ask.fm Open in urlscan Pro
193.138.77.145  Public Scan

12 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

• https://mc.yandex.com/sync_cookie_image_check HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9349.q-us9D-15woP-XzyPlyjXj11N5y76yrAu0RO5aGUWPQeOFKzp3H6fXUn1wExMOIR.sJKgUMRfLyqsynMJKK-W_2E-Ees%2C HTTP 302
• https://mc.yandex.com/sync_cookie_image_decide?token=9349.JFsQjxbCq5TxmMsfqqur_lcNNoMT1btLvBOmbpFcgDAFoiK0v2nbFurKUuqoJPE-D1PkM1pvO4Xh4AHZv-TUnw%2C%2C.1bUiq3Z2OOwQ9YcnwbnkqQCzD5M%2C

Request Chain 15

• https://ads.us.e-planning.net/hb/1/2d2b8/1/ask.fm/ROS?rnd=0.32432753853034924&e=300x600_0%3A300x600%2C300x250%2C336x280%2C336x228%2C250x250%2C200x200%2C320x568%2C250x360%2C300x300%2C250x600%2C320x320%2C320x250%2C300x150&ur=https%3A%2F%2Fask.fm%2Fweaselslash035&r=pbjs&pbv=3.27.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fask.fm%2Fweaselslash035&gdpr=0 HTTP 302
• https://ads.us.e-planning.net/hb/1/2d2b8/1/ask.fm/ROS?ct=1&rnd=0.32432753853034924&e=300x600_0%3A300x600%2C300x250%2C336x280%2C336x228%2C250x250%2C200x200%2C320x568%2C250x360%2C300x300%2C250x600%2C320x320%2C320x250%2C300x150&ur=https%3A%2F%2Fask.fm%2Fweaselslash035&r=pbjs&pbv=3.27.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fask.fm%2Fweaselslash035&gdpr=0

Request Chain 31

• https://ads.us.e-planning.net/hb/1/2d2b8/1/ask.fm/ROS?rnd=0.8026366992592753&e=300x250_0%3A300x250%2C336x280%2C336x228%2C250x250%2C200x200%2C250x360%2C300x300%2C320x320%2C320x250%2C300x150&ur=https%3A%2F%2Fask.fm%2Fweaselslash035&r=pbjs&pbv=3.27.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fask.fm%2Fweaselslash035&gdpr=0 HTTP 302
• https://ads.us.e-planning.net/hb/1/2d2b8/1/ask.fm/ROS?ct=1&rnd=0.8026366992592753&e=300x250_0%3A300x250%2C336x280%2C336x228%2C250x250%2C200x200%2C250x360%2C300x300%2C320x320%2C320x250%2C300x150&ur=https%3A%2F%2Fask.fm%2Fweaselslash035&r=pbjs&pbv=3.27.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fask.fm%2Fweaselslash035&gdpr=0

Request Chain 36

• https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fweaselslash035&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A829%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A606%3Acn%3A1%3Adp%3A0%3Als%3A762422930652%3Ahid%3A313600713%3Az%3A120%3Ai%3A20210729110759%3Aet%3A1627549679%3Ac%3A1%3Arn%3A400356657%3Au%3A1627549679600225997%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627549678427%3Ads%3A3%2C402%2C214%2C1%2C0%2C0%2C%2C93%2C91%2C%2C%2C%2C717%3Adsn%3A3%2C402%2C214%2C1%2C0%2C0%2C%2C95%2C91%2C%2C%2C%2C717%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627549680%3At%3Axfbxw12%20(%40weaselslash035)%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm HTTP 302
• https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fweaselslash035&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A829%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A606%3Acn%3A1%3Adp%3A0%3Als%3A762422930652%3Ahid%3A313600713%3Az%3A120%3Ai%3A20210729110759%3Aet%3A1627549679%3Ac%3A1%3Arn%3A400356657%3Au%3A1627549679600225997%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627549678427%3Ads%3A3%2C402%2C214%2C1%2C0%2C0%2C%2C93%2C91%2C%2C%2C%2C717%3Adsn%3A3%2C402%2C214%2C1%2C0%2C0%2C%2C95%2C91%2C%2C%2C%2C717%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627549680%3At%3Axfbxw12%20%28%40weaselslash035%29%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm

Request Chain 60

• https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=wWC8yXxlWE1IWW5JSW5SOExlbDl4OXdqTEhxVW5CWnpkQXBLdGFlSU1RMXVTS0Vya1hHV2RwVm5SbWtWS2RVb2UzdUlMQ2xLT2VzcE1MQU85c2d6dDJzR2dTbXpSdnpRaWRCcHhGVU9iWHlMRkVIdHJvbGdzSENTQjR1NmliOEVJeUw2R2NpV1ZZWi9KQUdiQUJjazg2Y0JJcSt4VG52Nyt0R2k0S25IVnhPaUxVcUhhOGdKdHB1eEZaWlBNdE1jZkh2QlZJbnhsYlIrUEx6TWUwaGFKY2w3VS81SWJtNFFjY0JpWjlselVQcTBZaXo2WTM1REVTd25LcDUxbzFLUEtoRmJSfA&cppv=2

Request Chain 84

• https://onetag-sys.com/usync/?tag=img HTTP 302
• https://x.bidswitch.net/sync?ssp=onetag HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=onetag HTTP 302
• https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=onetag&gdpr=&gdpr_consent= HTTP 302
• https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=onetag&gdpr=1&user_id=keDZvZG3j7mK5o27n-HEvpKw0LuK4Y2_xrfw4Ejo

Request Chain 85

• https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D HTTP 302
• https://onetag-sys.com/sync/i,1/9b2e6102-6ff5-4500-ae8d-c0c3a3022be3

Request Chain 87

• https://dmp.adform.net/serving/cookie/match?party=1167&cid=SHHX90rWN4dtyTwatKx8RkdGafjF49ijj_MXAvq9lPg HTTP 302
• https://dmp.adform.net/serving/cookie/match?CC=1&party=1167&cid=SHHX90rWN4dtyTwatKx8RkdGafjF49ijj_MXAvq9lPg HTTP 302
• https://onetag-sys.com/sync/i,34/3308670224216991635

Request Chain 88

• https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm&no_r=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm=&no_r=1&google_tc= HTTP 302
• https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEMPAuHwy3OMcXbRgQFwvCcg&google_cver=1

Request Chain 91

• https://ups.analytics.yahoo.com/ups/58488/occ HTTP 302
• https://ups.analytics.yahoo.com/ups/58488/occ?verify=true HTTP 302
• https://onetag-sys.com/match/?int_id=92&uid=y-.CKmaO9E2uETM45Iicxqn0gPSMYU1PmLnsLbjNQ-~A

Request Chain 92

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
• https://onetag-sys.com/sync/i,29/?tdid=31a51baf-11ba-4a73-ab69-62c6dbf8a374&ttl=1630141686

Request Chain 93

• https://x.bidswitch.net/sync?ssp=onetag HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=onetag HTTP 302
• https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=onetag&ssp_user_id=2ad720ba-67ba-4237-909c-b5fde1f8f071 HTTP 302
• https://x.bidswitch.net/sync?dsp_id=74&&user_id=180897071&expires=5&ssp=onetag HTTP 302
• https://onetag-sys.com/match/?int_id=30&uid=5f1f773e-e9eb-4e1c-88e9-678ed03bf426&gdpr=&gdpr_consent=&us_privacy=

Request Chain 96

• https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
• https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6509760604848508901

Request Chain 97

• https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
• https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
• https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP7ca2b2a0-f04c-11eb-821a-02407095623c HTTP 302
• https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP7ca2b2a0-f04c-11eb-821a-02407095623c

Request Chain 98

• https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
• https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4582140318056015221

Request Chain 99

• https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
• https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=07e51f66-4336-46b9-a1c7-ad60aed8a3ee

Request Chain 100

• https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
• https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-92dba693-4fdf-41ad-bd13-6a3bffe64695

Request Chain 102

• https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
• https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
• https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-XIw5lKFE2uG9hVdkiwtBxG43qY7YPuPAlhIbPig-~A

Request Chain 103

• https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
• https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
• https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f25e20047498936deed2aa07

Request Chain 104

• https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
• https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=436c6529-1e93-448f-9bb9-7f6e9aa4588e

Request Chain 107

• https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
• https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 109

• https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
• https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 111

• https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D HTTP 302
• https://onetag-sys.com/sync/i,1/11066102-6ff6-4400-8ec3-7ce9fc07ae09

Request Chain 113

• https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm&no_r=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm=&no_r=1&google_tc= HTTP 302
• https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEIjZMcqO-MSWAfg_k8RyVO0&google_cver=1

Request Chain 115

• https://ups.analytics.yahoo.com/ups/58488/occ HTTP 302
• https://ups.analytics.yahoo.com/ups/58488/occ?verify=true HTTP 302
• https://onetag-sys.com/match/?int_id=92&uid=y-XIw5lKFE2uG9hVdkiwtBxG43qY7YPuPAlhIbPig-~A

Request Chain 116

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
• https://onetag-sys.com/sync/i,29/?tdid=31a51baf-11ba-4a73-ab69-62c6dbf8a374&ttl=1630141686

Request Chain 117

• https://x.bidswitch.net/sync?ssp=onetag HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=onetag HTTP 302
• https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Donetag%26bsw_param%3D5f1f773e-e9eb-4e1c-88e9-678ed03bf426&gdpr=&gdpr_consent= HTTP 302
• https://x.bidswitch.net/sync?dsp_id=80&user_id=11066102-6ff6-4400-8ec3-7ce9fc07ae09&expires=30&ssp=onetag&bsw_param=5f1f773e-e9eb-4e1c-88e9-678ed03bf426&gdpr=&gdpr_consent= HTTP 302
• https://onetag-sys.com/match/?int_id=30&uid=5f1f773e-e9eb-4e1c-88e9-678ed03bf426&gdpr=&gdpr_consent=&us_privacy=

Request Chain 118

• https://dmp.adform.net/serving/cookie/match?party=1167&cid=RlGbB_aH0yN8DU3RfVraLMnqUUDxRyPWbwt7hAs0Uqo HTTP 302
• https://onetag-sys.com/sync/i,34/3746615079215131060

Request Chain 122

• https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YQJv9ppCOI1M6XSawYuf4gAA HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIYZ33iPSWu-WuYoGrQaLZ0&google_cver=1&gdpr=1

Request Chain 124

• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQJv9ppCOI1M6XSawYuf4gAAB08AAAIB HTTP 302
• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQJv9ppCOI1M6XSawYuf4gAAB08AAAIB&dcc=t

Request Chain 125

• https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQJv9ppCOI1M6XSawYuf4gAAB08AAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPv-9zoXO1oN2cApOdIybPA&google_cver=1

Request Chain 126

• https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=11066102-6ff6-4400-8ec3-7ce9fc07ae09&gdpr=1&gdpr_consent=

Request Chain 131

• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQJv9tUThmyOtc-fu5IhbwAAAU8AAAAB HTTP 302
• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQJv9tUThmyOtc-fu5IhbwAAAU8AAAAB&dcc=t

Request Chain 132

• https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YQJv9tUThmyOtc.fu5IhbwAA HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIYZ33iPSWu-WuYoGrQaLZ0&google_cver=1&gdpr=1&google_hm=2

Request Chain 134

• https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQJv9tUThmyOtc-fu5IhbwAAAU8AAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPv-9zoXO1oN2cApOdIybPA&google_cver=1

Request Chain 137

• https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=FcGizJGlT6p-qMSoKdzuCLnsKh0

Request Chain 138

• https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
• https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6808360881044549864&uid=Q6808360881044549864&ref=%2Feucm%2Fp%2Fcc HTTP 302
• https://px.owneriq.net/noop?ct=image%2Fgif

142 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set weaselslash035 Show response ask.fm/	16 KB 6 KB	620ms 214ms	Document text/html	193.138.77.145 ASK-FM
General Check archive.org Show headers Download Go to Full URL https://ask.fm/weaselslash035 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.138.77.145 , Latvia, ASN395754 (ASK-FM, US), Reverse DNS Software Ask.FM Web Service / Resource Hash c8a2c69b4afd84ddc74ee3e5ee01c500ecfc2a1e51135c9b2293d7e84420c412 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Host ask.fm Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Status 200 OK Cache-Control max-age=0, private, must-revalidate ETag W/"24383532ada72d26f71a92039fca3e2e" X-Frame-Options SAMEORIGIN X-XSS-Protection 1; mode=block X-Content-Type-Options nosniff Date Thu, 29 Jul 2021 09:07:58 GMT Set-Cookie locale=en; path=/; expires=Fri, 29 Jul 2022 15:07:58 -0000 uuid=3c52bbc3-ac95-492b-ba4a-3f1f945ad626; path=/; expires=Fri, 29 Jul 2022 15:07:58 -0000; secure; HttpOnly country=SE; path=/; expires=Fri, 29 Jul 2022 15:07:58 -0000 traffic_source=organic; path=/; expires=Sat, 31 Jul 2021 09:07:58 -0000 _m_ask_fm_session=MVAyREZpVVE3aU95R1pSZ2RMR1JnYjZCKzZDMTdQYkFHM2JleXU5a0l5elEzZzNvZml4dSt2UDVLamxkS1NkbkYrUzg1VDFiWnhxVWFQME9mRWJHL2YydkEwZEthaGs1WDVBMnVETVZBWm5ERUxDZFF1cDNQcE9GKzBybCtoZVhIbTEvdjlaR2NodkJIcERLRVVoanV6MEI5c1dOYmtUR3RjMzBzcjB4NXBGcDBKNTZZN1Z4cm5kMVVwakdReUpNSFR4Q3lFd3VaRUFsdEdNbGpDalRucjVVaW85NThldE1ma0lCcWV0bTF5RjBIbjNPRWx0RXV6akQ5NUtFcUY5OS0tZGIyWUpVaStXWnNVTld3SXk4d3lwZz09--273a5d97aef56149c2564988a7f364df676725bb; path=/; expires=Sun, 01 Aug 2021 09:07:58 -0000; secure; HttpOnly Server Ask.FM Web Service Content-Encoding gzip Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000
GET H2	200	application_ltr-79dd407c5a949cee8d9a029379a49bd11ba6e422343534d8debb568b366fb33e.css d3r6ceqp4shltl.cloudfront.net/assets/	179 KB 39 KB	47ms 13ms	Stylesheet text/css	2600:9000:2190:8600:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-79dd407c5a949cee8d9a029379a49bd11ba6e422343534d8debb568b366fb33e.css Requested by Host: ask.fm URL: https://ask.fm/weaselslash035 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:8600:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash b2e5e4e5a81e4a15556e78fd0de89a86ac2208b717cf37fb823560be8c49f14b Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 20 Jul 2021 12:26:39 GMT content-encoding gzip age 765680 x-cache Hit from cloudfront access-control-max-age 3000 content-length 38947 access-control-allow-origin https://ask.fm last-modified Mon, 19 Jul 2021 12:08:27 GMT server Ask.FM Web Service etag "60f56b3b-9823" strict-transport-security max-age=63072000 access-control-allow-methods GET content-type text/css via 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront) cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop ZRH50-C1 x-amz-cf-id p_hdDLwWkur170d7Z8nPOcx9j6xq3gFtdntTDFi4hV_vZcgjnqZPPQ== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js Show response d3r6ceqp4shltl.cloudfront.net/assets/	215 KB 68 KB	57ms 24ms	Script application/javascript	2600:9000:2190:8600:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js Requested by Host: ask.fm URL: https://ask.fm/weaselslash035 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:8600:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 13:38:20 GMT content-encoding gzip age 5599779 x-cache Hit from cloudfront access-control-max-age 3000 content-length 68515 access-control-allow-origin https://ask.fm last-modified Mon, 24 May 2021 13:24:40 GMT server Ask.FM Web Service etag "60aba918-10ba3" strict-transport-security max-age=63072000 access-control-allow-methods GET content-type application/javascript via 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront) cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop ZRH50-C1 x-amz-cf-id yuFerSjHD4jj5A4H1XSl5kkAh71KfyB2d6iCWmEU9zun0M6XrDP1tQ== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	profile-bg-853324ad1cb1a0bbc62244f1854403cfe21ddb5bd45fd2595d018734c80daac7.png d3r6ceqp4shltl.cloudfront.net/assets/	24 KB 24 KB	13ms 13ms	Image image/png	2600:9000:2190:8600:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/profile-bg-853324ad1cb1a0bbc62244f1854403cfe21ddb5bd45fd2595d018734c80daac7.png Requested by Host: ask.fm URL: https://ask.fm/weaselslash035 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:8600:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 853324ad1cb1a0bbc62244f1854403cfe21ddb5bd45fd2595d018734c80daac7 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 12 Jun 2021 01:11:32 GMT via 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront) age 4089387 x-cache Hit from cloudfront access-control-max-age 3000 content-length 24239 last-modified Wed, 27 Sep 2017 12:11:28 GMT server Ask.FM Web Service etag "59cb9570-5eaf" strict-transport-security max-age=63072000 access-control-allow-methods GET content-type image/png access-control-allow-origin https://ask.fm cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop ZRH50-C1 accept-ranges bytes x-amz-cf-id zjc3J0_zMg8jsp1evwnA3OZzoKjnafplROxBn0NhabRh4dNcogSZWQ== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	house_banner_support_center-85ea197689891192f6f5ea6ceb68ad0ac922bde59f45262a122d44cbe00fd78f.png d3r6ceqp4shltl.cloudfront.net/assets/	26 KB 26 KB	12ms 12ms	Image image/png	2600:9000:2190:8600:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/house_banner_support_center-85ea197689891192f6f5ea6ceb68ad0ac922bde59f45262a122d44cbe00fd78f.png Requested by Host: ask.fm URL: https://ask.fm/weaselslash035 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:8600:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 85ea197689891192f6f5ea6ceb68ad0ac922bde59f45262a122d44cbe00fd78f Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 25 Feb 2021 11:14:42 GMT via 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront) age 13297997 x-cache Hit from cloudfront access-control-max-age 3000 content-length 26285 last-modified Wed, 25 Oct 2017 13:07:33 GMT server Ask.FM Web Service etag "59f08c95-66ad" strict-transport-security max-age=63072000 access-control-allow-methods GET content-type image/png access-control-allow-origin https://ask.fm cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop ZRH50-C1 accept-ranges bytes x-amz-cf-id uMoe49ebbFKcqgwlm4eiNxWat965-xuMVor3EVhhLxGlT8Bs8iBKxw== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	tag.js Show response mc.yandex.ru/metrika/	225 KB 72 KB	134ms 44ms	Script application/javascript	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/tag.js Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 3dfd608e10c0c68f9f571b7dd26bceb6bfd71e3253cb6bafeb559bbf1d01b46e Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 29 Jul 2021 09:07:59 GMT content-encoding br last-modified Wed, 28 Jul 2021 09:12:16 GMT etag "61011e70-11dc6" strict-transport-security max-age=31536000 content-type application/javascript access-control-allow-origin * cache-control max-age=3600 content-length 73158 expires Thu, 29 Jul 2021 10:07:59 GMT
GET H2	200	noAvatar-c233d6098087425dfeea8f690fd936de6b3cb2dc9fda991b0a5051169d334399.png d3r6ceqp4shltl.cloudfront.net/assets/	956 B 1 KB	12ms 12ms	Image image/png	2600:9000:2190:8600:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/noAvatar-c233d6098087425dfeea8f690fd936de6b3cb2dc9fda991b0a5051169d334399.png Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:8600:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash c233d6098087425dfeea8f690fd936de6b3cb2dc9fda991b0a5051169d334399 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 25 Feb 2021 11:15:13 GMT via 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront) age 13297966 x-cache Hit from cloudfront access-control-max-age 3000 content-length 956 last-modified Wed, 06 Sep 2017 12:36:34 GMT server Ask.FM Web Service etag "59afebd2-3bc" strict-transport-security max-age=63072000 access-control-allow-methods GET content-type image/png access-control-allow-origin https://ask.fm cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop ZRH50-C1 accept-ranges bytes x-amz-cf-id hHQksUyPk3sK2XrdyAdf9Yar2Y1CkH4lS534oOTDjxQeXml8EGiulA== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	fontello-4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316.woff2 d3r6ceqp4shltl.cloudfront.net/assets/	17 KB 18 KB	39ms 14ms	Font application/font-woff2	2600:9000:2190:8600:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/fontello-4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316.woff2 Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-79dd407c5a949cee8d9a029379a49bd11ba6e422343534d8debb568b366fb33e.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:8600:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Origin https://ask.fm Referer https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-79dd407c5a949cee8d9a029379a49bd11ba6e422343534d8debb568b366fb33e.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 29 Apr 2021 07:03:25 GMT via 1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront) vary Accept-Encoding,Origin age 7869874 x-cache Hit from cloudfront strict-transport-security max-age=63072000 content-length 17880 last-modified Thu, 29 Apr 2021 05:41:49 GMT server Ask.FM Web Service etag "608a471d-45d8" access-control-max-age 3000 access-control-allow-methods GET content-type application/font-woff2 access-control-allow-origin https://ask.fm cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop ZRH50-C1 accept-ranges bytes x-amz-cf-id qbwfu-wcYGFaYTB4-5cm5r9PJ3JFxfG21Cb9SEJv4-QI0n-Ocvvy_w== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	proximanova-semibold-41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401.woff2 d3r6ceqp4shltl.cloudfront.net/assets/	25 KB 25 KB	39ms 14ms	Font application/font-woff2	2600:9000:2190:8600:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/proximanova-semibold-41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401.woff2 Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-79dd407c5a949cee8d9a029379a49bd11ba6e422343534d8debb568b366fb33e.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:8600:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Origin https://ask.fm Referer https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-79dd407c5a949cee8d9a029379a49bd11ba6e422343534d8debb568b366fb33e.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 25 Feb 2021 11:14:43 GMT via 1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront) vary Accept-Encoding,Origin age 13297996 x-cache Hit from cloudfront strict-transport-security max-age=63072000 content-length 25400 last-modified Wed, 06 Sep 2017 12:36:34 GMT server Ask.FM Web Service etag "59afebd2-6338" access-control-max-age 3000 access-control-allow-methods GET content-type application/font-woff2 access-control-allow-origin https://ask.fm cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop ZRH50-C1 accept-ranges bytes x-amz-cf-id ON81-oUXIsopIlbw7ATSRd6u_uWPr2QExCSVamatdzM-kymah9ZuNQ== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	proximanovareg-98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f.woff2 d3r6ceqp4shltl.cloudfront.net/assets/	51 KB 52 KB	47ms 22ms	Font application/font-woff2	2600:9000:2190:8600:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/proximanovareg-98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f.woff2 Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-79dd407c5a949cee8d9a029379a49bd11ba6e422343534d8debb568b366fb33e.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:8600:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Origin https://ask.fm Referer https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-79dd407c5a949cee8d9a029379a49bd11ba6e422343534d8debb568b366fb33e.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 25 Feb 2021 11:14:43 GMT via 1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront) vary Accept-Encoding,Origin age 13297996 x-cache Hit from cloudfront strict-transport-security max-age=63072000 content-length 52204 last-modified Wed, 02 Aug 2017 08:00:22 GMT server Ask.FM Web Service etag "59818696-cbec" access-control-max-age 3000 access-control-allow-methods GET content-type application/font-woff2 access-control-allow-origin https://ask.fm cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop ZRH50-C1 accept-ranges bytes x-amz-cf-id w--78czkuH3F4yD5MbHJszd-KnfsJxAtijkQ0guY5Zj2u_po744j-A== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	Cookie set 304 Show response ask.fm/ads/	5 KB 3 KB	149ms 149ms	XHR text/html	193.138.77.145 ASK-FM
General Check archive.org Show headers Download Go to Full URL https://ask.fm/ads/304?login=weaselslash035 Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.138.77.145 , Latvia, ASN395754 (ASK-FM, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 4568639e3f9868d44874d459bfa1aafc2ed0caeb1a81c9ec39d9af0fe5b64a26 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host ask.fm Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Accept */* Cache-Control no-cache Sec-Fetch-Dest empty X-Requested-With XMLHttpRequest Cookie locale=en; uuid=3c52bbc3-ac95-492b-ba4a-3f1f945ad626; country=SE; traffic_source=organic; _m_ask_fm_session=MVAyREZpVVE3aU95R1pSZ2RMR1JnYjZCKzZDMTdQYkFHM2JleXU5a0l5elEzZzNvZml4dSt2UDVLamxkS1NkbkYrUzg1VDFiWnhxVWFQME9mRWJHL2YydkEwZEthaGs1WDVBMnVETVZBWm5ERUxDZFF1cDNQcE9GKzBybCtoZVhIbTEvdjlaR2NodkJIcERLRVVoanV6MEI5c1dOYmtUR3RjMzBzcjB4NXBGcDBKNTZZN1Z4cm5kMVVwakdReUpNSFR4Q3lFd3VaRUFsdEdNbGpDalRucjVVaW85NThldE1ma0lCcWV0bTF5RjBIbjNPRWx0RXV6akQ5NUtFcUY5OS0tZGIyWUpVaStXWnNVTld3SXk4d3lwZz09--273a5d97aef56149c2564988a7f364df676725bb Connection keep-alive Referer https://ask.fm/weaselslash035 Accept */* Referer https://ask.fm/weaselslash035 X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 29 Jul 2021 09:07:59 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server Ask.FM Web Service ETag W/"a53e8ed3c14eb49681fce44ce670907d" X-Frame-Options SAMEORIGIN Content-Type text/html; charset=utf-8 Status 200 OK Set-Cookie locale=en; path=/; expires=Fri, 29 Jul 2022 15:07:59 -0000 _m_ask_fm_session=bzRTRUFEUW50a1dLUnovNTNld01vNkE5Tmw0Z1VlcEhidUVPRXMwTHdwQjRkQWR1YStUbENkcnU5bzc2K3hEaitZMXA4TERkZVdlS1Z2QmYzaVlxSlFKYzRIZlc2d0lGUjVLUGVSVmxLZ09vVFhBd29wWjgvK2JUZGdyMkpVMkhFVlVDRFIrMnQ1ZHdBQ2VKakUrRXBkeGRkeDZiQklvcjlrQ0JrZWI4cWQvK3E0cHFxa2NTbDBValdvdXNqTHEyNTkydEVkU201eFcxemVOOHQwcXl6QmJRZGxacUNFSVZNZXd4d2NBQmNqRjJpMEpSaVZrYnhpd1lRUkRWMU1mZy0tZ3hlL0VhM1JQQy8wT2JiNVNWVW8wQT09--34562877a74fc5b81de136fef4c93964fc331617; path=/; expires=Sun, 01 Aug 2021 09:07:59 -0000; secure; HttpOnly Cache-Control max-age=0, private, must-revalidate Transfer-Encoding chunked Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	Cookie set 404 Show response ask.fm/ads/	5 KB 3 KB	291ms 141ms	XHR text/html	193.138.77.145 ASK-FM
General Check archive.org Show headers Download Go to Full URL https://ask.fm/ads/404?login=weaselslash035 Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.138.77.145 , Latvia, ASN395754 (ASK-FM, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 42f60763bfa21d0c1d5fb1ddfb7befe4cc5056c2935c1a046fbf8e476848dd9c Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host ask.fm Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Accept */* Cache-Control no-cache Sec-Fetch-Dest empty X-Requested-With XMLHttpRequest Cookie locale=en; uuid=3c52bbc3-ac95-492b-ba4a-3f1f945ad626; country=SE; traffic_source=organic; _m_ask_fm_session=MVAyREZpVVE3aU95R1pSZ2RMR1JnYjZCKzZDMTdQYkFHM2JleXU5a0l5elEzZzNvZml4dSt2UDVLamxkS1NkbkYrUzg1VDFiWnhxVWFQME9mRWJHL2YydkEwZEthaGs1WDVBMnVETVZBWm5ERUxDZFF1cDNQcE9GKzBybCtoZVhIbTEvdjlaR2NodkJIcERLRVVoanV6MEI5c1dOYmtUR3RjMzBzcjB4NXBGcDBKNTZZN1Z4cm5kMVVwakdReUpNSFR4Q3lFd3VaRUFsdEdNbGpDalRucjVVaW85NThldE1ma0lCcWV0bTF5RjBIbjNPRWx0RXV6akQ5NUtFcUY5OS0tZGIyWUpVaStXWnNVTld3SXk4d3lwZz09--273a5d97aef56149c2564988a7f364df676725bb Connection keep-alive Referer https://ask.fm/weaselslash035 Accept */* Referer https://ask.fm/weaselslash035 X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 29 Jul 2021 09:07:59 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server Ask.FM Web Service ETag W/"ec19f7d60e9a06a514b64e56157e129e" X-Frame-Options SAMEORIGIN Content-Type text/html; charset=utf-8 Status 200 OK Set-Cookie locale=en; path=/; expires=Fri, 29 Jul 2022 15:07:59 -0000 _m_ask_fm_session=bjA4cjE0L0Jxc2VhRjVEYlE4K3ozaDZzUXJnRkd3QVJZR2tqWkJyOHdBSEpjUXh0MVQ5T0hXZm1LWjZlZkIzVWxzaG9SZTBMdWQxdzdkdzZPR0FQZHA4Z0djSktINnJncHlPMHlDcXlSeDhEMThvYW1Hbzd5cFpiWlpSTmVPUVZpeUN0WVpzMExLWWppdENlWVBZYmZCajBuR3Qza3JkTUF6a1ZmVzd0dHVBeDYwajlCTXhPTlRUMkFBeUpwRnhxQXkvVWdYVzgrdGM0dzU2bDdlS2drR0UrVjhLa1lReEQ3Zkh5YklqMGx3eVh3a041ZzBhQy9hU2N1cndtaUg5Sy0tUVNXdGtDNEdDZ0szWkxDK25VTFpGdz09--db670203b43573be417b1bf8d72cc7b6baf0f86d; path=/; expires=Sun, 01 Aug 2021 09:07:59 -0000; secure; HttpOnly Cache-Control max-age=0, private, must-revalidate Transfer-Encoding chunked Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 X-XSS-Protection 1; mode=block
GET H2	400	sync_cookie_image_decide mc.yandex.com/ Redirect Chain https://mc.yandex.com/sync_cookie_image_check https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9349.q-us9D-15woP-XzyPlyjXj11N5y76yrAu0RO5aGUWPQeOFKzp3H6fXUn1wExMOIR.sJKgUMRfLyqsynMJKK-W_2E-Ees%2C https://mc.yandex.com/sync_cookie_image_decide?token=9349.JFsQjxbCq5TxmMsfqqur_lcNNoMT1btLvBOmbpFcgDAFoiK0v2nbFurKUuqoJPE-D1PkM1pvO4Xh4AHZv-TUnw%2C%2C.1bUiq3Z2OOwQ9YcnwbnkqQCzD5M%2C	75 B 75 B	49ms 48ms	Image text/html	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/sync_cookie_image_decide?token=9349.JFsQjxbCq5TxmMsfqqur_lcNNoMT1btLvBOmbpFcgDAFoiK0v2nbFurKUuqoJPE-D1PkM1pvO4Xh4AHZv-TUnw%2C%2C.1bUiq3Z2OOwQ9YcnwbnkqQCzD5M%2C Requested by Host: ask.fm URL: https://ask.fm/weaselslash035 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 29 Jul 2021 09:07:59 GMT strict-transport-security max-age=31536000 content-length 75 x-xss-protection 1; mode=block content-type text/html; charset=utf-8 Redirect headers location https://mc.yandex.com/sync_cookie_image_decide?token=9349.JFsQjxbCq5TxmMsfqqur_lcNNoMT1btLvBOmbpFcgDAFoiK0v2nbFurKUuqoJPE-D1PkM1pvO4Xh4AHZv-TUnw%2C%2C.1bUiq3Z2OOwQ9YcnwbnkqQCzD5M%2C date Thu, 29 Jul 2021 09:07:59 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
GET H2	200	prebid_v3.27.0_adtarget.js Show response d2f6o1s2veeoj7.cloudfront.net/ Frame FA7D	294 KB 294 KB	34ms 8ms	Script application/javascript	2600:9000:20eb:3a00:7:6e4f:6cc0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:3a00:7:6e4f:6cc0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash cee03da6372aac6087621b63d577c941c783700c781be1443a42b24626021c34 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 29 Jul 2021 05:23:25 GMT via 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront) last-modified Wed, 20 Jan 2021 09:04:14 GMT server AmazonS3 age 13497 etag "43bed5597e2a691c101f2b9601b16c87" x-cache Hit from cloudfront content-type application/javascript x-amz-cf-pop FRA2-C1 accept-ranges bytes content-length 300872 x-amz-cf-id dS39KaCJtf4pNOvjSjPnaiPg44t49L-GeV0n7IoZEenCvL_hnH5PwA==
GET H2	200	advert.gif mc.yandex.com/metrika/	43 B 111 B	44ms 44ms	Image image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/metrika/advert.gif Requested by Host: ask.fm URL: https://ask.fm/weaselslash035 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 29 Jul 2021 09:07:59 GMT last-modified Wed, 28 Jul 2021 09:12:16 GMT etag "61011e70-2b" strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes content-length 43 expires Thu, 29 Jul 2021 10:07:59 GMT
GET H2	200	latest.json Show response cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame FA7D	2 KB 1 KB	20ms 7ms	XHR application/json	2a04:4e42:3::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210729 Requested by Host: d2f6o1s2veeoj7.cloudfront.net URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 3d47238831047212d85dc591b2a9a01bc08711e17d5ebe79b37b7802e44a358d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 21493 x-jsd-version 1.0.1052 x-cache HIT cross-origin-resource-policy cross-origin content-length 935 etag W/"6a0-F8dDGncfmuu3lsQhTn/Gjj9tlgk" x-served-by cache-fra19135-FRA x-jsd-version-type version date Thu, 29 Jul 2021 09:07:59 GMT vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H2	200	ROS Show response ads.us.e-planning.net/hb/1/2d2b8/1/ask.fm/ Frame FA7D Redirect Chain https://ads.us.e-planning.net/hb/1/2d2b8/1/ask.fm/ROS?rnd=0.32432753853034924&e=300x600_0%3A300x600%2C300x250%2C336x280%2C336x228%2C250x250%2C200x200%2C320x568%2C250x360%2C300x300%2C250x600%2C320x3... https://ads.us.e-planning.net/hb/1/2d2b8/1/ask.fm/ROS?ct=1&rnd=0.32432753853034924&e=300x600_0%3A300x600%2C300x250%2C336x280%2C336x228%2C250x250%2C200x200%2C320x568%2C250x360%2C300x300%2C250x600%2C...	63 B 378 B	52ms 51ms	XHR application/json	5.178.65.246 SERVERIUS-AS
General Check archive.org Show headers Download Go to Full URL https://ads.us.e-planning.net/hb/1/2d2b8/1/ask.fm/ROS?ct=1&rnd=0.32432753853034924&e=300x600_0%3A300x600%2C300x250%2C336x280%2C336x228%2C250x250%2C200x200%2C320x568%2C250x360%2C300x300%2C250x600%2C320x320%2C320x250%2C300x150&ur=https%3A%2F%2Fask.fm%2Fweaselslash035&r=pbjs&pbv=3.27.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fask.fm%2Fweaselslash035&gdpr=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL), Reverse DNS ads.us.e-planning.net Software openresty / Resource Hash 70a2f5c3a1ca60f0a3dad061683a7001433ed3275cc0648866a5535777980aab Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 29 Jul 2021 09:07:59 GMT server openresty p3p policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV" access-control-allow-origin https://ask.fm expires Thu, 29 Jul 2021 09:07:59 GMT cache-control max-age=0, no-cache access-control-allow-credentials true content-type application/json content-length 63 x-sid AMS-611 Redirect headers date Thu, 29 Jul 2021 09:07:59 GMT server openresty access-control-allow-origin https://ask.fm p3p policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV" location /hb/1/2d2b8/1/ask.fm/ROS?ct=1&rnd=0.32432753853034924&e=300x600_0%3A300x600%2C300x250%2C336x280%2C336x228%2C250x250%2C200x200%2C320x568%2C250x360%2C300x300%2C250x600%2C320x320%2C320x250%2C300x150&ur=https%3A%2F%2Fask.fm%2Fweaselslash035&r=pbjs&pbv=3.27.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fask.fm%2Fweaselslash035&gdpr=0 access-control-allow-credentials true content-type text/html; charset=iso-8859-1 x-sid AMS-611
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/ Frame FA7D	144 B 1 KB	189ms 80ms	XHR application/json	37.252.172.250 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: d2f6o1s2veeoj7.cloudfront.net URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash ab9ba6ee6e99b54d4c2b26c4e8a76a5add21894a647025912b6f4a410e67c5de Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Thu, 29 Jul 2021 09:07:59 GMT X-Proxy-Origin 185.236.42.29; 185.236.42.29; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid ac6c9b3f-cbef-4a40-abd8-b7a4761defb4 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://ask.fm Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 144 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	arj Show response askfm-usd-d.openx.net/w/1.0/ Frame FA7D	173 B 357 B	212ms 137ms	XHR application/json	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://askfm-usd-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fask.fm%2Fweaselslash035&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=895b62a9-a09d-43f7-8057-92ba9e14ecc5&nocache=1627549679536&gdpr=0&x_gdpr_f=1&aus=300x600%2C300x250%2C336x280%2C336x228%2C250x250%2C200x200%2C320x568%2C250x360%2C300x300%2C250x600%2C320x320%2C320x250%2C300x150&divIds=desktop_300x600&auid=540567299 Requested by Host: d2f6o1s2veeoj7.cloudfront.net URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/16.211.0 / Resource Hash d38a6be264d5e523d2a75fb2e86c88d0d9910efcc4ef05d9ffbe1dc9bc5f1696 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 29 Jul 2021 09:07:59 GMT content-encoding gzip server OXGW/16.211.0 vary Accept, Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin https://ask.fm cache-control private, max-age=0, no-cache access-control-allow-credentials true content-type application/json alt-svc clear content-length 165 via 1.1 google expires Mon, 26 Jul 1997 05:00:00 GMT
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/ Frame FA7D	142 B 1 KB	184ms 76ms	XHR application/json	37.252.172.250 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: d2f6o1s2veeoj7.cloudfront.net URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash acc524779aae3246118f42556de3b666aa115c88b67a1a353594de441754461d Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Thu, 29 Jul 2021 09:07:59 GMT X-Proxy-Origin 185.236.42.29; 185.236.42.29; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 63740e97-7e46-410a-bf7c-b71d16aa4a65 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://ask.fm Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 142 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	cygnus Show response htlb.casalemedia.com/ Frame FA7D	24 B 366 B	260ms 152ms	XHR application/json	184.31.84.150 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://htlb.casalemedia.com/cygnus?s=388708&v=7.2&r=%7B%22id%22%3A%229648f355973698%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2210b91962a4e3b97%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2210b91962a4e3b97%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2210b91962a4e3b97%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2210b91962a4e3b97%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22336x228%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A228%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2210b91962a4e3b97%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22250x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A250%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2210b91962a4e3b97%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22200x200%22%7D%2C%22banner%22%3A%7B%22w%22%3A200%2C%22h%22%3A200%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2210b91962a4e3b97%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22320x568%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A568%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2210b91962a4e3b97%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22250x360%22%7D%2C%22banner%22%3A%7B%22w%22%3A250%2C%22h%22%3A360%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2210b91962a4e3b97%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22300x300%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A300%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2210b91962a4e3b97%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22250x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A250%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2210b91962a4e3b97%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22320x320%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A320%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2210b91962a4e3b97%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22320x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2210b91962a4e3b97%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22300x150%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A150%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fask.fm%2Fweaselslash035%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1 Requested by Host: d2f6o1s2veeoj7.cloudfront.net URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-31-84-150.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 80483b1ba1b4e190bbd2c2b5abc12d9bb0a4ea546182292da34136e1ebd576d6 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 29 Jul 2021 09:07:59 GMT content-encoding gzip x-ak-initial-geo CC:[SE], RC:[AB], CN:[EU], CIP:[185.236.42.29], XFF:[] server Apache vary Is-Traffic-Invalid,Accept-Encoding content-type application/json access-control-allow-origin https://ask.fm x-cs-client-geo 10 cache-control max-age=0, no-cache, no-store access-control-allow-credentials true content-length 44 x-ak-client-geo 10 expires Thu, 29 Jul 2021 09:07:59 GMT
POST H/1.1	200 OK	/ Show response ad.mail.ru/hbid_prebid/ Frame FA7D	84 B 379 B	133ms 49ms	XHR application/json	2a00:1148:db00::17 MAILRU-AS Mail.Ru
General Check archive.org Show headers Download Go to Full URL https://ad.mail.ru/hbid_prebid/ Requested by Host: d2f6o1s2veeoj7.cloudfront.net URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU), Reverse DNS Software nginx / Resource Hash 7cbe534ace49cd24ef35cef70460700ef164f65b6fe7c138b2dcbe4c25432a72 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Date Thu, 29 Jul 2021 09:07:59 GMT Server nginx Transfer-Encoding chunked Content-Type application/json Access-Control-Allow-Origin https://ask.fm Cache-Control private, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive
POST H/1.1	200 OK	v1 Show response prg.smartadserver.com/prebid/ Frame FA7D	975 B 2 KB	287ms 147ms	XHR application/json	185.86.138.121 SMARTADSERVER
General Check archive.org Show headers Download Go to Full URL https://prg.smartadserver.com/prebid/v1 Requested by Host: d2f6o1s2veeoj7.cloudfront.net URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash 73cb370810e50e8edf31a7490c1661c668c534f1de7138f98a35adaedf3785bb Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 29 Jul 2021 09:07:59 GMT content-encoding br vary Accept-Encoding x-smrt-d 4%3b14%3b73 p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" access-control-allow-origin https://ask.fm cache-control no-cache,no-store access-control-allow-credentials true content-type application/json; charset=UTF-8 transfer-encoding chunked
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/ Frame FA7D	61 B 730 B	160ms 54ms	XHR application/json	37.252.172.250 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: d2f6o1s2veeoj7.cloudfront.net URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash efeab73559fcc6d5b9a958ecba36f1b35213cc443c218b0cdebd66fc906f3f78 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Thu, 29 Jul 2021 09:07:59 GMT X-Proxy-Origin 185.236.42.29; 185.236.42.29; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 4b46e74f-8e99-4862-82b6-a9be49c9c073 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://ask.fm Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 61 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H/1.1	200 OK	/ Show response ghb.console.adtarget.com.tr/v2/auction/ Frame FA7D	964 B 719 B	216ms 145ms	XHR application/json	2a0c:5c81:5142::2 24SHELLS
General Check archive.org Show headers Download Go to Full URL https://ghb.console.adtarget.com.tr/v2/auction/ Requested by Host: d2f6o1s2veeoj7.cloudfront.net URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US), Reverse DNS Software VertaMedia 1.0 / Resource Hash 5a21db8868b490c98492a6443236ac76d21fc9dc8eb8d4facb3b01d781417044 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Date Thu, 29 Jul 2021 09:07:59 GMT Content-Encoding gzip Server VertaMedia 1.0 Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin https://ask.fm Access-Control-Allow-Credentials true Connection Keep-Alive Content-Length 438
POST H2	204	cdb Show response bidder.criteo.com/ Frame FA7D	0 179 B	177ms 59ms	XHR text/plain	178.250.0.165 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=32&wv=3.27.0&cb=87456239561 Requested by Host: d2f6o1s2veeoj7.cloudfront.net URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS bidder.par.vip.prod.criteo.com Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://ask.fm date Thu, 29 Jul 2021 09:07:59 GMT access-control-allow-credentials true cross-origin-resource-policy cross-origin server Finatra timing-allow-origin * vary Origin
GET H2	200	prebid_v3.27.0_adtarget.js Show response d2f6o1s2veeoj7.cloudfront.net/ Frame 9754	294 KB 294 KB	7ms 6ms	Script application/javascript	2600:9000:20eb:3a00:7:6e4f:6cc0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:3a00:7:6e4f:6cc0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash cee03da6372aac6087621b63d577c941c783700c781be1443a42b24626021c34 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 29 Jul 2021 05:23:25 GMT via 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront) last-modified Wed, 20 Jan 2021 09:04:14 GMT server AmazonS3 age 13497 etag "43bed5597e2a691c101f2b9601b16c87" x-cache Hit from cloudfront content-type application/javascript x-amz-cf-pop FRA2-C1 accept-ranges bytes content-length 300872 x-amz-cf-id eHU7Fl2zfgMWqfbsT8_20zy7OlhgWPaGNDigO-5vvxAAgZ5yiiGo8Q==
GET H2	200	latest.json Show response cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 9754	2 KB 978 B	6ms 6ms	XHR application/json	2a04:4e42:3::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210729 Requested by Host: d2f6o1s2veeoj7.cloudfront.net URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 3d47238831047212d85dc591b2a9a01bc08711e17d5ebe79b37b7802e44a358d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 21493 x-jsd-version 1.0.1052 x-cache HIT cross-origin-resource-policy cross-origin content-length 935 etag W/"6a0-F8dDGncfmuu3lsQhTn/Gjj9tlgk" x-served-by cache-fra19135-FRA x-jsd-version-type version date Thu, 29 Jul 2021 09:07:59 GMT vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
POST H/1.1	200 OK	/ Show response ad.mail.ru/hbid_prebid/ Frame 9754	85 B 380 B	147ms 64ms	XHR application/json	2a00:1148:db00::17 MAILRU-AS Mail.Ru
General Check archive.org Show headers Download Go to Full URL https://ad.mail.ru/hbid_prebid/ Requested by Host: d2f6o1s2veeoj7.cloudfront.net URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU), Reverse DNS Software nginx / Resource Hash 187b5a1ba01576cdb0e3a809715c7d38b255ff9aca5812c1e086deb861b6285c Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Date Thu, 29 Jul 2021 09:07:59 GMT Server nginx Transfer-Encoding chunked Content-Type application/json Access-Control-Allow-Origin https://ask.fm Cache-Control private, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive
POST H/1.1	200 OK	/ Show response ghb.console.adtarget.com.tr/v2/auction/ Frame 9754	963 B 716 B	174ms 118ms	XHR application/json	2a0c:5c81:5142::2 24SHELLS
General Check archive.org Show headers Download Go to Full URL https://ghb.console.adtarget.com.tr/v2/auction/ Requested by Host: d2f6o1s2veeoj7.cloudfront.net URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US), Reverse DNS Software VertaMedia 1.0 / Resource Hash b8bfbc422dddc128e361cd93990c9f05f51412f684820646a5879bbfc17d2645 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Date Thu, 29 Jul 2021 09:07:59 GMT Content-Encoding gzip Server VertaMedia 1.0 Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin https://ask.fm Access-Control-Allow-Credentials true Connection Keep-Alive Content-Length 435
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/ Frame 9754	143 B 1 KB	168ms 68ms	XHR application/json	37.252.172.250 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: d2f6o1s2veeoj7.cloudfront.net URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash fb32ff13814dc4f0787262c772c1b66794afa3d3c96faa50fbf9c550c640b27a Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Thu, 29 Jul 2021 09:07:59 GMT X-Proxy-Origin 185.236.42.29; 185.236.42.29; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 2bcde1f4-961f-4019-bd72-e80946523497 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://ask.fm Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 143 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	cygnus Show response htlb.casalemedia.com/ Frame 9754	24 B 366 B	214ms 159ms	XHR application/json	184.31.84.150 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://htlb.casalemedia.com/cygnus?s=388708&v=7.2&r=%7B%22id%22%3A%227ffada5f98444f%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22819c266ee379f7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22819c266ee379f7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22819c266ee379f7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22336x228%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A228%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22819c266ee379f7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22250x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A250%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22819c266ee379f7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22200x200%22%7D%2C%22banner%22%3A%7B%22w%22%3A200%2C%22h%22%3A200%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22819c266ee379f7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22250x360%22%7D%2C%22banner%22%3A%7B%22w%22%3A250%2C%22h%22%3A360%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22819c266ee379f7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22300x300%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A300%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22819c266ee379f7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22320x320%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A320%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22819c266ee379f7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22320x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22819c266ee379f7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22388708%22%2C%22sid%22%3A%22300x150%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A150%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fask.fm%2Fweaselslash035%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1 Requested by Host: d2f6o1s2veeoj7.cloudfront.net URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-31-84-150.deploy.static.akamaitechnologies.com Software Apache / Resource Hash a18999d9aedf52cae519ea79ad88123fb20b5e5c71d42a54213a21f6a5baf70d Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 29 Jul 2021 09:07:59 GMT content-encoding gzip x-ak-initial-geo CC:[SE], RC:[AB], CN:[EU], CIP:[185.236.42.29], XFF:[] server Apache vary Is-Traffic-Invalid,Accept-Encoding content-type application/json access-control-allow-origin https://ask.fm x-cs-client-geo 10 cache-control max-age=0, no-cache, no-store access-control-allow-credentials true content-length 44 x-ak-client-geo 10 expires Thu, 29 Jul 2021 09:07:59 GMT
GET H2	200	ROS Show response ads.us.e-planning.net/hb/1/2d2b8/1/ask.fm/ Frame 9754 Redirect Chain https://ads.us.e-planning.net/hb/1/2d2b8/1/ask.fm/ROS?rnd=0.8026366992592753&e=300x250_0%3A300x250%2C336x280%2C336x228%2C250x250%2C200x200%2C250x360%2C300x300%2C320x320%2C320x250%2C300x150&ur=https... https://ads.us.e-planning.net/hb/1/2d2b8/1/ask.fm/ROS?ct=1&rnd=0.8026366992592753&e=300x250_0%3A300x250%2C336x280%2C336x228%2C250x250%2C200x200%2C250x360%2C300x300%2C320x320%2C320x250%2C300x150&ur=...	63 B 378 B	52ms 52ms	XHR application/json	5.178.65.246 SERVERIUS-AS
General Check archive.org Show headers Download Go to Full URL https://ads.us.e-planning.net/hb/1/2d2b8/1/ask.fm/ROS?ct=1&rnd=0.8026366992592753&e=300x250_0%3A300x250%2C336x280%2C336x228%2C250x250%2C200x200%2C250x360%2C300x300%2C320x320%2C320x250%2C300x150&ur=https%3A%2F%2Fask.fm%2Fweaselslash035&r=pbjs&pbv=3.27.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fask.fm%2Fweaselslash035&gdpr=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL), Reverse DNS ads.us.e-planning.net Software openresty / Resource Hash 17445010722e6593b37225b9bf90556c95ff748dcbbe2822d22253c7dad6d383 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 29 Jul 2021 09:07:59 GMT server openresty p3p policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV" access-control-allow-origin https://ask.fm expires Thu, 29 Jul 2021 09:07:59 GMT cache-control max-age=0, no-cache access-control-allow-credentials true content-type application/json content-length 63 x-sid AMS-611 Redirect headers date Thu, 29 Jul 2021 09:07:59 GMT server openresty access-control-allow-origin https://ask.fm p3p policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV" location /hb/1/2d2b8/1/ask.fm/ROS?ct=1&rnd=0.8026366992592753&e=300x250_0%3A300x250%2C336x280%2C336x228%2C250x250%2C200x200%2C250x360%2C300x300%2C320x320%2C320x250%2C300x150&ur=https%3A%2F%2Fask.fm%2Fweaselslash035&r=pbjs&pbv=3.27.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fask.fm%2Fweaselslash035&gdpr=0 access-control-allow-credentials true content-type text/html; charset=iso-8859-1 x-sid AMS-611
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/ Frame 9754	61 B 730 B	150ms 51ms	XHR application/json	37.252.172.250 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: d2f6o1s2veeoj7.cloudfront.net URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash efeab73559fcc6d5b9a958ecba36f1b35213cc443c218b0cdebd66fc906f3f78 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Thu, 29 Jul 2021 09:07:59 GMT X-Proxy-Origin 185.236.42.29; 185.236.42.29; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid d49ce3ba-406c-497a-aaff-0e0e99dd737e Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://ask.fm Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 61 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	arj Show response askfm-usd-d.openx.net/w/1.0/ Frame 9754	173 B 556 B	139ms 119ms	XHR application/json	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://askfm-usd-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fask.fm%2Fweaselslash035&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=d1646216-0da0-4d32-8f58-c40057d52c0a&nocache=1627549679592&gdpr=0&x_gdpr_f=1&aus=300x250%2C336x280%2C336x228%2C250x250%2C200x200%2C250x360%2C300x300%2C320x320%2C320x250%2C300x150&divIds=infeed_desktop_4&auid=540567300 Requested by Host: d2f6o1s2veeoj7.cloudfront.net URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/16.211.0 / Resource Hash 5b7003d5bc99733f389ebfbbcdb13843481efb13c36533ab10add36ffe3c5d03 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 29 Jul 2021 09:07:59 GMT content-encoding gzip server OXGW/16.211.0 vary Accept, Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin https://ask.fm cache-control private, max-age=0, no-cache access-control-allow-credentials true content-type application/json alt-svc clear content-length 165 via 1.1 google expires Mon, 26 Jul 1997 05:00:00 GMT
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/ Frame 9754	145 B 1 KB	175ms 75ms	XHR application/json	37.252.172.250 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: d2f6o1s2veeoj7.cloudfront.net URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash b000a95b9555fcef852c9d660bc5a910605031672e418673fb3c4807d3370d58 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Thu, 29 Jul 2021 09:07:59 GMT X-Proxy-Origin 185.236.42.29; 185.236.42.29; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 8bc838d3-71f4-44a2-87ac-7f5e6473706d Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://ask.fm Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 145 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H/1.1	200 OK	v1 Show response prg.smartadserver.com/prebid/ Frame 9754	895 B 2 KB	238ms 100ms	XHR application/json	185.86.138.121 SMARTADSERVER
General Check archive.org Show headers Download Go to Full URL https://prg.smartadserver.com/prebid/v1 Requested by Host: d2f6o1s2veeoj7.cloudfront.net URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash da1ab7844f0890a870af854e017b5c43cc61ef2eb6d468da66c7901cff034d87 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 29 Jul 2021 09:07:58 GMT content-encoding br vary Accept-Encoding x-smrt-d 4%3b12%3b94 p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" access-control-allow-origin https://ask.fm cache-control no-cache,no-store access-control-allow-credentials true content-type application/json; charset=UTF-8 transfer-encoding chunked
GET H2	200	1 Show response mc.yandex.com/watch/48953915/ Redirect Chain https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fweaselslash035&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A829%3Afu%3A0%3Aen%3Autf-8%3... https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fweaselslash035&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A829%3Afu%3A0%3Aen%3Autf-8...	368 B 450 B	45ms 44ms	XHR application/json	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fweaselslash035&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A829%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A606%3Acn%3A1%3Adp%3A0%3Als%3A762422930652%3Ahid%3A313600713%3Az%3A120%3Ai%3A20210729110759%3Aet%3A1627549679%3Ac%3A1%3Arn%3A400356657%3Au%3A1627549679600225997%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627549678427%3Ads%3A3%2C402%2C214%2C1%2C0%2C0%2C%2C93%2C91%2C%2C%2C%2C717%3Adsn%3A3%2C402%2C214%2C1%2C0%2C0%2C%2C95%2C91%2C%2C%2C%2C717%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627549680%3At%3Axfbxw12%20%28%40weaselslash035%29%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash d0b52abc7fa60e63fe180e29c74d87ec18799ed05470dcb1bd2aa225ede0e6e9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 29 Jul 2021 09:07:59 GMT x-content-type-options nosniff last-modified Thu, 29-Jul-2021 09:07:59 GMT strict-transport-security max-age=31536000 content-type application/json; charset=utf-8 access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 368 x-xss-protection 1; mode=block expires Thu, 29-Jul-2021 09:07:59 GMT Redirect headers pragma no-cache date Thu, 29 Jul 2021 09:07:59 GMT last-modified Thu, 29-Jul-2021 09:07:59 GMT location /watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fweaselslash035&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A829%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A606%3Acn%3A1%3Adp%3A0%3Als%3A762422930652%3Ahid%3A313600713%3Az%3A120%3Ai%3A20210729110759%3Aet%3A1627549679%3Ac%3A1%3Arn%3A400356657%3Au%3A1627549679600225997%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627549678427%3Ads%3A3%2C402%2C214%2C1%2C0%2C0%2C%2C93%2C91%2C%2C%2C%2C717%3Adsn%3A3%2C402%2C214%2C1%2C0%2C0%2C%2C95%2C91%2C%2C%2C%2C717%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627549680%3At%3Axfbxw12%20%28%40weaselslash035%29%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm strict-transport-security max-age=31536000 access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Thu, 29-Jul-2021 09:07:59 GMT
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	3 KB 2 KB	6ms 6ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 1725079b9537b4422542879e8ccc0abd675ad29363196981b29402bb4c47eb5c Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 JYKgEfMuUFQAhHgmZnrVlA== cross-origin-resource-policy cross-origin expires Thu, 29 Jul 2021 09:14:54 GMT alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 1687 x-fb-rlafr 0 x-fb-debug 4fcUIWDJmid4nO3mCGt8cSTwHeT4EwlXbllj/lITaXYMxb2kn+3LcKGbE/e9ghhuL6awtD95Jy0/NPUIFUR96Q== x-fb-trip-id 686109401 x-fb-content-md5 1cd7d3e23b643c5a4362cd822edfa8b1 cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coop_report" date Thu, 29 Jul 2021 09:07:59 GMT x-frame-options DENY report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=1200,stale-while-revalidate=3600 etag "565de970e1180172f091f95ca9aa60f0" timing-allow-origin * priority u=3,i access-control-expose-headers X-FB-Content-MD5
GET H2	200	gtm.js Show response www.googletagmanager.com/	90 KB 36 KB	19ms 18ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NDJVZHZ Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e09d24ac58f323d843d1c0a52efa6f4e389c9c07ceeb0de1da040f1cfdf71b4d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 29 Jul 2021 09:07:59 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36273 x-xss-protection 0 expires Thu, 29 Jul 2021 09:07:59 GMT
GET H2	200	3eb3366e-65c3-4a24-90f5-0026136a4131.min.js Show response cmp.optad360.io/items/	2 B 361 B	48ms 12ms	Script application/javascript	2600:9000:2190:5600:6:b871:4f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.optad360.io/items/3eb3366e-65c3-4a24-90f5-0026136a4131.min.js Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:5600:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 29 Jul 2021 08:33:40 GMT via 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront) last-modified Wed, 28 Apr 2021 09:49:58 GMT server AmazonS3 age 2060 etag "99914b932bd37a50b983c5e7c90ae93b" x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=3600 x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 2 x-amz-cf-id 0uyihRe0678KKOTjPvMG7PRIOGgar4lOt8MF6qAoBmhvgDRaoyM_wA==
GET H2	200	plugin.min.js Show response get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/	274 KB 72 KB	32ms 6ms	Script application/javascript	2600:9000:21f3:3000:11:a4de:2580:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:3000:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f56ad273e0204eb8d21346d7116686e717353c0864546a4e66a72b581e594a75 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 29 Jul 2021 08:47:06 GMT content-encoding gzip last-modified Mon, 05 Jul 2021 07:03:23 GMT server AmazonS3 age 1254 etag W/"5736885227fcd00664fbd8eea334a4cc" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront) cache-control public, max-age=3600 x-amz-cf-pop FRA2-C2 x-amz-cf-id zZwCfeBdlJ-G-3lY0R3TiJKDNlcRT0DtLosg6Xqf0RPPXEsR3IR20w==
GET H3-29	200	sdk.js Show response connect.facebook.net/en_US/	227 KB 66 KB	8ms 8ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js?hash=e639bd39c766c3c64cbd76c9844e7606 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 151f9351ef7c3130f4ed86c7509b47dab51c897ac3bbbbd8af8b47eff5fecfd7 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 B7zLrsSdL/6v+U3nslXL+g== cross-origin-resource-policy cross-origin expires Fri, 29 Jul 2022 08:17:25 GMT alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 67617 x-fb-rlafr 0 x-fb-debug CBTakbU1FzOL0VN9j2lnJ0ehHXVeOhxAotJ6DiNJu5NBLH2mrkymNj+TrMEa/dZ6V1I0X21IAo6+Kxs3M+KDog== cross-origin-embedder-policy-report-only require-corp;report-to="coop_report" x-fb-content-md5 ce44276e63dfbee030db6a70bd00940b cross-origin-opener-policy same-origin-allow-popups date Thu, 29 Jul 2021 09:07:59 GMT x-frame-options DENY report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable etag "438059f6c1a7eb551ba33b92829c1618" timing-allow-origin * priority u=3,i access-control-expose-headers X-FB-Content-MD5
GET H2	200	/ www.facebook.com/tr/	44 B 147 B	6ms 6ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=129215213762342&ev=fb_page_view&dl=https%3A%2F%2Fask.fm%2Fweaselslash035&rl=&if=false&ts=1627549679672&sw=1600&sh=1200&at= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 29 Jul 2021 09:07:59 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Thu, 29 Jul 2021 09:07:59 GMT
GET H2	200	prebid4.39.0.js Show response get.optad360.io/sf/	492 KB 153 KB	7ms 6ms	Script application/javascript	2600:9000:21f3:3000:11:a4de:2580:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://get.optad360.io/sf/prebid4.39.0.js Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:3000:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 86a90b183aecfa70018125329bdc860971b2f20123c0f40e68bac0a1dcb58645 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 27 Jun 2021 13:58:24 GMT content-encoding gzip last-modified Thu, 13 May 2021 10:44:35 GMT server AmazonS3 age 2747376 etag W/"e020700f5effdce1f4be56434553da72" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront) cache-control public, max-age=360000000 x-amz-cf-pop FRA2-C2 x-amz-cf-id 3GhULidnzSPbawYpyIuBhDmjkJzaVwnQAqkqr9diuro_CV0Ocxe4wg==
GET H/1.1	200 OK	adscript.php Show response askfm.adspirit.de/ Frame 05FE	3 KB 3 KB	317ms 111ms	Script text/javascript	85.215.2.53 STRATO STRATO AG
General Check archive.org Show headers Download Go to Full URL https://askfm.adspirit.de/adscript.php?pid=24 Requested by Host: ask.fm URL: https://ask.fm/weaselslash035 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 85.215.2.53 , Germany, ASN6724 (STRATO STRATO AG, DE), Reverse DNS www.adspirit.sbs.stratoserver.net Software Apache / PHP/5.4.45 Resource Hash 5429d7e9457736b05755a7ddde4ab25fe6b773a8d9e265c8b37724f962d1e2d6 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 29 Jul 2021 09:08:00 GMT last-modified Thu, 29 Jul 2021 09:08:00 GMT server Apache x-powered-by PHP/5.4.45 p3p policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM" access-control-allow-origin * cache-control no-store, no-cache, must-revalidate content-type text/javascript; charset=utf-8 content-length 3088 x-xss-protection 0 expires 0
GET H2	200	latest.json Show response cdn.jsdelivr.net/gh/prebid/currency-file@1/	2 KB 978 B	6ms 6ms	XHR application/json	2a04:4e42:3::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210729 Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 3d47238831047212d85dc591b2a9a01bc08711e17d5ebe79b37b7802e44a358d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 21493 x-jsd-version 1.0.1052 x-cache HIT cross-origin-resource-policy cross-origin content-length 935 etag W/"6a0-F8dDGncfmuu3lsQhTn/Gjj9tlgk" x-served-by cache-fra19135-FRA x-jsd-version-type version date Thu, 29 Jul 2021 09:07:59 GMT vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H/1.1	200 OK	adasync.min.js Show response askfm.adspirit.de/ Frame 05FE	33 KB 33 KB	66ms 66ms	Script application/javascript	85.215.2.53 STRATO STRATO AG
General Check archive.org Show headers Download Go to Full URL https://askfm.adspirit.de/adasync.min.js Requested by Host: ask.fm URL: https://ask.fm/weaselslash035 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 85.215.2.53 , Germany, ASN6724 (STRATO STRATO AG, DE), Reverse DNS www.adspirit.sbs.stratoserver.net Software Apache / Resource Hash 5cd46ce7d15699ba2a1acac132c2375e7848cb06ee16c8cabb65ef5252b4c846 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 29 Jul 2021 09:08:00 GMT last-modified Fri, 21 May 2021 20:05:52 GMT server Apache accept-ranges bytes etag "825c-5c2dc9631e800" content-length 33372 content-type application/javascript
GET H/1.1	200 OK	adscript.php Show response askfm.adspirit.de/ Frame 05FE	291 B 737 B	114ms 113ms	Script text/javascript	85.215.2.53 STRATO STRATO AG
General Check archive.org Show headers Download Go to Full URL https://askfm.adspirit.de/adscript.php?pid=24&wpcn=asmpvx1233101627549680&&ref=https%3A%2F%2Fask.fm%2Fweaselslash035&ptg=1&ptv=1&ptvaskfm_x26=&ptvaskfm_x30=&&gdpr=1&gdpr_consent= Requested by Host: ask.fm URL: https://ask.fm/weaselslash035 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 85.215.2.53 , Germany, ASN6724 (STRATO STRATO AG, DE), Reverse DNS www.adspirit.sbs.stratoserver.net Software Apache / Resource Hash ae78f62cfad2e88c5136451482a8a2eba3cfef2b6c23caeb427ca6113c2bf86c Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 29 Jul 2021 09:08:00 GMT last-modified Thu, 29 Jul 2021 09:08:00 GMT server Apache p3p policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM" access-control-allow-origin * cache-control no-store, no-cache, must-revalidate content-type text/javascript; charset=utf-8 content-length 291 x-xss-protection 0 expires 0
GET H2	200	asm_pageview.min.js Show response cdn.adspirit.de/banner/ Frame 05FE	2 KB 1 KB	29ms 6ms	Script application/javascript	2a02:6ea0:c700::1 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://cdn.adspirit.de/banner/asm_pageview.min.js Requested by Host: askfm.adspirit.de URL: https://askfm.adspirit.de/adscript.php?pid=24&wpcn=asmpvx1233101627549680&&ref=https%3A%2F%2Fask.fm%2Fweaselslash035&ptg=1&ptv=1&ptvaskfm_x26=&ptvaskfm_x30=&&gdpr=1&gdpr_consent= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 9d33f1621ca6eca3c807b75f23aea2f847f1992d487cab0aeb732332af8fab46 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-77-pop frankfurtDE date Thu, 29 Jul 2021 09:08:00 GMT content-encoding gzip x-77-nzt-ray D4f67aUAg74= x-cache HIT x-age 70631 x-77-nzt AcO1ryyPQhDv5xMBAA== x-accel-expires @1627565449 last-modified Tue, 11 Jun 2019 08:31:43 GMT server CDN77-Turbo etag W/"3762381252" x-77-cache HIT access-control-allow-methods GET, POST, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=86400 access-control-allow-headers range expires Sat, 10 Apr 2021 13:28:53 GMT
GET H/1.1	200 OK	adpageview.php askfm.adspirit.de/ Frame 05FE	43 B 467 B	85ms 84ms	Image image/gif	85.215.2.53 STRATO STRATO AG
General Check archive.org Show headers Download Go to Show image Full URL https://askfm.adspirit.de/adpageview.php?&wsid=1&sid=1&sid2=0&sid3=0&gdpr_consent=&tz=1627549680513 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 85.215.2.53 , Germany, ASN6724 (STRATO STRATO AG, DE), Reverse DNS www.adspirit.sbs.stratoserver.net Software Apache / Resource Hash 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 29 Jul 2021 09:08:00 GMT last-modified Thu, 29 Jul 2021 09:08:00 GMT server Apache p3p policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM" access-control-allow-origin * cache-control no-store, no-cache, must-revalidate content-type image/gif content-length 43 x-xss-protection 0 expires 0
GET H/1.1	200 OK	Cookie set conversion Show response ask.fm/signup/	10 KB 4 KB	144ms 144ms	XHR text/html	193.138.77.145 ASK-FM
General Check archive.org Show headers Download Go to Full URL https://ask.fm/signup/conversion Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.138.77.145 , Latvia, ASN395754 (ASK-FM, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 066ecc072a18190f622b0865e8c8055076231c3dc6d8e1a7f82267ec0b886075 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host ask.fm Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Accept */* Cache-Control no-cache Sec-Fetch-Dest empty X-Requested-With XMLHttpRequest Cookie locale=en; uuid=3c52bbc3-ac95-492b-ba4a-3f1f945ad626; country=SE; traffic_source=organic; _ym_uid=1627549679600225997; _ym_d=1627549679; _ym_isad=2; _m_ask_fm_session=bjA4cjE0L0Jxc2VhRjVEYlE4K3ozaDZzUXJnRkd3QVJZR2tqWkJyOHdBSEpjUXh0MVQ5T0hXZm1LWjZlZkIzVWxzaG9SZTBMdWQxdzdkdzZPR0FQZHA4Z0djSktINnJncHlPMHlDcXlSeDhEMThvYW1Hbzd5cFpiWlpSTmVPUVZpeUN0WVpzMExLWWppdENlWVBZYmZCajBuR3Qza3JkTUF6a1ZmVzd0dHVBeDYwajlCTXhPTlRUMkFBeUpwRnhxQXkvVWdYVzgrdGM0dzU2bDdlS2drR0UrVjhLa1lReEQ3Zkh5YklqMGx3eVh3a041ZzBhQy9hU2N1cndtaUg5Sy0tUVNXdGtDNEdDZ0szWkxDK25VTFpGdz09--db670203b43573be417b1bf8d72cc7b6baf0f86d; _ym_visorc=w Connection keep-alive Referer https://ask.fm/weaselslash035 Accept */* Referer https://ask.fm/weaselslash035 X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 29 Jul 2021 09:08:01 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server Ask.FM Web Service ETag W/"0d23037b8af353a187a02ae34254febd" X-Frame-Options SAMEORIGIN Content-Type text/html; charset=utf-8 Status 200 OK Set-Cookie locale=en; path=/; expires=Fri, 29 Jul 2022 15:08:01 -0000 tutm=utm_medium%3Dconversion_desktop_default_64; path=/; expires=Sat, 31 Jul 2021 09:08:01 -0000 _m_ask_fm_session=WHhram13TVhZeWFyZUZBaUZEMktLYkRrcm5rUkxrcWJMNDMrWU8wYmpkb0hCNkoxVmN0c3hFM3FaWVVVNkl4QnZHQlZmdGI2RlJndEJGNHN4ZnpKZk1UbFJvWkhWWnRmLzVuVmU1ZVZON3Vqa0xUUG50bjBkR0hoRHV4TmlWRHI4dkVVNUtocTdlMlBuaTVwMTBoVU9lNFYyRzNzSjk3MWpxNkxURlpuaks4bkJaVmRzZGR5RWc0Zm5QbFdHRDZVSHhzUVF2cWpNSWgyVTZRWTJlZys2blU0emMwZ2VxWlhabEhmcEhCQSs5RlBZRFYyOVNvRkpGWUREMUpuUHU4clUxRGdodmIyK1pBTWEvYUVQU3NpTGc9PS0tQXZGTkQzMVJzTldUQmgxaUZhZDF6UT09--2f162c65939b83c1a1d3fbcc6cf807bbd82d9c66; path=/; expires=Sun, 01 Aug 2021 09:08:01 -0000; secure; HttpOnly Cache-Control max-age=0, private, must-revalidate Transfer-Encoding chunked Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 X-XSS-Protection 1; mode=block
GET H2	200	button_app_store-3929e571584ac404ba32c11166c577244729dbd1e4189320e124126366224f08.png d3r6ceqp4shltl.cloudfront.net/assets/	2 KB 3 KB	13ms 13ms	Image image/png	2600:9000:2190:8600:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/button_app_store-3929e571584ac404ba32c11166c577244729dbd1e4189320e124126366224f08.png Requested by Host: ask.fm URL: https://ask.fm/weaselslash035 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:8600:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 3929e571584ac404ba32c11166c577244729dbd1e4189320e124126366224f08 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 25 Feb 2021 11:15:05 GMT via 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront) age 13297975 x-cache Hit from cloudfront access-control-max-age 3000 content-length 2309 last-modified Wed, 28 Oct 2020 11:38:17 GMT server Ask.FM Web Service etag "5f995829-905" strict-transport-security max-age=63072000 access-control-allow-methods GET content-type image/png access-control-allow-origin https://ask.fm cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop ZRH50-C1 accept-ranges bytes x-amz-cf-id JbU3xG94JZokWPC_H3LUfHMy12QJq3ZQtSEcZmUi1yMv0n-_cO6Pzg== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	button_google_play-467206f00105224e1a448a4ac9950cf1ad03988d92f95a03100b64c6feb17999.png d3r6ceqp4shltl.cloudfront.net/assets/	3 KB 4 KB	13ms 13ms	Image image/png	2600:9000:2190:8600:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/button_google_play-467206f00105224e1a448a4ac9950cf1ad03988d92f95a03100b64c6feb17999.png Requested by Host: ask.fm URL: https://ask.fm/weaselslash035 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:8600:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 467206f00105224e1a448a4ac9950cf1ad03988d92f95a03100b64c6feb17999 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 25 Feb 2021 11:14:52 GMT via 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront) age 13297989 x-cache Hit from cloudfront access-control-max-age 3000 content-length 3404 last-modified Wed, 28 Oct 2020 11:38:17 GMT server Ask.FM Web Service etag "5f995829-d4c" strict-transport-security max-age=63072000 access-control-allow-methods GET content-type image/png access-control-allow-origin https://ask.fm cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop ZRH50-C1 accept-ranges bytes x-amz-cf-id 4Hjtgf6WrCMwdijy-S5DZ8_saBqgAgtS3Ejkx-CST9CAozv0H183aA== expires Thu, 31 Dec 2037 23:55:55 GMT
POST H2	200	48953915 Show response mc.yandex.com/webvisor/	43 B 73 B	137ms 137ms	XHR image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=313600713&page-url=https%3A%2F%2Fask.fm%2Fweaselslash035&rn=1019145508&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1627549682%3Aw%3A1600x1200%3Av%3A606%3Az%3A120%3Ai%3A20210729110802%3Au%3A1627549679600225997%3Avf%3A4uzkmd4e35cd16k0n%3Awe%3A1%3Ati%3A2%3Ast%3A1627549682 Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 29 Jul 2021 09:08:02 GMT last-modified Thu, 29-Jul-2021 09:08:02 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Thu, 29-Jul-2021 09:08:02 GMT
POST H2	200	48953915 Show response mc.yandex.com/webvisor/	43 B 145 B	133ms 133ms	XHR image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=313600713&page-url=https%3A%2F%2Fask.fm%2Fweaselslash035&rn=687450395&wv-type=5&browser-info=gdpr%3A14%3Aet%3A1627549682%3Aw%3A1600x1200%3Av%3A606%3Az%3A120%3Ai%3A20210729110802%3Au%3A1627549679600225997%3Avf%3A4uzkmd4e35cd16k0n%3Awe%3A1%3Ati%3A2%3Ast%3A1627549682 Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 29 Jul 2021 09:08:02 GMT last-modified Thu, 29-Jul-2021 09:08:02 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Thu, 29-Jul-2021 09:08:02 GMT
GET H2	200	publishertag.prebid.js Show response static.criteo.net/js/ld/ Frame FA7D	83 KB 27 KB	53ms 25ms	Script text/javascript	2a02:2638:1::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.js Requested by Host: d2f6o1s2veeoj7.cloudfront.net URL: https://d2f6o1s2veeoj7.cloudfront.net/prebid_v3.27.0_adtarget.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 29 Jul 2021 09:08:02 GMT content-encoding gzip last-modified Mon, 12 Jul 2021 10:59:58 GMT server nginx etag W/"60ec20ae-14aab" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Fri, 30 Jul 2021 09:08:02 GMT
GET H2	200	syncframe Show response gum.criteo.com/ Frame 49AB	291 B 724 B	48ms 17ms	Document text/html	2a02:2638:1::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ask.fm Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers :method GET :authority gum.criteo.com :scheme https :path /syncframe?origin=publishertag&topUrl=ask.fm pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ask.fm/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers cache-control private, max-age=0 content-type text/html; charset=utf-8 content-encoding gzip vary Accept-Encoding strict-transport-security max-age=31536000 cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp server-processing-duration-in-ticks 2069 set-cookie uid=03a27a25-86bf-44ab-99af-29c8839222c3; expires=Tue, 23 Aug 2022 09:08:02 GMT; domain=.criteo.com; path=/; secure; samesite=none date Thu, 29 Jul 2021 09:08:02 GMT content-length 321
GET H2	200	publishertag.prebid.js Show response static.criteo.net/js/ld/ Frame FA7D	83 KB 27 KB	37ms 14ms	XHR text/javascript	2a02:2638:1::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.js Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 13be237d90d8262c74ae3985b06982b1b1c3d3c003b7ff093518e4bf944e9fd1 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 29 Jul 2021 09:08:02 GMT content-encoding gzip last-modified Mon, 12 Jul 2021 10:59:58 GMT server nginx etag W/"60ec20ae-14aab" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Fri, 30 Jul 2021 09:08:02 GMT
OPTIONS H2	200	json gum.criteo.com/sid/ Frame	0 0	35ms 12ms	Preflight application/json	2a02:2638:1::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1 Protocol H2 Server 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin https://ask.fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache content-type application/json; charset=utf-8 expires 0 strict-transport-security max-age=31536000 access-control-allow-origin https://ask.fm access-control-allow-headers content-type access-control-allow-credentials true access-control-allow-methods GET server-processing-duration-in-ticks 1138 date Thu, 29 Jul 2021 09:08:02 GMT content-encoding gzip vary Accept-Encoding
GET H2	200	optad360.js Show response serving.stat-rock.com/player/	304 KB 95 KB	311ms 78ms	Script application/javascript	78.140.185.32 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://serving.stat-rock.com/player/optad360.js Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS ap8.adplayer.pro Software nginx / Resource Hash 3ffd3c012ea6753cd0373b0c79c43ab8a1915dd112e15c821ea654e8b01739ed Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 29 Jul 2021 09:08:03 GMT content-encoding gzip last-modified Fri, 18 Jun 2021 08:28:33 GMT server nginx etag W/"60cc5931-4beb9" vary Accept-Encoding content-type application/javascript cache-control public, max-age=600
GET H2	200	sid Show response mug.criteo.com/ Redirect Chain https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1 https://mug.criteo.com/sid?cpp=wWC8yXxlWE1IWW5JSW5SOExlbDl4OXdqTEhxVW5CWnpkQXBLdGFlSU1RMXVTS0Vya1hHV2RwVm5SbWtWS2RVb2UzdUlMQ2xLT2VzcE1MQU85c2d6dDJzR2dTbXpSdnpRaWRCcHhGVU9iWHlMRkVIdHJvbGdzSENTQjR1Nm...	414 B 655 B	182ms 62ms	XHR application/json	178.250.0.157 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=wWC8yXxlWE1IWW5JSW5SOExlbDl4OXdqTEhxVW5CWnpkQXBLdGFlSU1RMXVTS0Vya1hHV2RwVm5SbWtWS2RVb2UzdUlMQ2xLT2VzcE1MQU85c2d6dDJzR2dTbXpSdnpRaWRCcHhGVU9iWHlMRkVIdHJvbGdzSENTQjR1NmliOEVJeUw2R2NpV1ZZWi9KQUdiQUJjazg2Y0JJcSt4VG52Nyt0R2k0S25IVnhPaUxVcUhhOGdKdHB1eEZaWlBNdE1jZkh2QlZJbnhsYlIrUEx6TWUwaGFKY2w3VS81SWJtNFFjY0JpWjlselVQcTBZaXo2WTM1REVTd25LcDUxbzFLUEtoRmJSfA&cppv=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash 8df9118b3c428481cfb4e7174fe2865e02a40acb7a6871334c99bb8c5726e552 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 content-encoding gzip date Thu, 29 Jul 2021 09:08:02 GMT vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin null cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 3699 expires 0 Redirect headers pragma no-cache strict-transport-security max-age=31536000 date Thu, 29 Jul 2021 09:08:02 GMT location https://mug.criteo.com/sid?cpp=wWC8yXxlWE1IWW5JSW5SOExlbDl4OXdqTEhxVW5CWnpkQXBLdGFlSU1RMXVTS0Vya1hHV2RwVm5SbWtWS2RVb2UzdUlMQ2xLT2VzcE1MQU85c2d6dDJzR2dTbXpSdnpRaWRCcHhGVU9iWHlMRkVIdHJvbGdzSENTQjR1NmliOEVJeUw2R2NpV1ZZWi9KQUdiQUJjazg2Y0JJcSt4VG52Nyt0R2k0S25IVnhPaUxVcUhhOGdKdHB1eEZaWlBNdE1jZkh2QlZJbnhsYlIrUEx6TWUwaGFKY2w3VS81SWJtNFFjY0JpWjlselVQcTBZaXo2WTM1REVTd25LcDUxbzFLUEtoRmJSfA&cppv=2 access-control-allow-methods GET content-type text/html; charset=utf-8 access-control-allow-origin https://ask.fm cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 2156 content-length 509 expires 0
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	259 B 1 KB	91ms 90ms	XHR application/json	37.252.172.250 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash 7e9342d3421a1f2ed237e9660d1f1dd05fed872b453628b602e3e2ddb00cce24 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Thu, 29 Jul 2021 09:08:02 GMT X-Proxy-Origin 185.236.42.29; 185.236.42.29; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 8f45ce27-fbb2-4b8a-82b3-c5f19e950e68 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://ask.fm Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 259 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	200	prebid-request Show response onetag-sys.com/	15 B 502 B	346ms 122ms	XHR application/json	51.89.9.251 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/prebid-request Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip251.ip-51-89-9.eu Software / Resource Hash 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=15552000 content-encoding gzip p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' access-control-allow-origin https://ask.fm cache-control no-transform, no-cache access-control-allow-credentials true content-type application/json access-control-allow-headers content-type, origin, referer, user-agent content-length 41
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	260 B 1 KB	110ms 110ms	XHR application/json	37.252.172.250 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash 07a72d40ed64087b9847857d644894c2630a2253805cc957edb46024e0aac7de Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Thu, 29 Jul 2021 09:08:02 GMT X-Proxy-Origin 185.236.42.29; 185.236.42.29; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid f86a4cb9-ca0c-42b8-97a0-45229aa229b5 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://ask.fm Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 260 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	204	v2 Show response i.connectad.io/api/	0 173 B	288ms 66ms	XHR text/plain	35.190.63.210 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://i.connectad.io/api/v2 Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.63.210 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 210.63.190.35.bc.googleusercontent.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Thu, 29 Jul 2021 09:08:03 GMT via 1.1 google server nginx p3p CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" access-control-allow-origin https://ask.fm cache-control no-cache, private access-control-allow-credentials true alt-svc clear
POST H2	204	c Show response prebid.a-mo.net/a/	0 372 B	348ms 116ms	XHR text/plain	147.75.38.124 PACKET
General Check archive.org Show headers Download Go to Full URL https://prebid.a-mo.net/a/c Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://ask.fm date Thu, 29 Jul 2021 09:08:02 GMT cache-control max-age=0, private, must-revalidate access-control-allow-credentials true server envoy x-envoy-upstream-service-time 1 vary origin, Accept-Encoding
POST H2	204	apacdex Show response useast.quantumdex.io/auction/	0 604 B	187ms 168ms	XHR text/plain	2606:4700:20::681a:24e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://useast.quantumdex.io/auction/apacdex Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Thu, 29 Jul 2021 09:08:03 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-allow-methods POST, GET access-control-allow-origin https://ask.fm report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJVfCKNcKCFPjd%2F8fCZJPDBoBmppzWqPBZ2B99Lf4uLrP7nUEbx7BRCPRrIX1gH0XNvSvcd3bBsFsTbNj2z0TdtFZlUGQFYhDXAlymY1FS1t25%2FUbNGye%2FbbsI2s83eMnQH2sTQijXMts5USQ1RKLX1n"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 6765334dcd7e05d0-FRA
GET H2	200	cygnus Show response htlb.casalemedia.com/	25 B 367 B	75ms 75ms	XHR application/json	184.31.84.150 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://htlb.casalemedia.com/cygnus?s=425272&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22162c68e4ba3c056%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fask.fm%2Fweaselslash035%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.39.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2217245f21a47b5ee%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2217245f21a47b5ee%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22750x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A750%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2217245f21a47b5ee%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-31-84-150.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 7dfa962806aadb8ca7c4367494393419a9ba3184cc8c54c8e9f287c7fd032242 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 29 Jul 2021 09:08:02 GMT content-encoding gzip x-ak-initial-geo CC:[SE], RC:[AB], CN:[EU], CIP:[185.236.42.29], XFF:[] server Apache vary Is-Traffic-Invalid,Accept-Encoding content-type application/json access-control-allow-origin https://ask.fm x-cs-client-geo 10 cache-control max-age=0, no-cache, no-store access-control-allow-credentials true content-length 45 x-ak-client-geo 10 expires Thu, 29 Jul 2021 09:08:02 GMT
GET H2	200	/ Show response adx.adform.net/adx/	10 B 449 B	239ms 162ms	XHR application/json	37.157.2.235 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/?rp=4&bWlkPTg2NTI1MyZ0cmFuc2FjdGlvbklkPTgxZDQ1NTk1LTY5NzYtNGUyZS1iZmQ1LWNkNmNmZWVhNDdjYyZyY3VyPVBMTg%3D%3D&bWlkPTgwMjYyMCZ0cmFuc2FjdGlvbklkPTczOWZhYzUyLWRkZDgtNGUzMy04MTExLTAzM2MzMjYxMjdkZiZyY3VyPVBMTg%3D%3D&pt=gross&stid=1c1fcaf1-8080-4d56-87af-79a0ef466e50&gdpr=0&gdpr_consent=undefined&fd=1 Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.2.235 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 29 Jul 2021 09:08:03 GMT server nginx access-control-max-age 86400 access-control-allow-methods GET, POST p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin https://ask.fm cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains content-type application/json; charset=utf-8 access-control-allow-headers Content-Type, Cache-Control, Accept-Encoding, X-Requested-With content-length 10 expires -1
OPTIONS H2	200	sid mug.criteo.com/ Frame	0 0	237ms 60ms	Preflight application/json	178.250.0.157 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=wWC8yXxlWE1IWW5JSW5SOExlbDl4OXdqTEhxVW5CWnpkQXBLdGFlSU1RMXVTS0Vya1hHV2RwVm5SbWtWS2RVb2UzdUlMQ2xLT2VzcE1MQU85c2d6dDJzR2dTbXpSdnpRaWRCcHhGVU9iWHlMRkVIdHJvbGdzSENTQjR1NmliOEVJeUw2R2NpV1ZZWi9KQUdiQUJjazg2Y0JJcSt4VG52Nyt0R2k0S25IVnhPaUxVcUhhOGdKdHB1eEZaWlBNdE1jZkh2QlZJbnhsYlIrUEx6TWUwaGFKY2w3VS81SWJtNFFjY0JpWjlselVQcTBZaXo2WTM1REVTd25LcDUxbzFLUEtoRmJSfA&cppv=2 Protocol H2 Server 178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin null User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache content-type application/json; charset=utf-8 expires 0 strict-transport-security max-age=31536000 access-control-allow-origin null access-control-allow-headers content-type access-control-allow-credentials true access-control-allow-methods GET server-processing-duration-in-ticks 1047 date Thu, 29 Jul 2021 09:08:02 GMT content-encoding gzip vary Accept-Encoding
GET DATA	200 OK	truncated /	630 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	200 OK	Cookie set weaselslash035 Show response ask.fm/	16 KB 6 KB	230ms 230ms	XHR text/html	193.138.77.145 ASK-FM
General Check archive.org Show headers Download Go to Full URL https://ask.fm/weaselslash035 Requested by Host: serving.stat-rock.com URL: https://serving.stat-rock.com/player/optad360.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.138.77.145 , Latvia, ASN395754 (ASK-FM, US), Reverse DNS Software Ask.FM Web Service / Resource Hash ae32ef84a9390b2f0d4b5b2995244ec64f90b9deb9a7e9835e0b7e93b48b289f Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host ask.fm Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Accept */* Cache-Control no-cache Sec-Fetch-Dest empty Referer https://ask.fm/weaselslash035 Cookie _pbjs_userid_consent_data=6683316680106290; cto_bidid=mkHrAF9YeUgxTE8wWDJmRjFsOXJSJTJCd0VpMGcyWjQ0cnRVWUFFZWp6VkM0QlJkcnVrbjRXWnRDd0xDdmRtalZCNzhVQ0p6cWhhOFBaOHJxSmU3RHd2SzRHUUJvZDJ4VyUyQml1eGNvbE9TS0JIOGJOQmclM0Q; cto_bundle=7KNpzF9Vckl6ZHdSc0t1WTN1cGZvdHlDWm1DJTJCYjh1JTJGaURCclU1ek9PNU0lMkY5VktuUjhxeFV2Z24yVXUlMkZlJTJCMlRRZTNvaGV1a0F1UWc2SXNGTllDQzNySDhFd1Q5bVJZTjhKVFBoQUI5bG1lNjZWSWslMkZnWnpZZGZYQTJEV1hwQkZlQms4anBuVWNjdG80azA1aDZHM05VSjJBc0ElM0QlM0Q Connection keep-alive Referer https://ask.fm/weaselslash035 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 29 Jul 2021 09:08:03 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server Ask.FM Web Service ETag W/"83e3a4a7a08e2761f93a0605ba96d709" X-Frame-Options SAMEORIGIN Content-Type text/html; charset=utf-8 Status 200 OK Set-Cookie locale=en; path=/; expires=Fri, 29 Jul 2022 15:08:03 -0000 uuid=4d1e8b48-1c86-4d7b-9910-61cf646e5161; path=/; expires=Fri, 29 Jul 2022 15:08:03 -0000; secure; HttpOnly country=SE; path=/; expires=Fri, 29 Jul 2022 15:08:03 -0000 traffic_source=internal; path=/; expires=Sat, 31 Jul 2021 09:08:03 -0000 _m_ask_fm_session=OWJXcURxTXFRV2hvU0FVT0pSQUE3WUdGcmxSRG9iclE1RGlKaFZLM1N4UWRLNWt2WG92RDNpc3dnNDBQY3AveU9VZ0d6Y0xnNVFIZ1FhSXY2Q0ZqZXd6b2NMbDNPSmpqajA3YjFtR3E1S2FURDVKZ0hSYVp6eFF4Ukd0bGRMWEVlbEk1SGNwd0F4aG4yY1cwL2VDR251STFEK1VoTnlnSEV6RjN4MTM0Y0ZaT1dHaG8zcGtWU1g1blVtMmtCeUxkeklIT2NqN0REbVVMa29BR1RTWEJDVWg1aWJ0ZlYyblFTQ3ZLMWVtNGxibnl1eTJ6S2ovQnkyZi9TdXBVd1BpSC0tUTh2L1JhVXgzN1N6KzJjUmE4TkJvdz09--909f66256b893446de6f813fe14268cc204abfde; path=/; expires=Sun, 01 Aug 2021 09:08:03 -0000; secure; HttpOnly Cache-Control max-age=0, private, must-revalidate Transfer-Encoding chunked Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 X-XSS-Protection 1; mode=block
GET H2	200	1 serving.stat-rock.com/v1/log/js/	35 B 162 B	155ms 50ms	Image image/gif	78.140.185.32 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://serving.stat-rock.com/v1/log/js/1?id=1627549683438.4658&type=INIT&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fweaselslash035&t=275&v=91&width=528&z=p%3Adf%3Bv%3AinView%3B&r=0.003088478408717732 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS ap8.adplayer.pro Software nginx / Resource Hash 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540 Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://ask.fm date Thu, 29 Jul 2021 09:08:03 GMT srvf 78.140.185.32 server nginx srvb 127.0.0.1:8082 content-length 35 content-type image/gif
GET H2	200	1 serving.stat-rock.com/v1/log/js/	35 B 163 B	154ms 50ms	Image image/gif	78.140.185.32 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://serving.stat-rock.com/v1/log/js/1?id=1627549683438.4658&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fweaselslash035&t=281&v=91&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.8517783006869493 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS ap8.adplayer.pro Software nginx / Resource Hash 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540 Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://ask.fm date Thu, 29 Jul 2021 09:08:03 GMT srvf 78.140.185.32 server nginx srvb 127.0.0.1:8082 content-length 35 content-type image/gif
GET H/1.1	200 OK	Cookie set weaselslash035 Show response ask.fm/	16 KB 6 KB	199ms 198ms	XHR text/html	193.138.77.145 ASK-FM
General Check archive.org Show headers Download Go to Full URL https://ask.fm/weaselslash035 Requested by Host: serving.stat-rock.com URL: https://serving.stat-rock.com/player/optad360.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.138.77.145 , Latvia, ASN395754 (ASK-FM, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 0c94e7257256780ee8b89588bb311bf318e52d75ea19da4aacd31ff34b67b2eb Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host ask.fm Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Accept */* Cache-Control no-cache Sec-Fetch-Dest empty Referer https://ask.fm/weaselslash035 Cookie locale=en; uuid=4d1e8b48-1c86-4d7b-9910-61cf646e5161; country=SE; traffic_source=internal; _m_ask_fm_session=OWJXcURxTXFRV2hvU0FVT0pSQUE3WUdGcmxSRG9iclE1RGlKaFZLM1N4UWRLNWt2WG92RDNpc3dnNDBQY3AveU9VZ0d6Y0xnNVFIZ1FhSXY2Q0ZqZXd6b2NMbDNPSmpqajA3YjFtR3E1S2FURDVKZ0hSYVp6eFF4Ukd0bGRMWEVlbEk1SGNwd0F4aG4yY1cwL2VDR251STFEK1VoTnlnSEV6RjN4MTM0Y0ZaT1dHaG8zcGtWU1g1blVtMmtCeUxkeklIT2NqN0REbVVMa29BR1RTWEJDVWg1aWJ0ZlYyblFTQ3ZLMWVtNGxibnl1eTJ6S2ovQnkyZi9TdXBVd1BpSC0tUTh2L1JhVXgzN1N6KzJjUmE4TkJvdz09--909f66256b893446de6f813fe14268cc204abfde Connection keep-alive Referer https://ask.fm/weaselslash035 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 29 Jul 2021 09:08:03 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server Ask.FM Web Service ETag W/"70bfa7496650dced77893cc17bac45c3" X-Frame-Options SAMEORIGIN Content-Type text/html; charset=utf-8 Status 200 OK Set-Cookie locale=en; path=/; expires=Fri, 29 Jul 2022 15:08:03 -0000 _m_ask_fm_session=Q1VoY21udmdISDhEUXowcGNxdDlyWVRVWFRyYWNxcnBGSG5kRlVhZFlUL0Ryd29kL3BLQ1RscGNjNmtPdGxkS0dsaXBBclB0WlFPN0VvN1dqdFBWdTBQSFhUSkl5UHovbjc1LzVqcUJad2wyaDBsRVZla2tNZmVrb2QveXpJQVNycTZvOVkyY0UxYldNSlJIajFoTGlqbXp1cFByQmJ6cFVlanl0K2tmdXZGV01oNFRnZ0lsNmlNWVdCZ2pZRHlvYkJTMUdidEVBU2F6eGd4a2x2TVZKM2VkbmlHRjVqUUVpWnZDbXl5SktFSS9BUzJ0eFhqa29UcHpMQ3JEWWxuaC0tbkQ4cTRxSTNHMFk1SUxBL1RnSisrZz09--d6fcfda16647d6fc7fc34f4f571fada1c8a0fa41; path=/; expires=Sun, 01 Aug 2021 09:08:03 -0000; secure; HttpOnly Cache-Control max-age=0, private, must-revalidate Transfer-Encoding chunked Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 X-XSS-Protection 1; mode=block
GET H2	200	1 serving.stat-rock.com/v1/log/js/	35 B 162 B	50ms 50ms	Image image/gif	78.140.185.32 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://serving.stat-rock.com/v1/log/js/1?d=1&id=1627549683438.4658&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fweaselslash035&t=515&v=91&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.08526625363674367 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS ap8.adplayer.pro Software nginx / Resource Hash 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540 Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://ask.fm date Thu, 29 Jul 2021 09:08:03 GMT srvf 78.140.185.32 server nginx srvb 127.0.0.1:8082 content-length 35 content-type image/gif
GET H2	200	1 serving.stat-rock.com/v1/log/js/	35 B 162 B	51ms 51ms	Image image/gif	78.140.185.32 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://serving.stat-rock.com/v1/log/js/1?id=1627549683438.4658&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fweaselslash035&t=719&v=91&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.2595880597969007 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS ap8.adplayer.pro Software nginx / Resource Hash 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540 Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://ask.fm date Thu, 29 Jul 2021 09:08:03 GMT srvf 78.140.185.32 server nginx srvb 127.0.0.1:8082 content-length 35 content-type image/gif
GET H2	200	1 serving.stat-rock.com/v1/log/js/	35 B 162 B	50ms 50ms	Image image/gif	78.140.185.32 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://serving.stat-rock.com/v1/log/js/1?d=1&id=1627549683438.4658&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fweaselslash035&t=719&v=91&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.6180512651788985 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS ap8.adplayer.pro Software nginx / Resource Hash 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540 Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://ask.fm date Thu, 29 Jul 2021 09:08:03 GMT srvf 78.140.185.32 server nginx srvb 127.0.0.1:8082 content-length 35 content-type image/gif
POST H2	200	48953915 Show response mc.yandex.com/webvisor/	43 B 145 B	131ms 44ms	XHR image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=2&wv-hit=313600713&page-url=https%3A%2F%2Fask.fm%2Fweaselslash035&rn=923136768&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1627549684%3Aw%3A1600x1200%3Av%3A606%3Az%3A120%3Ai%3A20210729110804%3Au%3A1627549679600225997%3Avf%3A4uzkmd4e35cd16k0n%3Awe%3A1%3Ati%3A2%3Ast%3A1627549684 Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 29 Jul 2021 09:08:04 GMT last-modified Thu, 29-Jul-2021 09:08:04 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Thu, 29-Jul-2021 09:08:04 GMT
GET H2	200	apacdex Show response sync.quantumdex.io/usersync/ Frame 3AA4	3 KB 1 KB	143ms 141ms	Document text/html	2606:4700:20::681a:24e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sync.quantumdex.io/usersync/apacdex Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b403218bda7cfedc79f5d1dc3b9f6b1d9cc2d0a694a076b6e60c66c87f621027 Request headers :method GET :authority sync.quantumdex.io :scheme https :path /usersync/apacdex pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ask.fm/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers date Thu, 29 Jul 2021 09:08:06 GMT content-type text/html set-cookie uid=3829718d-f117-4a63-b738-08557c1199f7; expires=Wed, 18 Aug 2021 09:08:06 GMT; domain=quantumdex.io; path=/; secure; SameSite=None cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=II18zMCboehU1zu99Sfj9xLVJR396VQro6l28LwXlkL5xrZ5kjJ0tgyIf11WUSLjsnoU0kghCnY7odbz8RMCNGgZEi1x1IVXdtuZ41OEbVgWu%2F7k%2BmLsLxQ2QwXCUzv2BfJ9phSJOmyE4HPt0crnnQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 67653362cc4305d0-FRA content-encoding br
GET H2	200	/ Show response onetag-sys.com/usync/ Frame 71D4	3 KB 1 KB	63ms 63ms	Document text/html	51.89.9.251 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/usync/?cb=1627549683176 Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip251.ip-51-89-9.eu Software / Resource Hash fabb87572501f2362d390d63cfb6010f072045931a2707685255ea0ea36a283b Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers :method GET :authority onetag-sys.com :scheme https :path /usync/?cb=1627549683176 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ask.fm/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' set-cookie OTP=SHHX90rWN4dtyTwatKx8RkdGafjF49ijj_MXAvq9lPg; path=/; expires=Sat, 29 Jul 2023 09:08:06; domain=onetag-sys.com; SameSite=None; Secure content-type text/html cache-control no-transform, no-cache content-encoding gzip content-length 1132 strict-transport-security max-age=15552000
GET H/1.1	200 OK	ixmatch.html Show response js-sec.indexww.com/um/ Frame 5CF5	2 KB 1 KB	172ms 64ms	Document text/html	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://js-sec.indexww.com/um/ixmatch.html Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c Request headers Host js-sec.indexww.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://ask.fm/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers Server Apache Last-Modified Thu, 11 Feb 2021 16:12:45 GMT ETag "e20015-90b-5bb11ca420f07" Accept-Ranges bytes P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type text/html; charset=UTF-8 Vary Accept-Encoding Content-Encoding gzip Content-Length 1151 Date Thu, 29 Jul 2021 09:08:06 GMT Connection keep-alive
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/dmp/ Frame 5C74	52 KB 17 KB	170ms 61ms	Document text/html	151.101.13.108 FASTLY
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx/1.13.10 / Resource Hash 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://ask.fm/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers Connection keep-alive Content-Length 17053 Server nginx/1.13.10 Content-Type text/html Last-Modified Wed, 02 Dec 2020 20:56:47 GMT ETag W/"5fc7ff8f-cf34" Expires Wed, 21 Jul 2021 04:42:55 GMT Cache-Control max-age=86402 Access-Control-Allow-Origin * Content-Encoding gzip Via 1.1 varnish, 1.1 varnish Accept-Ranges bytes Date Thu, 29 Jul 2021 09:08:06 GMT Age 15896 X-Served-By cache-lga13620-LGA, cache-fra19151-FRA X-Cache HIT, HIT X-Cache-Hits 2, 143614 X-Timer S1627549686.340316,VS0,VE0 Vary Accept-Encoding
GET H2	200	connectmyusers.php Show response cdn.connectad.io/ Frame 8A44	1 KB 944 B	113ms 97ms	Document text/html	2606:4700:10::6816:37ce CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.connectad.io/connectmyusers.php? Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60 Request headers :method GET :authority cdn.connectad.io :scheme https :path /connectmyusers.php? pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ask.fm/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers date Thu, 29 Jul 2021 09:08:06 GMT content-type text/html; charset=UTF-8 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 67653362da3d4345-FRA content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H2	200	sync x.bidswitch.net/ Redirect Chain https://onetag-sys.com/usync/?tag=img https://x.bidswitch.net/sync?ssp=onetag https://x.bidswitch.net/ul_cb/sync?ssp=onetag https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=onetag&gdpr=&gdpr_consent= https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=onetag&gdpr=1&user_id=keDZvZG3j7mK5o27n-HEvpKw0LuK4Y2_xrfw4Ejo	43 B 145 B	54ms 53ms	Image image/gif	18.198.142.61 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=onetag&gdpr=1&user_id=keDZvZG3j7mK5o27n-HEvpKw0LuK4Y2_xrfw4Ejo Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.198.142.61 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 29 Jul 2021 09:08:06 GMT cache-control no-cache, no-store, must-revalidate content-length 43 content-type image/gif Redirect headers pragma no-cache date Thu, 29 Jul 2021 09:08:06 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" location https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=onetag&gdpr=1&user_id=keDZvZG3j7mK5o27n-HEvpKw0LuK4Y2_xrfw4Ejo cache-control private, no-cache, no-store, proxy-revalidate content-length 0 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H2	200	9b2e6102-6ff5-4500-ae8d-c0c3a3022be3 onetag-sys.com/sync/i,1/ Frame 71D4 Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D https://onetag-sys.com/sync/i,1/9b2e6102-6ff5-4500-ae8d-c0c3a3022be3	0 290 B	63ms 63ms	Image text/plain	51.89.9.251 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/sync/i,1/9b2e6102-6ff5-4500-ae8d-c0c3a3022be3 Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?cb=1627549683176 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip251.ip-51-89-9.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000 cache-control no-cache, no-transform content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Redirect headers Date Thu, 29 Jul 2021 09:08:06 GMT Server MT3 3810 5cb7d7e master zrh-pixel-x10 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://onetag-sys.com/sync/i,1/9b2e6102-6ff5-4500-ae8d-c0c3a3022be3 Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Thu, 29 Jul 2021 09:08:05 GMT
GET H/1.1	204 No Content	sync.php pixel-eu.rubiconproject.com/exchange/ Frame 71D4	0 239 B	218ms 54ms	Image image/gif	69.173.144.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?cb=1627549683176 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 704c1e4d3fcc922a3031d436b584678b Content-Type image/gif
GET H2	200	3308670224216991635 onetag-sys.com/sync/i,34/ Frame 71D4 Redirect Chain https://dmp.adform.net/serving/cookie/match?party=1167&cid=SHHX90rWN4dtyTwatKx8RkdGafjF49ijj_MXAvq9lPg https://dmp.adform.net/serving/cookie/match?CC=1&party=1167&cid=SHHX90rWN4dtyTwatKx8RkdGafjF49ijj_MXAvq9lPg https://onetag-sys.com/sync/i,34/3308670224216991635	0 290 B	71ms 69ms	Image text/plain	51.89.9.251 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/sync/i,34/3308670224216991635 Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?cb=1627549683176 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip251.ip-51-89-9.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000 cache-control no-cache, no-transform content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Redirect headers pragma no-cache date Thu, 29 Jul 2021 09:08:06 GMT server nginx location https://onetag-sys.com/sync/i,34/3308670224216991635 access-control-max-age 86400 access-control-allow-methods GET access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H2	204	/ onetag-sys.com/sync/i,19/ Frame 71D4 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm&no_r=1 https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm=&no_r=1&google_tc= https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEMPAuHwy3OMcXbRgQFwvCcg&google_cver=1	0 287 B	62ms 62ms	Image text/plain	51.89.9.251 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEMPAuHwy3OMcXbRgQFwvCcg&google_cver=1 Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?cb=1627549683176 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip251.ip-51-89-9.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000 cache-control no-cache, no-transform p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Redirect headers pragma no-cache date Thu, 29 Jul 2021 09:08:06 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEMPAuHwy3OMcXbRgQFwvCcg&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 298 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame 71D4	0 239 B	214ms 54ms	Image image/gif	69.173.144.165 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=SHHX90rWN4dtyTwatKx8RkdGafjF49ijj_MXAvq9lPg Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?cb=1627549683176 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 6f9fd0201ed801884e5299d5aabca094 Content-Type image/gif
GET H2	204	sync pixel.advertising.com/ups/58198/ Frame 71D4	0 125 B	176ms 53ms	Image text/plain	18.159.140.98 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?cb=1627549683176 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.159.140.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 29 Jul 2021 09:08:06 GMT strict-transport-security max-age=31536000 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H2	200	/ onetag-sys.com/match/ Frame 71D4 Redirect Chain https://ups.analytics.yahoo.com/ups/58488/occ https://ups.analytics.yahoo.com/ups/58488/occ?verify=true https://onetag-sys.com/match/?int_id=92&uid=y-.CKmaO9E2uETM45Iicxqn0gPSMYU1PmLnsLbjNQ-~A	0 291 B	62ms 62ms	Image text/plain	51.89.9.251 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/match/?int_id=92&uid=y-.CKmaO9E2uETM45Iicxqn0gPSMYU1PmLnsLbjNQ-~A Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?cb=1627549683176 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip251.ip-51-89-9.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000 cache-control no-transform, no-cache content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Redirect headers Date Thu, 29 Jul 2021 09:08:06 GMT Server ATS/7.1.2.128 Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Location https://onetag-sys.com/match/?int_id=92&uid=y-.CKmaO9E2uETM45Iicxqn0gPSMYU1PmLnsLbjNQ-~A Connection keep-alive Content-Length 0
GET H2	200	/ onetag-sys.com/sync/i,29/ Frame 71D4 Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= https://onetag-sys.com/sync/i,29/?tdid=31a51baf-11ba-4a73-ab69-62c6dbf8a374&ttl=1630141686	43 B 379 B	62ms 62ms	Image image/gif	51.89.9.251 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/sync/i,29/?tdid=31a51baf-11ba-4a73-ab69-62c6dbf8a374&ttl=1630141686 Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?cb=1627549683176 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip251.ip-51-89-9.eu Software / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000 content-encoding gzip cache-control no-cache, no-transform content-length 64 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Redirect headers pragma no-cache date Thu, 29 Jul 2021 09:08:06 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://onetag-sys.com/sync/i,29/?tdid=31a51baf-11ba-4a73-ab69-62c6dbf8a374&ttl=1630141686 cache-control private,no-cache, must-revalidate content-type text/html content-length 211
GET H2	200	/ onetag-sys.com/match/ Frame 71D4 Redirect Chain https://x.bidswitch.net/sync?ssp=onetag https://x.bidswitch.net/ul_cb/sync?ssp=onetag https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=onetag&ssp_user_id=2ad720ba-67ba-4237-909c-b5fde1f8f071 https://x.bidswitch.net/sync?dsp_id=74&&user_id=180897071&expires=5&ssp=onetag https://onetag-sys.com/match/?int_id=30&uid=5f1f773e-e9eb-4e1c-88e9-678ed03bf426&gdpr=&gdpr_consent=&us_privacy=	0 291 B	63ms 62ms	Image text/plain	51.89.9.251 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/match/?int_id=30&uid=5f1f773e-e9eb-4e1c-88e9-678ed03bf426&gdpr=&gdpr_consent=&us_privacy= Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?cb=1627549683176 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip251.ip-51-89-9.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000 cache-control no-transform, no-cache content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Redirect headers location //onetag-sys.com/match/?int_id=30&uid=5f1f773e-e9eb-4e1c-88e9-678ed03bf426&gdpr=&gdpr_consent=&us_privacy= date Thu, 29 Jul 2021 09:08:06 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H2	204	1 sync-eu.connectad.io/syncer/ Frame 873F	0 0	20ms 18ms	Document text/plain	2606:4700:10::6816:37ce CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sync-eu.connectad.io/syncer/1 Requested by Host: cdn.connectad.io URL: https://cdn.connectad.io/connectmyusers.php? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :method GET :authority sync-eu.connectad.io :scheme https :path /syncer/1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://cdn.connectad.io/ accept-encoding gzip, deflate, br accept-language en-US cookie cadsync Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://cdn.connectad.io/ Response headers date Thu, 29 Jul 2021 09:08:06 GMT set-cookie id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None cache-control no-cache, private via 1.1 google alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 676533638c1e4345-FRA
GET H2	204	pbsync usermatch.targeting.unrulymedia.com/ Frame 3AA4	0 50 B	165ms 55ms	Image text/plain	213.19.147.45 RHYTHMONE
General Check archive.org Show headers Download Go to Show image Full URL https://usermatch.targeting.unrulymedia.com/pbsync?rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US), Reverse DNS Software Tengine / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 29 Jul 2021 09:08:06 GMT server Tengine
GET H2	200	setuid sync.quantumdex.io/ Frame 3AA4 Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6509760604848508901	43 B 330 B	141ms 140ms	Image image/gif	2606:4700:20::681a:24e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6509760604848508901 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 29 Jul 2021 09:08:06 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2FporjFaHiCmrHfM3oq8%2FYAd9fzyFgN%2B0W4yJVvTo1epiG8tZ0U6kMSab0jP96IcZyQafALADYGh9CD8XqTw40fhW%2F7wdGWtGEY0mmSBU24DKLrb46kCRZbQC%2Bc%2B4%2Fo4rl1CAUE4ZAqxlVUVEN6m7A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 676533644f8f05d0-FRA content-length 43 Redirect headers Pragma no-cache Date Thu, 29 Jul 2021 09:08:06 GMT X-Proxy-Origin 185.236.42.29; 185.236.42.29; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 04027e54-fd6c-4c43-b460-5b1568f6b75e Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://sync.quantumdex.io/setuid?bidder=appnexus&uid=6509760604848508901 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	setuid sync.quantumdex.io/ Frame 3AA4 Redirect Chain https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP7ca2b2a0-f04c-11eb-821a-02407095623c https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP7ca2b2a0-f04c-11eb-821a-02407095623c	43 B 469 B	134ms 134ms	Image image/gif	2606:4700:20::681a:24e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP7ca2b2a0-f04c-11eb-821a-02407095623c Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 29 Jul 2021 09:08:06 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dG9TLpi8LAKxW3A3yH82LpWPaPJpPNEb2fgbkDmIVXAOrR0qZ7jLticGpW3nTNwvmVeTGINb5Y%2F43b7SpkwJgWBDMJnvItMD8%2FJkCO6%2FjuJfC2NO2N%2F%2FqMfIFY6TSfXwS1Hf%2FGXzCVKTImyzVOi3iA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 67653365395105d0-FRA content-length 43 Redirect headers Date Thu, 29 Jul 2021 09:08:06 GMT Server ATS/7.1.2.128 Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Location https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP7ca2b2a0-f04c-11eb-821a-02407095623c Connection keep-alive Content-Length 0
GET H2	200	setuid sync.quantumdex.io/ Frame 3AA4 Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4582140318056015221	43 B 333 B	126ms 123ms	Image image/gif	2606:4700:20::681a:24e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4582140318056015221 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 29 Jul 2021 09:08:06 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ewr3Dy09%2FXo6v9bq8sznmkV7mwog398HQ%2B5F%2BASr9w4ElafsQBP1Hy46rTwEUG9iRhDVSW%2Btpk9bKPSI4fXV6cd3A%2F0%2FnLjy9NB8uRCgd9%2BlGsnKt8XA7rn2BS58%2BsQ1WghM4HzWKtMW0ARrrxGh%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 676533646fa905d0-FRA content-length 43 Redirect headers Pragma no-cache Date Thu, 29 Jul 2021 09:08:06 GMT X-Proxy-Origin 185.236.42.29; 185.236.42.29; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid b6d3e9a7-efe7-432d-841a-06f7e125313c Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4582140318056015221 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	setuid sync.quantumdex.io/ Frame 3AA4 Redirect Chain https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=07e51f66-4336-46b9-a1c7-ad60aed8a3ee	43 B 323 B	132ms 131ms	Image image/gif	2606:4700:20::681a:24e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=07e51f66-4336-46b9-a1c7-ad60aed8a3ee Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 29 Jul 2021 09:08:06 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxAMO57Lxphen2mV3Z01syf10mUaS%2Fg38ojb0wT5pIykAmtpNEDHqTum5GjBdBRfNLEq3zKpfP9xe00uihN4cw7sFJEcByobpcIGuj7V09NQX4opvdXRulyb9iPozWIMrMnafkwn0kDVMWw%2Ft%2BG2Kw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 67653364c85005d0-FRA content-length 43 Redirect headers location https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=07e51f66-4336-46b9-a1c7-ad60aed8a3ee date Thu, 29 Jul 2021 09:08:06 GMT content-length 0
GET H2	200	setuid sync.quantumdex.io/ Frame 3AA4 Redirect Chain https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-92dba693-4fdf-41ad-bd13-6a3bffe64695	43 B 333 B	122ms 122ms	Image image/gif	2606:4700:20::681a:24e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-92dba693-4fdf-41ad-bd13-6a3bffe64695 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 29 Jul 2021 09:08:06 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hB%2B%2Bbk51OMXqGqIvR1VeGUFKLRJCq4F8CymYmqlVz%2BH6gaQUNQaZXEk0mgJTgrrV8MOFIbSRtjUM%2BfDQCCkggMcKwMk5s%2F2okLvgAxlfKXIt0YdWQo3pfxkN4YaTYJZH23TA03Di5SJsj%2Bz%2FP9DCCQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 67653365fb0105d0-FRA content-length 43 Redirect headers location https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-92dba693-4fdf-41ad-bd13-6a3bffe64695 date Thu, 29 Jul 2021 09:08:06 GMT server Apache-Coyote/1.1 content-length 0
GET H/1.1	200 OK	us sync.go.sonobi.com/ Frame 3AA4	0 474 B	233ms 53ms	Image text/plain	178.162.133.149 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-sync.go.sonobi.com Software sonobi-go / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Thu, 29 Jul 2021 09:08:06 GMT Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-9 P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache, no-store, private Tcn Choice Content-Type text/plain; charset=utf8 Content-Length 0 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT
GET H2	200	setuid sync.quantumdex.io/ Frame 3AA4 Redirect Chain https://ups.analytics.yahoo.com/ups/58424/occ https://ups.analytics.yahoo.com/ups/58424/occ?verify=true https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-XIw5lKFE2uG9hVdkiwtBxG43qY7YPuPAlhIbPig-~A	43 B 349 B	122ms 121ms	Image image/gif	2606:4700:20::681a:24e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-XIw5lKFE2uG9hVdkiwtBxG43qY7YPuPAlhIbPig-~A Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 29 Jul 2021 09:08:06 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CRXS1xMiupE53gAcKfphcBjWcTs7zD7Eqtujp0KhOZ4nekllJ83Ohmc7nAgvU%2Fq7ACtvnHmrLvLn2UYBy1pK68XY%2B0iPqcPj0rhuzrkZ7IDjoiHDmfcbKVpurA%2B9ROnQQPNprbZYXvMG%2FBhUkw2BHQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 67653365596305d0-FRA content-length 43 Redirect headers Date Thu, 29 Jul 2021 09:08:06 GMT Server ATS/7.1.2.128 Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Location https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-XIw5lKFE2uG9hVdkiwtBxG43qY7YPuPAlhIbPig-~A Connection keep-alive Content-Length 0
GET H2	200	setuid sync.quantumdex.io/ Frame 3AA4 Redirect Chain https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f25e20047498936deed2aa07	43 B 329 B	122ms 122ms	Image image/gif	2606:4700:20::681a:24e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f25e20047498936deed2aa07 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 29 Jul 2021 09:08:06 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XLkSYsCG5jXz9cN1s70IFSskYqe0FKQCQL3E9mNLyQxPRqCrlWmerTYC6yVcQ57YtcEO%2BqrZlhHiR%2BgHBDx6leJe4yFR5%2BC5AfHcfj23Uu08WEmtzybTpjzBcM6D01%2FGIREpu2Zr63%2BfmFFTWhMxLw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 67653365290605d0-FRA content-length 43 Redirect headers Date Thu, 29 Jul 2021 09:08:06 GMT Server nginx Location https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f25e20047498936deed2aa07 Access-Control-Allow-Methods GET, POST, DELETE, PUT Access-Control-Allow-Origin * Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap7ams1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 0
GET H2	200	setuid sync.quantumdex.io/ Frame 3AA4 Redirect Chain https://ms.quantumdex.io/user/sync/quantumdex https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=436c6529-1e93-448f-9bb9-7f6e9aa4588e	43 B 328 B	129ms 129ms	Image image/gif	2606:4700:20::681a:24e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=436c6529-1e93-448f-9bb9-7f6e9aa4588e Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 29 Jul 2021 09:08:06 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHCdvSUbuZ3SdLbkZEcf8YIKMyfi86GfkULEIy6lCOsPMpg3B1TS4SLaBuTnJ2sfH3G1DH77J%2BY2rCWM%2Bt6OQ1BV%2BLukp%2FB7t7sVMT%2FQHVKgKZ2hMj1OGDNhLTMMsb9mjndirteQZacVKljMwNrisA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 67653364d86d05d0-FRA content-length 43 Redirect headers date Thu, 29 Jul 2021 09:08:06 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y1xGKpiSMzlF8hoB9WUOj%2FMT1PWM4nJmD1XhWArCF%2Fx5pGenLNiXE8pX3OKFvcrqCmX7L4TxhLytnKSe4RbXuZQEyt4hOghIOiQPQRWKCoOINr0xo%2FgopOwnQBxgS0bN9SzHcz7KQDZIeIX7mk8%3D"}],"group":"cf-nel","max_age":604800} location https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=436c6529-1e93-448f-9bb9-7f6e9aa4588e cf-ray 67653363be2a05d0-FRA content-length 0
GET H2	200	/ Show response onetag-sys.com/usync/ Frame 5E35	3 KB 1 KB	67ms 62ms	Document text/html	51.89.9.251 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/usync/?pubId=2bb78272a859ca6 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip251.ip-51-89-9.eu Software / Resource Hash e1747f0d04f2a2eb067f3d96ea05e3085bb967fc05704f485bdbb32f3d618b87 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers :method GET :authority onetag-sys.com :scheme https :path /usync/?pubId=2bb78272a859ca6 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://sync.quantumdex.io/ accept-encoding gzip, deflate, br accept-language en-US cookie OTP=RlGbB_aH0yN8DU3RfVraLMnqUUDxRyPWbwt7hAs0Uqo Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://sync.quantumdex.io/ Response headers p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' set-cookie OTP=gFsefHoFF_02GRv4S55vLISGffkSWnDpnaNtLWwTJJg; path=/; expires=Sat, 29 Jul 2023 09:08:06; domain=onetag-sys.com; SameSite=None; Secure content-type text/html cache-control no-transform, no-cache content-encoding gzip content-length 1160 strict-transport-security max-age=15552000
GET H2	200	user_sync.html Show response ads.pubmatic.com/AdServer/js/ Frame 7D7F	14 KB 5 KB	168ms 59ms	Document text/html	2.18.233.180 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-233-180.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba Request headers :method GET :authority ads.pubmatic.com :scheme https :path /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://sync.quantumdex.io/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://sync.quantumdex.io/ Response headers last-modified Tue, 15 Jun 2021 06:08:03 GMT etag "1300708-3945-5c4c7cc02bd56" server Apache/2.2.15 (CentOS) accept-ranges bytes content-encoding gzip p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 5054 content-type text/html; charset=UTF-8 cache-control max-age=132416 expires Fri, 30 Jul 2021 21:55:02 GMT date Thu, 29 Jul 2021 09:08:06 GMT vary Accept-Encoding
GET H/1.1	200 OK	Cookie set usermatch Show response ssum-sec.casalemedia.com/ Frame 98F4 Redirect Chain https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1	2 KB 3 KB	84ms 84ms	Document text/html	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 5fcdd89b481edf2248684e9eeccae99ba8ca2377d7a286a992e332751432995e Request headers Host ssum-sec.casalemedia.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://sync.quantumdex.io/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie CMID=YQJv9ppCOI1M6XSawYuf4gAA; CMPS=227 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://sync.quantumdex.io/ Response headers Server Apache Content-Type text/html Dropped-Udsids 45|39|241|230|3|206|156|191 P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Vary Is-Traffic-Usersync Content-Length 1891 Expires Thu, 29 Jul 2021 09:08:06 GMT Cache-Control max-age=0, no-cache, no-store Pragma no-cache Date Thu, 29 Jul 2021 09:08:06 GMT Connection keep-alive Set-Cookie CMID=YQJv9ppCOI1M6XSawYuf4gAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 29 Jul 2022 09:08:06 GMT CMPS=227;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 27 Oct 2021 09:08:06 GMT CMPRO=1871;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 27 Oct 2021 09:08:06 GMT CMST=YQJv9mECb-YA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 30 Jul 2021 09:08:06 GMT CMRUM3=ce61026ff605a0&e661026ff62760&f161026ff605a0&0361026ff605a0&bf61026ff605a0&9c61026ff605a00&2761026ff60b40&2d61026ff605a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 29 Jul 2022 09:08:06 GMT Redirect headers Server Apache Content-Length 315 Content-Type text/html; charset=iso-8859-1 Location https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Expires Thu, 29 Jul 2021 09:08:06 GMT Cache-Control max-age=0, no-cache, no-store Pragma no-cache Date Thu, 29 Jul 2021 09:08:06 GMT Connection keep-alive Set-Cookie CMID=YQJv9ppCOI1M6XSawYuf4gAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 29 Jul 2022 09:08:06 GMT CMPS=227;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 27 Oct 2021 09:08:06 GMT
GET H/1.1	200 OK	Cookie set uc.html Show response sync.go.sonobi.com/ Frame 5CF0	43 B 555 B	221ms 54ms	Document text/html	178.162.133.149 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-sync.go.sonobi.com Software sonobi-go / Resource Hash bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25 Security Headers Name Value X-Xss-Protection 0 Request headers Host sync.go.sonobi.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://sync.quantumdex.io/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://sync.quantumdex.io/ Response headers Date Thu, 29 Jul 2021 09:08:06 GMT Content-Type text/html Transfer-Encoding chunked Expires Sat, 26 Jul 1997 05:00:00 GMT Cache-Control no-cache, no-store, private P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Pragma no-cache Tcn Choice Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-129 X-Xss-Protection 0 Content-Encoding gzip Server sonobi-go Set-Cookie HAPLB5S=s57129|YQJv+; path=/; domain=.go.sonobi.com
GET H/1.1	200 OK	Cookie set usermatch Show response ssum-sec.casalemedia.com/ Frame 1A90 Redirect Chain https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1	2 KB 3 KB	87ms 86ms	Document text/html	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/um/ixmatch.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 58d62a4e19c5999d2a0ca854bc49cae130a2139faad7ec3c2dfeac979a5cd148 Request headers Host ssum-sec.casalemedia.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://js-sec.indexww.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie CMPS=227; CMID=YQJv9tUThmyOtc.fu5IhbwAA Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://js-sec.indexww.com/ Response headers Server Apache Content-Type text/html Dropped-Udsids 241|45|39|230|206|46|123|31 P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Vary Is-Traffic-Usersync Content-Length 1839 Expires Thu, 29 Jul 2021 09:08:06 GMT Cache-Control max-age=0, no-cache, no-store Pragma no-cache Date Thu, 29 Jul 2021 09:08:06 GMT Connection keep-alive Set-Cookie CMID=YQJv9tUThmyOtc.fu5IhbwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 29 Jul 2022 09:08:06 GMT CMPS=227;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 27 Oct 2021 09:08:06 GMT CMPRO=335;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 27 Oct 2021 09:08:06 GMT CMRUM3=1f61026ff605a00&e661026ff62760&ce61026ff605a0&7b61026ff605a00&f161026ff605a0&2761026ff60b40&2d61026ff605a0&2e61026ff605a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 29 Jul 2022 09:08:06 GMT CMST=YQJv9mECb-YA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 30 Jul 2021 09:08:06 GMT Redirect headers Server Apache Content-Length 329 Content-Type text/html; charset=iso-8859-1 Location https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Expires Thu, 29 Jul 2021 09:08:06 GMT Cache-Control max-age=0, no-cache, no-store Pragma no-cache Date Thu, 29 Jul 2021 09:08:06 GMT Connection keep-alive Set-Cookie CMID=YQJv9tUThmyOtc.fu5IhbwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 29 Jul 2022 09:08:06 GMT CMPS=227;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 27 Oct 2021 09:08:06 GMT
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame 5C74	0 731 B	97ms 96ms	Script text/html	37.252.172.250 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Thu, 29 Jul 2021 09:08:06 GMT X-Proxy-Origin 185.236.42.29; 185.236.42.29; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 87e6ffb1-abbb-42d6-b495-efb02cf2e78c Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	11066102-6ff6-4400-8ec3-7ce9fc07ae09 onetag-sys.com/sync/i,1/ Frame 5E35 Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D https://onetag-sys.com/sync/i,1/11066102-6ff6-4400-8ec3-7ce9fc07ae09	0 290 B	64ms 62ms	Image text/plain	51.89.9.251 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/sync/i,1/11066102-6ff6-4400-8ec3-7ce9fc07ae09 Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip251.ip-51-89-9.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000 cache-control no-cache, no-transform content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Redirect headers Date Thu, 29 Jul 2021 09:08:06 GMT Server MT3 3810 5cb7d7e master zrh-pixel-x3 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://onetag-sys.com/sync/i,1/11066102-6ff6-4400-8ec3-7ce9fc07ae09 Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Thu, 29 Jul 2021 09:08:05 GMT
GET H/1.1	204 No Content	sync.php pixel-eu.rubiconproject.com/exchange/ Frame 5E35	0 239 B	118ms 54ms	Image image/gif	69.173.144.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 704c1e4d3fcc922a3031d436b584678b Content-Type image/gif
GET H2	204	/ onetag-sys.com/sync/i,19/ Frame 5E35 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm&no_r=1 https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_cm=&no_r=1&google_tc= https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEIjZMcqO-MSWAfg_k8RyVO0&google_cver=1	0 287 B	61ms 61ms	Image text/plain	51.89.9.251 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEIjZMcqO-MSWAfg_k8RyVO0&google_cver=1 Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip251.ip-51-89-9.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000 cache-control no-cache, no-transform p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Redirect headers pragma no-cache date Thu, 29 Jul 2021 09:08:06 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://onetag-sys.com/sync/i,19/?no_r=1&google_gid=CAESEIjZMcqO-MSWAfg_k8RyVO0&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 298 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	sync pixel.advertising.com/ups/58198/ Frame 5E35	0 124 B	60ms 57ms	Image text/plain	18.159.140.98 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.159.140.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 29 Jul 2021 09:08:06 GMT strict-transport-security max-age=31536000 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H2	200	/ onetag-sys.com/match/ Frame 5E35 Redirect Chain https://ups.analytics.yahoo.com/ups/58488/occ https://ups.analytics.yahoo.com/ups/58488/occ?verify=true https://onetag-sys.com/match/?int_id=92&uid=y-XIw5lKFE2uG9hVdkiwtBxG43qY7YPuPAlhIbPig-~A	0 291 B	62ms 62ms	Image text/plain	51.89.9.251 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/match/?int_id=92&uid=y-XIw5lKFE2uG9hVdkiwtBxG43qY7YPuPAlhIbPig-~A Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip251.ip-51-89-9.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000 cache-control no-transform, no-cache content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Redirect headers Date Thu, 29 Jul 2021 09:08:06 GMT Server ATS/7.1.2.128 Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Location https://onetag-sys.com/match/?int_id=92&uid=y-XIw5lKFE2uG9hVdkiwtBxG43qY7YPuPAlhIbPig-~A Connection keep-alive Content-Length 0
GET H2	200	/ onetag-sys.com/sync/i,29/ Frame 5E35 Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= https://onetag-sys.com/sync/i,29/?tdid=31a51baf-11ba-4a73-ab69-62c6dbf8a374&ttl=1630141686	43 B 379 B	62ms 61ms	Image image/gif	51.89.9.251 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/sync/i,29/?tdid=31a51baf-11ba-4a73-ab69-62c6dbf8a374&ttl=1630141686 Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip251.ip-51-89-9.eu Software / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000 content-encoding gzip cache-control no-cache, no-transform content-length 64 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Redirect headers pragma no-cache date Thu, 29 Jul 2021 09:08:06 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://onetag-sys.com/sync/i,29/?tdid=31a51baf-11ba-4a73-ab69-62c6dbf8a374&ttl=1630141686 cache-control private,no-cache, must-revalidate content-type text/html content-length 211
GET H2	200	/ onetag-sys.com/match/ Frame 5E35 Redirect Chain https://x.bidswitch.net/sync?ssp=onetag https://x.bidswitch.net/ul_cb/sync?ssp=onetag https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Donetag%26bsw_param%3D5f1f773e-e9eb-4e1c-88e9-678ed03bf426... https://x.bidswitch.net/sync?dsp_id=80&user_id=11066102-6ff6-4400-8ec3-7ce9fc07ae09&expires=30&ssp=onetag&bsw_param=5f1f773e-e9eb-4e1c-88e9-678ed03bf426&gdpr=&gdpr_consent= https://onetag-sys.com/match/?int_id=30&uid=5f1f773e-e9eb-4e1c-88e9-678ed03bf426&gdpr=&gdpr_consent=&us_privacy=	0 291 B	62ms 62ms	Image text/plain	51.89.9.251 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/match/?int_id=30&uid=5f1f773e-e9eb-4e1c-88e9-678ed03bf426&gdpr=&gdpr_consent=&us_privacy= Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip251.ip-51-89-9.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000 cache-control no-transform, no-cache content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Redirect headers location //onetag-sys.com/match/?int_id=30&uid=5f1f773e-e9eb-4e1c-88e9-678ed03bf426&gdpr=&gdpr_consent=&us_privacy= date Thu, 29 Jul 2021 09:08:06 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H2	200	3746615079215131060 onetag-sys.com/sync/i,34/ Frame 5E35 Redirect Chain https://dmp.adform.net/serving/cookie/match?party=1167&cid=RlGbB_aH0yN8DU3RfVraLMnqUUDxRyPWbwt7hAs0Uqo https://onetag-sys.com/sync/i,34/3746615079215131060	0 290 B	62ms 62ms	Image text/plain	51.89.9.251 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/sync/i,34/3746615079215131060 Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip251.ip-51-89-9.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000 cache-control no-cache, no-transform content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Redirect headers pragma no-cache date Thu, 29 Jul 2021 09:08:06 GMT server nginx location https://onetag-sys.com/sync/i,34/3746615079215131060 access-control-max-age 86400 access-control-allow-methods GET access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame 5E35	0 239 B	114ms 54ms	Image image/gif	69.173.144.165 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=RlGbB_aH0yN8DU3RfVraLMnqUUDxRyPWbwt7hAs0Uqo Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 6f9fd0201ed801884e5299d5aabca094 Content-Type image/gif
GET H2	200	setuid sync.quantumdex.io/ Frame 5E35	43 B 342 B	132ms 130ms	Image image/gif	2606:4700:20::681a:24e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=onetag&uid=RlGbB_aH0yN8DU3RfVraLMnqUUDxRyPWbwt7hAs0Uqo Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 29 Jul 2021 09:08:06 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XflCdb9cjTvh%2BLdrdHJ8lQbLi6sqN64z%2FGn1DSqPP1r1781Cm%2FL1ytSXsAX5cWMsEQIdozzX4a%2B%2B%2BS1eaIrasLlZUpiPbehlMQNlvRi2JZe3fWqbLicWhO0iRcybIVgdzpP%2Ff8j%2B8p56fxk5TIKTOw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 676533642f2005d0-FRA content-length 43
GET H2	200	PugMaster Show response image6.pubmatic.com/AdServer/ Frame 7D7F	0 42 B	175ms 55ms	Script text/plain	185.64.190.78 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=22907457&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 29 Jul 2021 09:08:05 GMT content-length 0
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame 98F4 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YQJv9ppCOI1M6XSawYuf4gAA https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIYZ33iPSWu-WuYoGrQaLZ0&google_cver=1&gdpr=1	43 B 1 KB	64ms 64ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIYZ33iPSWu-WuYoGrQaLZ0&google_cver=1&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Thu, 29 Jul 2021 09:08:06 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 29 Jul 2021 09:08:06 GMT Redirect headers pragma no-cache date Thu, 29 Jul 2021 09:08:06 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIYZ33iPSWu-WuYoGrQaLZ0&google_cver=1&gdpr=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 325 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	casale match.adsrvr.org/track/cmf/ Frame 98F4	70 B 264 B	69ms 68ms	Image image/gif	76.223.111.131 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YQJv9ppCOI1M6XSawYuf4gAA&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 76.223.111.131 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a97adde81b00f2ca4.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 29 Jul 2021 09:08:06 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H/1.1	200 OK	dcm s.amazon-adsystem.com/ Frame 98F4 Redirect Chain https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQJv9ppCOI1M6XSawYuf4gAAB08AAAIB https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQJv9ppCOI1M6XSawYuf4gAAB08AAAIB&dcc=t	43 B 645 B	249ms 123ms	Image image/gif	52.46.133.124 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQJv9ppCOI1M6XSawYuf4gAAB08AAAIB&dcc=t Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Thu, 29 Jul 2021 09:08:07 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid N39B7DB7SMAXW45HDMQJ Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Thu, 29 Jul 2021 09:08:07 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid 7WG8K33BNWJTGSE98AX9 Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQJv9ppCOI1M6XSawYuf4gAAB08AAAIB&dcc=t Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	usermatchredir ssum-sec.casalemedia.com/ Frame 98F4 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQJv9ppCOI1M6XSawYuf4gAAB08AAAIB&gdpr_consent=&us_privacy=&gdpr=1 https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPv-9zoXO1oN2cApOdIybPA&google_cver=1	43 B 315 B	63ms 63ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPv-9zoXO1oN2cApOdIybPA&google_cver=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Thu, 29 Jul 2021 09:08:06 GMT Server Apache Vary Is-Traffic-Usersync Content-Type image/gif Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 43 Expires Thu, 29 Jul 2021 09:08:06 GMT Redirect headers pragma no-cache date Thu, 29 Jul 2021 09:08:06 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPv-9zoXO1oN2cApOdIybPA&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 343 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame 98F4 Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=11066102-6ff6-4400-8ec3-7ce9fc07ae09&gdpr=1&gdpr_consent=	43 B 1023 B	173ms 63ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=11066102-6ff6-4400-8ec3-7ce9fc07ae09&gdpr=1&gdpr_consent= Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Thu, 29 Jul 2021 09:08:06 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 29 Jul 2021 09:08:06 GMT Redirect headers Date Thu, 29 Jul 2021 09:08:06 GMT Server MT3 3810 5cb7d7e master zrh-pixel-x8 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=11066102-6ff6-4400-8ec3-7ce9fc07ae09&gdpr=1&gdpr_consent= Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Thu, 29 Jul 2021 09:08:05 GMT
GET H/1.1	204 No Content	sync ups.analytics.yahoo.com/ups/55940/ Frame 98F4	0 234 B	58ms 57ms	Image text/plain	18.156.0.31 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YQJv9ppCOI1M6XSawYuf4gAAB08AAAIB&gdpr_consent=&us_privacy=&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-0-31.eu-central-1.compute.amazonaws.com Software ATS/7.1.2.128 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 29 Jul 2021 09:08:06 GMT Server ATS/7.1.2.128 Connection keep-alive Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H/1.1	200 OK	cookiesync bttrack.com/pixel/ Frame 98F4	35 B 380 B	549ms 137ms	Image image/gif	192.132.33.46 BIDTELLECT
General Check archive.org Show headers Download Go to Show image Full URL https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US), Reverse DNS 46.bidtellect.com Software Microsoft-IIS/8.5 / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers X-ServerName Track002-dc3 Pragma no-cache Date Thu, 29 Jul 2021 09:07:28 GMT X-AspNetMvc-Version 5.2 Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 P3P CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC" Cache-Control private,no-cache Content-Type image/gif Content-Length 35 Expires -1
GET H2	200	index dmp.brand-display.com/cm/api/ Frame 98F4	43 B 253 B	959ms 148ms	Image image/gif	35.241.40.233 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software nginx/1.20.1 / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 29 Jul 2021 09:08:07 GMT via 1.1 google last-modified Thu, 29 Jul 2021 09:08:07 GMT server nginx/1.20.1 content-type image/gif cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 alt-svc clear content-length 43 expires Thu, 29 Jul 2021 09:08:08 GMT
GET H2	200	setuid sync.quantumdex.io/ Frame 98F4	43 B 327 B	125ms 124ms	Image image/gif	2606:4700:20::681a:24e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=ix&uid=YQJv9ppCOI1M6XSawYuf4gAAB08AAAIB Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 29 Jul 2021 09:08:06 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F6ntsrMTcvlTKLNP7OLiixnek%2BsmXKl6M0%2FDo%2Bl7KKk9hft2lD%2BCKXHs7iw1IkZ65YhMwUz5N9RUX8npJeiLx62hXEJqX%2Bt6UqsqeJ1SoJ8GiTEDHJ2ZGKOxdN1isBVd4ku0NlWm7JyF0sGizAd2rA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 6765336579aa05d0-FRA content-length 43
GET H/1.1	200 OK	dcm s.amazon-adsystem.com/ Frame 1A90 Redirect Chain https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQJv9tUThmyOtc-fu5IhbwAAAU8AAAAB https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQJv9tUThmyOtc-fu5IhbwAAAU8AAAAB&dcc=t	43 B 645 B	240ms 123ms	Image image/gif	52.46.133.124 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQJv9tUThmyOtc-fu5IhbwAAAU8AAAAB&dcc=t Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Thu, 29 Jul 2021 09:08:07 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid W9V5FTH0XH59G70S7Z84 Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Thu, 29 Jul 2021 09:08:07 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid EH0GZQ6VP61WCXA4W3VR Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQJv9tUThmyOtc-fu5IhbwAAAU8AAAAB&dcc=t Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame 1A90 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YQJv9tUThmyOtc.fu5IhbwAA https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIYZ33iPSWu-WuYoGrQaLZ0&google_cver=1&gdpr=1&google_hm=2	43 B 1 KB	65ms 65ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIYZ33iPSWu-WuYoGrQaLZ0&google_cver=1&gdpr=1&google_hm=2 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Thu, 29 Jul 2021 09:08:06 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 29 Jul 2021 09:08:06 GMT Redirect headers pragma no-cache date Thu, 29 Jul 2021 09:08:06 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIYZ33iPSWu-WuYoGrQaLZ0&google_cver=1&gdpr=1&google_hm=2 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 341 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	casale match.adsrvr.org/track/cmf/ Frame 1A90	70 B 264 B	72ms 68ms	Image image/gif	76.223.111.131 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YQJv9tUThmyOtc.fu5IhbwAA&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 76.223.111.131 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a97adde81b00f2ca4.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 29 Jul 2021 09:08:06 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H/1.1	200 OK	usermatchredir ssum-sec.casalemedia.com/ Frame 1A90 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQJv9tUThmyOtc-fu5IhbwAAAU8AAAAB&gdpr_consent=&us_privacy=&gdpr=1 https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPv-9zoXO1oN2cApOdIybPA&google_cver=1	43 B 315 B	63ms 63ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPv-9zoXO1oN2cApOdIybPA&google_cver=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Thu, 29 Jul 2021 09:08:06 GMT Server Apache Vary Is-Traffic-Usersync Content-Type image/gif Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 43 Expires Thu, 29 Jul 2021 09:08:06 GMT Redirect headers pragma no-cache date Thu, 29 Jul 2021 09:08:06 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPv-9zoXO1oN2cApOdIybPA&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 343 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	204 No Content	sync ups.analytics.yahoo.com/ups/55940/ Frame 1A90	0 234 B	56ms 54ms	Image text/plain	18.156.0.31 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YQJv9tUThmyOtc-fu5IhbwAAAU8AAAAB&gdpr_consent=&us_privacy=&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-0-31.eu-central-1.compute.amazonaws.com Software ATS/7.1.2.128 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 29 Jul 2021 09:08:06 GMT Server ATS/7.1.2.128 Connection keep-alive Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H/1.1	400 Request failed due to privacy signals	getuid secure.adnxs.com/ Frame 1A90	0 0	1236ms 132ms	Image text/html	185.33.221.88 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 1A90 Redirect Chain https://sync.srv.stackadapt.com/sync?nid=68 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=FcGizJGlT6p-qMSoKdzuCLnsKh0	43 B 1 KB	80ms 80ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=FcGizJGlT6p-qMSoKdzuCLnsKh0 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Thu, 29 Jul 2021 09:08:08 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 29 Jul 2021 09:08:08 GMT Redirect headers Location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=FcGizJGlT6p-qMSoKdzuCLnsKh0 Date Thu, 29 Jul 2021 09:08:08 GMT Connection keep-alive Content-Length 122 Content-Type text/html; charset=utf-8
GET H/1.1	200 OK	noop px.owneriq.net/ Frame 1A90 Redirect Chain https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6808360881044549864&uid=Q6808360881044549864&ref=%2Feucm%2Fp%2Fcc https://px.owneriq.net/noop?ct=image%2Fgif	0 287 B	50ms 50ms	Image image/gif	104.111.242.53 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.owneriq.net/noop?ct=image%2Fgif Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-242-53.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 29 Jul 2021 09:08:08 GMT Server Apache/2.2.15 (CentOS) Connection keep-alive P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" X-Powered-By PHP/5.3.3 Content-Length 0 Content-Type image/gif Redirect headers Location https://px.owneriq.net/noop?ct=image%2Fgif Date Thu, 29 Jul 2021 09:08:08 GMT Server AkamaiGHost Connection keep-alive Content-Length 0
GET H/1.1	200 OK	htw-pixel.gif js-sec.indexww.com/ht/ Frame 1A90	43 B 425 B	54ms 52ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://js-sec.indexww.com/ht/htw-pixel.gif?YQJv9tUThmyOtc.fu5IhbwAA%26335 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 29 Jul 2021 09:08:06 GMT Last-Modified Tue, 24 Jan 2017 19:36:04 GMT Server Apache ETag "902a3d-2b-546dc3a097100" P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=2486 Connection keep-alive Accept-Ranges bytes Content-Type image/gif Content-Length 43 Expires Thu, 29 Jul 2021 09:49:32 GMT
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame 5C74	0 731 B	50ms 49ms	Script text/html	37.252.172.250 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Thu, 29 Jul 2021 09:08:07 GMT X-Proxy-Origin 185.236.42.29; 185.236.42.29; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 960011b8-c02e-4d3a-ba78-366d84522c01 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	200	48953915 Show response mc.yandex.com/webvisor/	43 B 145 B	47ms 47ms	XHR image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=3&wv-hit=313600713&page-url=https%3A%2F%2Fask.fm%2Fweaselslash035&rn=342067975&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1627549688%3Aw%3A1600x1200%3Av%3A606%3Az%3A120%3Ai%3A20210729110808%3Au%3A1627549679600225997%3Avf%3A4uzkmd4e35cd16k0n%3Awe%3A1%3Ati%3A2%3Ast%3A1627549688 Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 29 Jul 2021 09:08:08 GMT last-modified Thu, 29-Jul-2021 09:08:08 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Thu, 29-Jul-2021 09:08:08 GMT