e0TGP1du48vyuX9QLf6y4dCifesppxhga7tkflpg%2B7VUdxZBs1Oj9ObrDYul3qGHW9EVH7uvwgT9ahfyztqKZfgOJbdvfuTZ3%2BPFrZag%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 6839056cb9c44e5b-FRA content-length 43 Redirect headers location https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=8a1bc7c4-219f-49cb-a68c-fa867b7d678b date Tue, 24 Aug 2021 02:06:24 GMT content-length 0
GET H2	200	setuid sync.quantumdex.io/ Frame AA6B Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2795173456352819425	43 B 331 B	247ms 247ms	Image image/gif	2606:4700:20::681a:34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2795173456352819425 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 24 Aug 2021 02:06:24 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JVh%2BVGS%2BgvxuO2r8%2F%2FyaC1kE1xTI4ikIW%2BRmBM1dSGVTpNZ5Gwm1pwyJnRo7tW%2FVpPq%2BC0CDjGLIrl12qyf9N3Xs8gj7tgcmko62Qcj9Koj2GAVWIFmueZY5gR9jWwVwgH9dbilLjmOoV0puPWpvxw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 6839056c29174e5b-FRA content-length 43 Redirect headers Pragma no-cache Date Tue, 24 Aug 2021 02:06:24 GMT X-Proxy-Origin 185.236.42.214; 185.236.42.214; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 5e0a7af6-0c66-41f0-af2d-f3c41bc88c9a Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2795173456352819425 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	us sync.go.sonobi.com/ Frame AA6B	0 474 B	215ms 53ms	Image text/plain	178.162.133.149 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-sync.go.sonobi.com Software sonobi-go / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 24 Aug 2021 02:06:24 GMT Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-9 P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache, no-store, private Tcn Choice Content-Type text/plain; charset=utf8 Content-Length 0 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT
GET H2	200	setuid sync.quantumdex.io/ Frame AA6B Redirect Chain https://ms.quantumdex.io/user/sync/quantumdex https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=6ecc58ef-661b-4756-b4fb-4bae97b95efc	43 B 331 B	128ms 128ms	Image image/gif	2606:4700:20::681a:34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=6ecc58ef-661b-4756-b4fb-4bae97b95efc Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 24 Aug 2021 02:06:24 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vAuBE0EPyhgH1xsPRVq0%2B%2Fe31bVs6waG3e2SNJ%2Fvks5Us%2BWMisYxj8Vr9PDN4S%2FHbH8kPBAn%2Brcx%2BIeUx7S0Ojo0FPQq8xOX0EVwq5ItgPl%2BA68GATln7l2jX2WOhGaBdEKF5yAc9Buor4PLSaaM2Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 6839056c89914e5b-FRA content-length 43 Redirect headers date Tue, 24 Aug 2021 02:06:24 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MgYBz1WX0TowSZMNNIFQEn%2FiRDfkdEXEMnLxVqOw9CJFKnYtSUpCAP5Cm6ATjfECjCbQ0IDhvW5Zke6QXimIFtq9L65zCzBcf%2FdC0DEaS3NI096SFaStdzcgieou7vM%2BivzX4kqFn23bqub%2FXwE%3D"}],"group":"cf-nel","max_age":604800} location https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=6ecc58ef-661b-4756-b4fb-4bae97b95efc cf-ray 6839056bd8d74e5b-FRA content-length 0
GET H2	200	setuid sync.quantumdex.io/ Frame AA6B Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2795173456352819425	43 B 339 B	129ms 129ms	Image image/gif	2606:4700:20::681a:34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2795173456352819425 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 24 Aug 2021 02:06:24 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y0VVHGwWhv6m0w8JP12BdqOKJ%2BO5Xw10jht4WTMB%2BM2V8nbb1hoTlIJZwnKAJ5c2gEMURxSaRbpwKkTsS3Wd0okfRJIxwmpHrVLJQuUo%2BVJirbDwezUZl4I%2BAXkMHVtNXKc3ykdDMKvUsCbh6b4Pxg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 6839056c19104e5b-FRA content-length 43 Redirect headers Pragma no-cache Date Tue, 24 Aug 2021 02:06:24 GMT X-Proxy-Origin 185.236.42.214; 185.236.42.214; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 65925ec8-2d4f-4cbd-9f2e-a23d3d44a6ef Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2795173456352819425 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	setuid sync.quantumdex.io/ Frame AA6B Redirect Chain https://ups.analytics.yahoo.com/ups/58424/occ https://ups.analytics.yahoo.com/ups/58424/occ?verify=true https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-lBRdl.xE2uHgU3eLeRL6jFilOEm6k4GiRoMXnDc-~A	43 B 323 B	133ms 133ms	Image image/gif	2606:4700:20::681a:34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-lBRdl.xE2uHgU3eLeRL6jFilOEm6k4GiRoMXnDc-~A Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 24 Aug 2021 02:06:24 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VzreDSZg9T7PukvlHSzMLNBblLnkJbxuwmrG4mMIkqaucK%2BdtE5nOiYshCj3CgaSe%2FBppl1k6ppJJNIreYLwxYrKjpB7bcUv9V3gnr3b4nYW9X39R6mY2IUGl9N58udcFjRZzy6kFAtSScAVcsh8ig%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 6839056d1a364e5b-FRA content-length 43 Redirect headers Date Tue, 24 Aug 2021 02:06:24 GMT Server ATS/7.1.2.138 Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Location https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-lBRdl.xE2uHgU3eLeRL6jFilOEm6k4GiRoMXnDc-~A Connection keep-alive Content-Length 0
GET H2	200	setuid sync.quantumdex.io/ Frame AA6B Redirect Chain https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPe24edef1-047f-11ec-bbc1-06adfbc6bb52 https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPe24edef1-047f-11ec-bbc1-06adfbc6bb52&verify=true https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPe24edef1-047f-11ec-bbc1-06adfbc6bb52	43 B 482 B	137ms 137ms	Image image/gif	2606:4700:20::681a:34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPe24edef1-047f-11ec-bbc1-06adfbc6bb52 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 24 Aug 2021 02:06:24 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbWRFLM58%2Frr3%2FH54rc1oP6zPkShJAEBipi2uW3wn5Pa%2BHUw3mEgUplAkG613bTzMPxbq7LlnN%2BhaNWoWpgqveihpEJgnG5N7NlMz2d%2Fp4vcAzSLqIMkmFdxFNMX7GN4lPIGp8GC4HUSrF4R8%2FmlRA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 6839056d5a734e5b-FRA content-length 43 Redirect headers Date Tue, 24 Aug 2021 02:06:24 GMT Server ATS/7.1.2.138 Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Location https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPe24edef1-047f-11ec-bbc1-06adfbc6bb52 Connection keep-alive Content-Length 0
GET H/1.1	200	1.gif id5-sync.com/c/495/0/0/ Frame AA6B Redirect Chain https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=	43 B 1 KB	59ms 58ms	Image image/gif	54.36.109.186 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent= Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.36.109.186 , France, ASN16276 (OVH, FR), Reverse DNS p06.id5-sync.com Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 24 Aug 2021 02:06:23 GMT Transfer-Encoding chunked Content-Type image/gif;charset=UTF-8 Strict-Transport-Security max-age=63072000; includeSubDomains; preload P3P CP="CAO PSA OUR" Redirect headers Location https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent= Date Tue, 24 Aug 2021 02:06:23 GMT Transfer-Encoding chunked Strict-Transport-Security max-age=63072000; includeSubDomains; preload P3P CP="CAO PSA OUR"
GET H/1.1	200 OK	Cookie set usermatch Show response ssum-sec.casalemedia.com/ Frame CDA8 Redirect Chain https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1	2 KB 3 KB	142ms 71ms	Document text/html	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 6bc562e350e4b81f72cd2bdebe6f50a97cf5b01f5e3d91747eae8898eb73fc62 Request headers Host ssum-sec.casalemedia.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://sync.quantumdex.io/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie CMPS=301; CMPRO=222; CMST=YSRUIGEkVCAA; CMID=YSRUIBXdlXrZnsMzm5SFzQAA Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://sync.quantumdex.io/ Response headers Server Apache Content-Type text/html Dropped-Udsids 39|241|230|45|5|196|46|195 P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Vary Is-Traffic-Usersync Content-Length 1795 Expires Tue, 24 Aug 2021 02:06:24 GMT Cache-Control max-age=0, no-cache, no-store Pragma no-cache Date Tue, 24 Aug 2021 02:06:24 GMT Connection keep-alive Set-Cookie CMID=YSRUIBXdlXrZnsMzm5SFzQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 24 Aug 2022 02:06:24 GMT CMPS=301;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 22 Nov 2021 02:06:24 GMT CMPRO=222;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 22 Nov 2021 02:06:24 GMT CMRUM3=f16124542005a0&056124542005a0&2e6124542005a0&c46124542005a0&2d6124542005a0&c36124542005a00&27612454200b40&e6612454202760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 24 Aug 2022 02:06:24 GMT Redirect headers Server Apache Content-Length 315 Content-Type text/html; charset=iso-8859-1 Location https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Expires Tue, 24 Aug 2021 02:06:24 GMT Cache-Control max-age=0, no-cache, no-store Pragma no-cache Date Tue, 24 Aug 2021 02:06:24 GMT Connection keep-alive Set-Cookie CMID=YSRUIBXdlXrZnsMzm5SFzQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 24 Aug 2022 02:06:24 GMT CMPS=301;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 22 Nov 2021 02:06:24 GMT
GET H2	200	user_sync.html Show response ads.pubmatic.com/AdServer/js/ Frame 44AD	14 KB 5 KB	168ms 55ms	Document text/html	2.18.233.180 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-233-180.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba Request headers :method GET :authority ads.pubmatic.com :scheme https :path /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://sync.quantumdex.io/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://sync.quantumdex.io/ Response headers last-modified Tue, 15 Jun 2021 06:08:03 GMT etag "1300708-3945-5c4c7cc02bd56" server Apache/2.2.15 (CentOS) accept-ranges bytes content-encoding gzip p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 5054 content-type text/html; charset=UTF-8 cache-control max-age=141660 expires Wed, 25 Aug 2021 17:27:24 GMT date Tue, 24 Aug 2021 02:06:24 GMT vary Accept-Encoding
GET H/1.1	200 OK	Cookie set uc.html Show response sync.go.sonobi.com/ Frame 11C6	43 B 551 B	210ms 52ms	Document text/html	178.162.133.149 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-sync.go.sonobi.com Software sonobi-go / Resource Hash bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25 Security Headers Name Value X-Xss-Protection 0 Request headers Host sync.go.sonobi.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://sync.quantumdex.io/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://sync.quantumdex.io/ Response headers Date Tue, 24 Aug 2021 02:06:24 GMT Content-Type text/html Transfer-Encoding chunked Expires Sat, 26 Jul 1997 05:00:00 GMT Cache-Control no-cache, no-store, private P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Pragma no-cache Tcn Choice Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-9 X-Xss-Protection 0 Content-Encoding gzip Server sonobi-go Set-Cookie HAPLB5S=s579|YSRUI; path=/; domain=.go.sonobi.com
GET H2	200	/ Show response onetag-sys.com/usync/ Frame 8FDD	3 KB 1 KB	58ms 58ms	Document text/html	51.89.9.254 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/usync/?pubId=2bb78272a859ca6 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip254.ip-51-89-9.eu Software / Resource Hash 09a6d886e69a85dce6f0751d756934bd0caed4a67ee74e78724e202beee0ef8d Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers :method GET :authority onetag-sys.com :scheme https :path /usync/?pubId=2bb78272a859ca6 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://sync.quantumdex.io/ accept-encoding gzip, deflate, br accept-language en-US cookie OTP=EzP9y05RjPIkPXlyr4QoARRtFOoS18jFGedX4O3vqXU Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://sync.quantumdex.io/ Response headers p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' set-cookie OTP=2WXYEQo4I7dreCYO3tHNCGFhg9exv_ar5mtwTtuQMlg; path=/; expires=Thu, 24 Aug 2023 02:06:24; domain=onetag-sys.com; SameSite=None; Secure content-type text/html cache-control no-transform, no-cache content-encoding gzip content-length 1161 strict-transport-security max-age=15552000
GET H/1.1	200 OK	Cookie set usermatch Show response ssum-sec.casalemedia.com/ Frame 3ABE Redirect Chain https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1	2 KB 3 KB	112ms 72ms	Document text/html	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/um/ixmatch.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash dee0a614af14fb63b5164cb9611d8d4ad4613668687ee7489264415d58069477 Request headers Host ssum-sec.casalemedia.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://js-sec.indexww.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie CMPS=301; CMPRO=222; CMST=YSRUIGEkVCAA; CMID=YSRUIBXdlXrZnsMzm5SF0AAA Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://js-sec.indexww.com/ Response headers Server Apache Content-Type text/html Dropped-Udsids 230|45|241|39|130|111|195|13 P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Vary Is-Traffic-Usersync Content-Length 1883 Expires Tue, 24 Aug 2021 02:06:24 GMT Cache-Control max-age=0, no-cache, no-store Pragma no-cache Date Tue, 24 Aug 2021 02:06:24 GMT Connection keep-alive Set-Cookie CMID=YSRUIBXdlXrZnsMzm5SF0AAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 24 Aug 2022 02:06:24 GMT CMPS=301;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 22 Nov 2021 02:06:24 GMT CMPRO=222;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 22 Nov 2021 02:06:24 GMT CMRUM3=0d6124542005a0&27612454200b40&e6612454202760&c36124542005a00&2d6124542005a0&6f6124542005a0&f16124542005a0&8261245420a8c0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 24 Aug 2022 02:06:24 GMT Redirect headers Server Apache Content-Length 329 Content-Type text/html; charset=iso-8859-1 Location https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Expires Tue, 24 Aug 2021 02:06:24 GMT Cache-Control max-age=0, no-cache, no-store Pragma no-cache Date Tue, 24 Aug 2021 02:06:24 GMT Connection keep-alive Set-Cookie CMID=YSRUIBXdlXrZnsMzm5SF0AAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 24 Aug 2022 02:06:24 GMT CMPS=301;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 22 Nov 2021 02:06:24 GMT
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame 5CE9	0 733 B	49ms 49ms	Script text/html	185.33.221.15 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 24 Aug 2021 02:06:24 GMT X-Proxy-Origin 185.236.42.214; 185.236.42.214; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid da5d962b-7b52-4111-9cfa-d97628f0caa0 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame E07D	0 733 B	47ms 47ms	Script text/html	185.33.221.15 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 24 Aug 2021 02:06:24 GMT X-Proxy-Origin 185.236.42.214; 185.236.42.214; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 302f916d-5000-499b-99c5-29e0a6b290f1 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	45da6124-5420-4c00-a35b-9027e73fdd88 onetag-sys.com/sync/i,1/ Frame 8FDD Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D https://onetag-sys.com/sync/i,1/45da6124-5420-4c00-a35b-9027e73fdd88	0 290 B	58ms 58ms	Image text/plain	51.89.9.254 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/sync/i,1/45da6124-5420-4c00-a35b-9027e73fdd88 Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip254.ip-51-89-9.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000 cache-control no-cache, no-transform content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Redirect headers Date Tue, 24 Aug 2021 02:06:24 GMT Server MT3 3865 cc0e612 master zrh-pixel-x1 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://onetag-sys.com/sync/i,1/45da6124-5420-4c00-a35b-9027e73fdd88 Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Tue, 24 Aug 2021 02:06:23 GMT
GET H/1.1	204 No Content	sync.php pixel-eu.rubiconproject.com/exchange/ Frame 8FDD	0 239 B	123ms 52ms	Image image/gif	69.173.144.138 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 6f9fd0201ed801884e5299d5aabca094 Content-Type image/gif
GET H2	204	/ onetag-sys.com/sync/i,19/ Frame 8FDD Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm&no_r=1 https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm=&no_r=1&google_tc= https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEHy6xTxykJjL6vHqndFrqkM&google_cver=1	0 287 B	58ms 58ms	Image text/plain	51.89.9.254 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEHy6xTxykJjL6vHqndFrqkM&google_cver=1 Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip254.ip-51-89-9.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000 cache-control no-cache, no-transform p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Redirect headers pragma no-cache date Tue, 24 Aug 2021 02:06:24 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEHy6xTxykJjL6vHqndFrqkM&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 298 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ onetag-sys.com/match/ Frame 8FDD Redirect Chain https://ups.analytics.yahoo.com/ups/58488/occ https://ups.analytics.yahoo.com/ups/58488/occ?verify=true https://onetag-sys.com/match/?int_id=92&uid=y-VJlfLBpE2uFzl4.m3QQzNbkQN2.SwwCZoEcMXck-~A	0 291 B	58ms 58ms	Image text/plain	51.89.9.254 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/match/?int_id=92&uid=y-VJlfLBpE2uFzl4.m3QQzNbkQN2.SwwCZoEcMXck-~A Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip254.ip-51-89-9.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000 cache-control no-transform, no-cache content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Redirect headers Date Tue, 24 Aug 2021 02:06:24 GMT Server ATS/7.1.2.138 Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Location https://onetag-sys.com/match/?int_id=92&uid=y-VJlfLBpE2uFzl4.m3QQzNbkQN2.SwwCZoEcMXck-~A Connection keep-alive Content-Length 0
GET H2	200	/ onetag-sys.com/sync/i,29/ Frame 8FDD Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= https://onetag-sys.com/sync/i,29/?tdid=d6074ec5-2c2d-45a5-8554-25075d0d996f&ttl=1632362784	43 B 379 B	58ms 58ms	Image image/gif	51.89.9.254 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/sync/i,29/?tdid=d6074ec5-2c2d-45a5-8554-25075d0d996f&ttl=1632362784 Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip254.ip-51-89-9.eu Software / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000 content-encoding gzip cache-control no-cache, no-transform content-length 64 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Redirect headers pragma no-cache date Tue, 24 Aug 2021 02:06:24 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://onetag-sys.com/sync/i,29/?tdid=d6074ec5-2c2d-45a5-8554-25075d0d996f&ttl=1632362784 cache-control private,no-cache, must-revalidate content-type text/html content-length 211
GET H2	200	/ onetag-sys.com/match/ Frame 8FDD Redirect Chain https://x.bidswitch.net/sync?ssp=onetag https://x.bidswitch.net/ul_cb/sync?ssp=onetag https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Donetag%26expires%3D30%26user_group%3D%24%7... https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Donetag%26expires%3D30%26user_group%3D%24%7... https://x.bidswitch.net/sync?dsp_id=429&user_id=66c31d32-a1d2-52ec-9fc5-f5ccfee1a1ec&ssp=onetag&expires=30&user_group=1 https://onetag-sys.com/match/?int_id=30&uid=0e33aa42-e880-4cf8-924d-fda8ef6f43d2&gdpr=&gdpr_consent=&us_privacy=	0 291 B	58ms 57ms	Image text/plain	51.89.9.254 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/match/?int_id=30&uid=0e33aa42-e880-4cf8-924d-fda8ef6f43d2&gdpr=&gdpr_consent=&us_privacy= Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip254.ip-51-89-9.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000 cache-control no-transform, no-cache content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Redirect headers location //onetag-sys.com/match/?int_id=30&uid=0e33aa42-e880-4cf8-924d-fda8ef6f43d2&gdpr=&gdpr_consent=&us_privacy= date Tue, 24 Aug 2021 02:06:25 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H2	200	8808293369395702241 onetag-sys.com/sync/i,34/ Frame 8FDD Redirect Chain https://dmp.adform.net/serving/cookie/match?party=1167&cid=EzP9y05RjPIkPXlyr4QoARRtFOoS18jFGedX4O3vqXU https://onetag-sys.com/sync/i,34/8808293369395702241	0 290 B	58ms 58ms	Image text/plain	51.89.9.254 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/sync/i,34/8808293369395702241 Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip254.ip-51-89-9.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000 cache-control no-cache, no-transform content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Redirect headers pragma no-cache date Tue, 24 Aug 2021 02:06:24 GMT server nginx location https://onetag-sys.com/sync/i,34/8808293369395702241 access-control-max-age 86400 access-control-allow-methods GET access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame 8FDD	0 239 B	121ms 50ms	Image image/gif	69.173.144.165 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=EzP9y05RjPIkPXlyr4QoARRtFOoS18jFGedX4O3vqXU Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost a66cbf3142c6ef39e3614b84a34262cf Content-Type image/gif
GET H2	204	sync pixel.advertising.com/ups/58198/ Frame 8FDD	0 124 B	50ms 49ms	Image text/plain	18.184.95.242 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.184.95.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-184-95-242.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 24 Aug 2021 02:06:24 GMT strict-transport-security max-age=31536000 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H2	200	setuid sync.quantumdex.io/ Frame 8FDD	43 B 329 B	138ms 138ms	Image image/gif	2606:4700:20::681a:34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=onetag&uid=EzP9y05RjPIkPXlyr4QoARRtFOoS18jFGedX4O3vqXU Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 24 Aug 2021 02:06:24 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vKCwiHZJVaM8CS3w%2FHZZX%2FUMzB%2B4wRwZWyinH5ZiJMgC3HEVu6MDube9Es39mT304pCt6NzmwRai5aApJgusy6%2BnOrckl%2FqkDfywQdyXvyeSfe3d3P5OQucujt7KN2OYdUFoyvEBd6k3eJB9J0z7iw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 6839056c49424e5b-FRA content-length 43
GET H2	200	1 serving.stat-rock.com/v1/log/js/	35 B 162 B	35ms 35ms	Image image/gif	95.217.114.174 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://serving.stat-rock.com/v1/log/js/1?id=1629770784305.2786&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fcloudyarch601&t=479&v=91&width=400&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.24389634582308073 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.114.174 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS ap10.adplayer.pro Software nginx / Resource Hash 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540 Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://ask.fm date Tue, 24 Aug 2021 02:06:24 GMT srvf 95.217.114.174 server nginx srvb 127.0.0.1:8082 content-length 35 content-type image/gif
GET H2	200	1 serving.stat-rock.com/v1/log/js/	35 B 162 B	35ms 35ms	Image image/gif	95.217.114.174 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://serving.stat-rock.com/v1/log/js/1?d=1&id=1629770784305.2786&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fcloudyarch601&t=479&v=91&width=400&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.8289823490906298 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.217.114.174 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS ap10.adplayer.pro Software nginx / Resource Hash 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540 Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://ask.fm date Tue, 24 Aug 2021 02:06:24 GMT srvf 95.217.114.174 server nginx srvb 127.0.0.1:8082 content-length 35 content-type image/gif
GET H2	200	PugMaster Show response image6.pubmatic.com/AdServer/ Frame 44AD	0 42 B	1205ms 60ms	Script text/plain	185.64.190.78 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=74492753&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 24 Aug 2021 02:06:24 GMT content-length 0
GET H2	200	casale match.adsrvr.org/track/cmf/ Frame CDA8	70 B 264 B	162ms 161ms	Image image/gif	76.223.111.131 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YSRUIBXdlXrZnsMzm5SFzQAA&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 76.223.111.131 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a97adde81b00f2ca4.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 24 Aug 2021 02:06:25 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H/1.1	200 OK	dcm s.amazon-adsystem.com/ Frame CDA8 Redirect Chain https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSRUIBXdlXrZnsMzm5SFzQAAAN4AAAAB https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSRUIBXdlXrZnsMzm5SFzQAAAN4AAAAB&dcc=t	43 B 645 B	247ms 123ms	Image image/gif	52.46.130.91 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSRUIBXdlXrZnsMzm5SFzQAAAN4AAAAB&dcc=t Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 24 Aug 2021 02:06:25 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid 7B5BFNG33AH9T4RWTK72 Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Tue, 24 Aug 2021 02:06:25 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid QPR8XK95XPXMVDC3QY70 Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSRUIBXdlXrZnsMzm5SFzQAAAN4AAAAB&dcc=t Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	usermatchredir ssum-sec.casalemedia.com/ Frame CDA8 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YSRUIBXdlXrZnsMzm5SFzQAAAN4AAAAB&gdpr_consent=&us_privacy=&gdpr=1 https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFuBPcUXfRVrLuk3QoYuFwk&google_cver=1	43 B 315 B	66ms 66ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFuBPcUXfRVrLuk3QoYuFwk&google_cver=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 24 Aug 2021 02:06:25 GMT Server Apache Vary Is-Traffic-Usersync Content-Type image/gif Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 43 Expires Tue, 24 Aug 2021 02:06:25 GMT Redirect headers pragma no-cache date Tue, 24 Aug 2021 02:06:24 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFuBPcUXfRVrLuk3QoYuFwk&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 343 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame CDA8 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YSRUIBXdlXrZnsMzm5SFzQAA https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELRZLwOSP6IJWtNDqAdl8FA&google_cver=1&gdpr=1	43 B 998 B	69ms 68ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELRZLwOSP6IJWtNDqAdl8FA&google_cver=1&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 24 Aug 2021 02:06:25 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 24 Aug 2021 02:06:25 GMT Redirect headers pragma no-cache date Tue, 24 Aug 2021 02:06:25 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELRZLwOSP6IJWtNDqAdl8FA&google_cver=1&gdpr=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 325 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ix ad4m.at/ad/sim/ Frame CDA8	0 0	32ms 15ms	Image text/html	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ad4m.at/ad/sim/ix?gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame CDA8 Redirect Chain https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=	43 B 315 B	65ms 64ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id= Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 24 Aug 2021 02:06:25 GMT Server Apache Vary Is-Traffic-Usersync Content-Type image/gif Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 43 Expires Tue, 24 Aug 2021 02:06:25 GMT Redirect headers date Tue, 24 Aug 2021 02:06:25 GMT server nginx access-control-allow-origin * transfer-encoding chunked access-control-allow-methods POST, GET, OPTIONS p3p CP="NOI DEV OUR BUS UNI" location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id= cache-control no-cache content-type text/html; charset=UTF-8 access-control-allow-headers Origin keep-alive timeout=10
GET H/1.1	400 Request failed due to privacy signals	getuid secure.adnxs.com/ Frame CDA8	0 0	1400ms 48ms	Image text/html	185.33.221.15 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame CDA8 Redirect Chain https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-54a9040b-c96b-4440-9ff6-7288be0a95eb	43 B 1 KB	68ms 67ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-54a9040b-c96b-4440-9ff6-7288be0a95eb Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 24 Aug 2021 02:06:26 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 24 Aug 2021 02:06:26 GMT Redirect headers location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-54a9040b-c96b-4440-9ff6-7288be0a95eb date Tue, 24 Aug 2021 02:06:26 GMT server Apache-Coyote/1.1 content-length 0
GET H2	200	setuid sync.quantumdex.io/ Frame CDA8	43 B 351 B	132ms 131ms	Image image/gif	2606:4700:20::681a:34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=ix&uid=YSRUIBXdlXrZnsMzm5SFzQAAAN4AAAAB Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 24 Aug 2021 02:06:25 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IDNNex5nwKBRVL7TYt0esoOIvvz5Ceymzpn1hZ4Hnrlnt%2Fi2goGyI2m8rP2xLeTKvtbvGmr6jTFgM%2BBrWzru8VbpKRLVIEDI0iHIYkScTg2lPnLl%2B%2Fqr4dy9V3FIf08iJuIZG7q%2BR8YxkTFJUpb8vQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 6839056deb0d4e5b-FRA content-length 43
GET H/1.1	200 OK	usermatchredir ssum-sec.casalemedia.com/ Frame 3ABE Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YSRUIBXdlXrZnsMzm5SF0AAAAN4AAAAB&gdpr_consent=&us_privacy=&gdpr=1 https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFuBPcUXfRVrLuk3QoYuFwk&google_cver=1	43 B 315 B	65ms 65ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFuBPcUXfRVrLuk3QoYuFwk&google_cver=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 24 Aug 2021 02:06:25 GMT Server Apache Vary Is-Traffic-Usersync Content-Type image/gif Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 43 Expires Tue, 24 Aug 2021 02:06:25 GMT Redirect headers pragma no-cache date Tue, 24 Aug 2021 02:06:25 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFuBPcUXfRVrLuk3QoYuFwk&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 343 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame 3ABE Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YSRUIBXdlXrZnsMzm5SF0AAA https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELRZLwOSP6IJWtNDqAdl8FA&google_cver=1&gdpr=1	43 B 998 B	70ms 69ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELRZLwOSP6IJWtNDqAdl8FA&google_cver=1&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 24 Aug 2021 02:06:25 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 24 Aug 2021 02:06:25 GMT Redirect headers pragma no-cache date Tue, 24 Aug 2021 02:06:25 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELRZLwOSP6IJWtNDqAdl8FA&google_cver=1&gdpr=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 325 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	dcm s.amazon-adsystem.com/ Frame 3ABE Redirect Chain https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSRUIBXdlXrZnsMzm5SF0AAAAN4AAAAB https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSRUIBXdlXrZnsMzm5SF0AAAAN4AAAAB&dcc=t	43 B 645 B	242ms 124ms	Image image/gif	52.46.130.91 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSRUIBXdlXrZnsMzm5SF0AAAAN4AAAAB&dcc=t Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 24 Aug 2021 02:06:25 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid AF8V3Q4WZ47QC1GQHA23 Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Tue, 24 Aug 2021 02:06:25 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid 04WPCEP8AEFERR0CQ0F8 Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSRUIBXdlXrZnsMzm5SF0AAAAN4AAAAB&dcc=t Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	casale match.adsrvr.org/track/cmf/ Frame 3ABE	70 B 264 B	70ms 68ms	Image image/gif	76.223.111.131 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YSRUIBXdlXrZnsMzm5SF0AAA&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 76.223.111.131 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a97adde81b00f2ca4.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 24 Aug 2021 02:06:25 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame 3ABE Redirect Chain https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1 https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABS_k7CSKgAACTALuSksg&expiration=1630980388&gdpr=1 https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABS_k7CSKgAACTALuSksg&expiration=1630980388&gdpr=1&C=1	43 B 1007 B	87ms 87ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABS_k7CSKgAACTALuSksg&expiration=1630980388&gdpr=1&C=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 24 Aug 2021 02:06:28 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 24 Aug 2021 02:06:28 GMT Redirect headers Pragma no-cache Date Tue, 24 Aug 2021 02:06:28 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABS_k7CSKgAACTALuSksg&expiration=1630980388&gdpr=1&C=1 Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 324 Expires Tue, 24 Aug 2021 02:06:28 GMT
GET H2	403	match c1.adform.net/serving/cookie/ Frame 3ABE	0 330 B	39ms 36ms	Image text/plain	37.157.4.25 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://c1.adform.net/serving/cookie/match?party=29&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.4.25 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 24 Aug 2021 02:06:24 GMT server nginx access-control-max-age 86400 access-control-allow-methods GET access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame 3ABE Redirect Chain https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-2c422ca0-d9f5-40c6-ba31-a167fcd43653	43 B 1 KB	67ms 67ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-2c422ca0-d9f5-40c6-ba31-a167fcd43653 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 24 Aug 2021 02:06:26 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 24 Aug 2021 02:06:26 GMT Redirect headers location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-2c422ca0-d9f5-40c6-ba31-a167fcd43653 date Tue, 24 Aug 2021 02:06:26 GMT server Apache-Coyote/1.1 content-length 0
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame 3ABE Redirect Chain https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06a022040095a4e1940600c4&expiration=[EXPIRATION]&gdpr=1	43 B 1 KB	67ms 67ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06a022040095a4e1940600c4&expiration=[EXPIRATION]&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 24 Aug 2021 02:06:26 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 24 Aug 2021 02:06:26 GMT Redirect headers Location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06a022040095a4e1940600c4&expiration=[EXPIRATION]&gdpr=1 Date Tue, 24 Aug 2021 02:06:26 GMT Access-Control-Allow-Credentials true X-Powered-By Express Content-Length 0 Vary Origin
GET H/1.1	200 OK	htw-pixel.gif js-sec.indexww.com/ht/ Frame 3ABE	43 B 425 B	54ms 53ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://js-sec.indexww.com/ht/htw-pixel.gif?YSRUIBXdlXrZnsMzm5SF0AAA%26222 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 24 Aug 2021 02:06:25 GMT Last-Modified Tue, 24 Jan 2017 19:36:04 GMT Server Apache ETag "902a3d-2b-546dc3a097100" P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=1937 Connection keep-alive Accept-Ranges bytes Content-Type image/gif Content-Length 43 Expires Tue, 24 Aug 2021 02:38:42 GMT
POST H2	200	48953915 Show response mc.yandex.com/webvisor/	43 B 145 B	176ms 90ms	XHR image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=2&wv-hit=538969228&page-url=https%3A%2F%2Fask.fm%2Fcloudyarch601&rn=235629162&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1629770785%3Aw%3A1600x1200%3Av%3A624%3Az%3A120%3Ai%3A20210824040625%3Au%3A1629770781782379249%3Avf%3A25rt5xty9edhsiwwad%3Awe%3A1%3Ati%3A2%3Ast%3A1629770785 Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 24 Aug 2021 02:06:25 GMT last-modified Tue, 24-Aug-2021 02:06:25 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Tue, 24-Aug-2021 02:06:25 GMT
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame 5CE9	0 733 B	47ms 47ms	Script text/html	185.33.221.15 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 24 Aug 2021 02:06:25 GMT X-Proxy-Origin 185.236.42.214; 185.236.42.214; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 834bcdb4-543d-4f9e-94f8-37e496bbbc5b Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame E07D	0 733 B	49ms 49ms	Script text/html	185.33.221.15 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 24 Aug 2021 02:06:25 GMT X-Proxy-Origin 185.236.42.214; 185.236.42.214; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 51f1be03-7075-4253-9954-844472a54e53 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT