urlscan.io logo urlscan.io
SecurityTrails logo

ref.ask.fm Open in urlscan Pro
193.138.77.140  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ask.fm/home/app/promo/android?utm_medium=conversion_button_android_default_87
Effective URL: https://ref.ask.fm/apps?source_caller=ui&utm_source=internal&shortlink=app&utm_medium=conversion_button_android_def...
Submission: On May 10 via manual from RU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 1 HTTP transactions. The main IP is 193.138.77.140, located in Latvia and belongs to ASK-FM, US. The main domain is ref.ask.fm.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on October 18th 2022. Valid for: a year.
This is the only time ref.ask.fm was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 193.138.77.142 395754 (ASK-FM)
1 1 65.9.86.108 16509 (AMAZON-02)
1 193.138.77.140 395754 (ASK-FM)
1 2
Apex Domain
Subdomains		 Transfer
2 ask.fm
ask.fm — Cisco Umbrella Rank: 188464
ref.ask.fm
30 KB
1 onelink.me
askfm.onelink.me
406 B
1 2
Domain Requested by
1 ref.ask.fm
1 askfm.onelink.me 1 redirects
1 ask.fm 1 redirects
1 3

This site contains links to these domains. Also see Links.

Domain
stor.re
play.google.com
appgallery.huawei.com
Subject Issuer Validity Valid
*.ask.fm
AlphaSSL CA - SHA256 - G2		 2022-10-18 -
2023-11-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://ref.ask.fm/apps?source_caller=ui&utm_source=internal&shortlink=app&utm_medium=conversion_button_android_default_87&pid=ASKfm%20Mobile%20Site
Frame ID: 0A5C7DEF3CD0485868C1088441FBF0F2
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Get our app!

Page URL History Show full URLs

  1. https://ask.fm/home/app/promo/android?utm_medium=conversion_button_android_default_87 HTTP 302
    https://askfm.onelink.me/FaQr/app?it=&utm_medium=conversion_button_android_default_87&utm_source=inte... HTTP 301
    https://ref.ask.fm/apps?source_caller=ui&utm_source=internal&shortlink=app&utm_medium=conversio... Page URL

Page Statistics

1
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

28 kB
Transfer

48 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ask.fm/home/app/promo/android?utm_medium=conversion_button_android_default_87 HTTP 302
    https://askfm.onelink.me/FaQr/app?it=&utm_medium=conversion_button_android_default_87&utm_source=internal HTTP 301
    https://ref.ask.fm/apps?source_caller=ui&utm_source=internal&shortlink=app&utm_medium=conversion_button_android_default_87&pid=ASKfm%20Mobile%20Site Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request apps
ref.ask.fm/
Redirect Chain
  • https://ask.fm/home/app/promo/android?utm_medium=conversion_button_android_default_87
  • https://askfm.onelink.me/FaQr/app?it=&utm_medium=conversion_button_android_default_87&utm_source=internal
  • https://ref.ask.fm/apps?source_caller=ui&utm_source=internal&shortlink=app&utm_medium=conversion_button_android_default_87&pid=ASKfm%20Mobile%20Site
28 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ref.ask.fm/apps?source_caller=ui&utm_source=internal&shortlink=app&utm_medium=conversion_button_android_default_87&pid=ASKfm%20Mobile%20Site
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.138.77.140 , Latvia, ASN395754 (ASK-FM, US),
Reverse DNS
Software
/
Resource Hash
c39140faff9c0016aed48f81f467b77a83b58c71dc746f39b4ab28c5360d712a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Content-Security-Policy
frame-ancestors 'self' https://askfm.adspirit.de
Content-Type
text/html
Strict-Transport-Security
max-age=63072000

Redirect headers

cache-control
no-cache, no-store
content-length
0
content-type
application/octet-stream
date
Wed, 10 May 2023 15:18:09 GMT
location
https://ref.ask.fm/apps?source_caller=ui&utm_source=internal&shortlink=app&utm_medium=conversion_button_android_default_87&pid=ASKfm Mobile Site
server
http-kit
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 f5046bb9ebd1a8f25b2025d7d9a283f2.cloudfront.net (CloudFront)
x-amz-cf-id
nAbLd5Ix6kUd3At09xvPbYtYPIgh4u8QpcYDYsUyfWblyY7Bls8Www==
x-amz-cf-pop
AMS1-C1
x-cache
Miss from cloudfront
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ac0759146c2f054e90e34478cfc66d62b2e87fb601e8e314966fb3a5b7c4cf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9068f3a5779101c0ff927675cfaa9466d7312319729f48c4225411dbd3b4eb86

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
563deeef4159b236e32698b2138dc9e5eb06f0f19fcf8e9bd58d303332a94a79

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c3db119d0cd691714937ebb1cde9cd8e031e6ad0e8334fb798de20d6b8583ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| ua string| query undefined| ref undefined| tll

5 Cookies

Domain/Path Name / Value
ask.fm/ Name: locale
Value: de
ask.fm/ Name: uuid
Value: f9c3e8f2-3963-4309-9cfc-48f580ee2fd1
ask.fm/ Name: promo
Value: off
ask.fm/ Name: country
Value: DE
ask.fm/ Name: _m_ask_fm_session
Value: TjhzZzNHa1RnVUFOR0dyVnR2NkgxNG1hc1pWbFpYemxMQ2MrZzJwRTFETDdoR2RKUXE3SnIzQkY2Q1JvV1hZVjdneG5VQkxnekh2eUFjcmw0ZGxPaUVXcTdUb1FINklXWUZFWFFZWWI4aXpWemtPNnFoSE5KUWxabklCMTNoL1YzS3phUUR1NGI2MnBqdGdmN3IrbFBnUFBSSHMrUm1ra09NbGxBUVJ3cWRJPS0tZjA5T1ZJcmFOOFIyTm93dVZtTXZFZz09--8fda06dc818d556ab9d0bf5c9a7678aa1f2aeca4

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security max-age=63072000