ask.fm Open in urlscan Pro
193.138.77.141 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ask.fm/sodatramp7205
Submission: On August 10 via manual (August 10th 2021, 5:20:49 pm UTC) from US

Summary HTTP 92 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 32 IPs in 10 countries across 36 domains to perform 92 HTTP transactions. The main IP is 193.138.77.141, located in Latvia and belongs to ASK-FM, US. The main domain is ask.fm.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on July 30th 2020. Valid for: a year.

This is the only time ask.fm was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	193.138.77.141 193.138.77.141	395754 (ASK-FM) (ASK-FM)
9	2600:9000:211... 2600:9000:211e:2800:11:3771:2e40:21	16509 (AMAZON-02) (AMAZON-02)
3 11	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:de00:6:b871:4f00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:206... 2600:9000:206f:b000:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	78.140.185.30 78.140.185.30	35415 (WEBZILLA) (WEBZILLA)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 8	185.33.221.52 185.33.221.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1	23.37.38.181 23.37.38.181	16625 (AKAMAI-AS) (AKAMAI-AS)
1	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
6	147.75.38.124 147.75.38.124	54825 (PACKET) (PACKET)
1 11	2606:4700:20:... 2606:4700:20::681a:34e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
7 19	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::ac43:8ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
3 3	18.197.99.6 18.197.99.6	16509 (AMAZON-02) (AMAZON-02)
6 7	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2 2	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	35.158.223.21 35.158.223.21	16509 (AMAZON-02) (AMAZON-02)
1 2	54.36.109.48 54.36.109.48	16276 (OVH) (OVH)
2	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
6 6	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2 4	209.54.177.54 209.54.177.54	16509 (AMAZON-02) (AMAZON-02)
2	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3039::6815:c029	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
2 2	51.178.20.140 51.178.20.140	16276 (OVH) (OVH)
1 1	34.193.59.132 34.193.59.132	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.30.14.23 52.30.14.23	16509 (AMAZON-02) (AMAZON-02)
1 1	54.81.207.173 54.81.207.173	14618 (AMAZON-AES) (AMAZON-AES)
92	32

4 193.138.77.141 (Latvia)

ASN395754 (ASK-FM, US)

ask.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:211e:2800:11:3771:2e40:21 (United States)

ASN16509 (AMAZON-02, US)

d3r6ceqp4shltl.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:de00:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:b000:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 78.140.185.30 (Netherlands)

ASN35415 (WEBZILLA, NL)
PTR: ap12.adplayer.pro

serving.stat-rock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.33.221.52 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:20::681a:34e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

useast.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ms.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2.18.234.21 (Frankfurt am Main, Germany) 7 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:8ae (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 72.251.249.13 (Amsterdam, Netherlands) 4 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.197.99.6 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.156.0.31 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.80 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.223.21 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.36.109.48 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: p03.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.162.133.149 (Madrid, Spain)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.66 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 209.54.177.54 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3039::6815:c029 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.178.20.140 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns31193670.ip-51-178-20.eu

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.193.59.132 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-59-132.compute-1.amazonaws.com

nep.advangelists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.14.23 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.81.207.173 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-207-173.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	casalemedia.com 7 redirects htlb.casalemedia.com ssum.casalemedia.com ssum-sec.casalemedia.com dsum-sec.casalemedia.com	18 KB
11	quantumdex.io 1 redirects useast.quantumdex.io sync.quantumdex.io ms.quantumdex.io	5 KB
9	adnxs.com 4 redirects ib.adnxs.com acdn.adnxs.com	25 KB
9	yandex.com 2 redirects mc.yandex.com	3 KB
9	cloudfront.net d3r6ceqp4shltl.cloudfront.net	234 KB
7	yahoo.com 6 redirects ups.analytics.yahoo.com	6 KB
6	doubleclick.net 6 redirects cm.g.doubleclick.net	1 KB
6	a-mo.net prebid.a-mo.net	1 KB
6	stat-rock.com serving.stat-rock.com	96 KB
4	amazon-adsystem.com 2 redirects s.amazon-adsystem.com	3 KB
4	pubmatic.com 2 redirects image2.pubmatic.com ads.pubmatic.com image6.pubmatic.com	6 KB
4	lijit.com 4 redirects ap.lijit.com	2 KB
4	onetag-sys.com onetag-sys.com	2 KB
4	criteo.com 1 redirects gum.criteo.com mug.criteo.com	1 KB
4	ask.fm ask.fm	22 KB
3	advertising.com 3 redirects pixel.advertising.com	1 KB
3	optad360.io cmp.optad360.io get.optad360.io	565 KB
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net	1 KB
2	dyntrk.com 2 redirects gu.dyntrk.com	850 B
2	adsrvr.org match.adsrvr.org	529 B
2	sonobi.com sync.go.sonobi.com	1 KB
2	id5-sync.com 1 redirects id5-sync.com	3 KB
2	indexww.com js-sec.indexww.com	2 KB
2	facebook.net connect.facebook.net	69 KB
2	yandex.ru 1 redirects mc.yandex.ru	72 KB
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	610 B
1	advangelists.com 1 redirects nep.advangelists.com	233 B
1	bttrack.com bttrack.com	380 B
1	ad4m.at ad4m.at
1	quantserve.com 1 redirects pixel.quantserve.com	512 B
1	sharethrough.com 1 redirects match.sharethrough.com	240 B
1	connectad.io i.connectad.io Failed cdn.connectad.io
1	adform.net adx.adform.net	449 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	facebook.com www.facebook.com	147 B
1	googletagmanager.com www.googletagmanager.com	36 KB
92	36

	Domain	Requested by
9	dsum-sec.casalemedia.com	3 redirects ssum-sec.casalemedia.com
9	sync.quantumdex.io	get.optad360.io sync.quantumdex.io ssum-sec.casalemedia.com
9	mc.yandex.com	2 redirects ask.fm mc.yandex.ru
9	d3r6ceqp4shltl.cloudfront.net	ask.fm d3r6ceqp4shltl.cloudfront.net
8	ib.adnxs.com	4 redirects get.optad360.io acdn.adnxs.com
7	ups.analytics.yahoo.com	6 redirects ssum-sec.casalemedia.com
6	cm.g.doubleclick.net	6 redirects
6	ssum-sec.casalemedia.com	2 redirects sync.quantumdex.io js-sec.indexww.com ssum-sec.casalemedia.com
6	prebid.a-mo.net	get.optad360.io
6	serving.stat-rock.com	get.optad360.io
4	s.amazon-adsystem.com	2 redirects ssum-sec.casalemedia.com
4	ap.lijit.com	4 redirects
4	onetag-sys.com	get.optad360.io sync.quantumdex.io
4	ask.fm	d3r6ceqp4shltl.cloudfront.net serving.stat-rock.com
3	pixel.advertising.com	3 redirects
2	bcp.crwdcntrl.net	1 redirects ssum-sec.casalemedia.com
2	gu.dyntrk.com	2 redirects
2	match.adsrvr.org	ssum-sec.casalemedia.com
2	sync.go.sonobi.com	sync.quantumdex.io
2	id5-sync.com	1 redirects sync.quantumdex.io
2	ssum.casalemedia.com	2 redirects
2	image2.pubmatic.com	2 redirects
2	js-sec.indexww.com	get.optad360.io ssum-sec.casalemedia.com
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	get.optad360.io	d3r6ceqp4shltl.cloudfront.net get.optad360.io
2	connect.facebook.net	d3r6ceqp4shltl.cloudfront.net connect.facebook.net
2	mc.yandex.ru	1 redirects d3r6ceqp4shltl.cloudfront.net
1	sync.srv.stackadapt.com	1 redirects
1	nep.advangelists.com	1 redirects
1	bttrack.com	ssum-sec.casalemedia.com
1	ad4m.at	ssum-sec.casalemedia.com
1	pixel.quantserve.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	ads.pubmatic.com	sync.quantumdex.io
1	ms.quantumdex.io	1 redirects
1	match.sharethrough.com	1 redirects
1	cdn.connectad.io	get.optad360.io
1	acdn.adnxs.com	get.optad360.io
1	useast.quantumdex.io	get.optad360.io
1	adx.adform.net	get.optad360.io
1	htlb.casalemedia.com	get.optad360.io
1	cdn.jsdelivr.net	get.optad360.io
1	www.facebook.com
1	cmp.optad360.io	d3r6ceqp4shltl.cloudfront.net
1	www.googletagmanager.com	d3r6ceqp4shltl.cloudfront.net
0	i.connectad.io Failed	get.optad360.io
92	47

This site contains links to these domains. Also see Links.

Domain
about.ask.fm
safety.ask.fm
support.ask.fm
www.facebook.com
instagram.com
twitter.com
vk.com

Subject Issuer	Validity	Valid
*.ask.fm AlphaSSL CA - SHA256 - G2	`2020-07-30` - `2021-09-27`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.optad360.io Amazon	`2020-12-17` - `2022-01-15`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
serving.stat-rock.com R3	`2021-06-20` - `2021-09-18`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.a-mo.net R3	`2021-07-16` - `2021-10-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
onetag-sys.com R3	`2021-07-26` - `2021-10-24`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
connectad.io Cloudflare Inc ECC CA-3	`2021-05-16` - `2022-05-15`	a year	crt.sh
*.id5-sync.com R3	`2021-07-13` - `2021-10-11`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-29` - `2022-03-29`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-22` - `2021-09-15`	6 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://ask.fm/sodatramp7205
Frame ID: D7F94BC5A44B86D8D809F45547540381
Requests: 51 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: EC7A5032516C496AFBD758D762216C99
Requests: 3 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: FDF33A8CC7ACEA4BB914575E9C3EEC71
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 0FBCD6253BA8C350975040EE778A9BEC
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 2DA0852FCEE9D32FD71D69E38668BEB9
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1628616032633
Frame ID: 9F301A002DD8E6C94C56AABB92D414DD
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Frame ID: E862240D06453C445AEE573E1EB2D196
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: D3E56062670AF05498AEF0544F55F28D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: FC0917A2C0D2A0FF98D0DC12EC6644FE
Requests: 2 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 12302FEF664157E0E000E73A471E633E
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 5853018BECBCCAC7EB35A2CC0860ECB6
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

jimenezagkhave (@sodatramp7205) — Ask me anything | ASKfm

Detected technologies

Ruby (Programming Languages) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Page Statistics

92
Requests

99 %
HTTPS

33 %
IPv6

36
Domains

47
Subdomains

32
IPs

10
Countries

1150 kB
Transfer

2273 kB
Size

8
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://about.ask.fm/cookie-policy/?lang=en
Title: Cookies

Search URL Search Domain Scan URL

URL: https://about.ask.fm/?lang=en
Title: About ASKfm

Search URL Search Domain Scan URL

URL: https://about.ask.fm/terms/?lang=en
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://safety.ask.fm/?lang=en
Title: Safety center

Search URL Search Domain Scan URL

URL: https://about.ask.fm/privacy-policy/?lang=en
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://about.ask.fm/transparency-report/?lang=en
Title: Transparency report

Search URL Search Domain Scan URL

URL: https://support.ask.fm/
Title: Help

Search URL Search Domain Scan URL

URL: https://www.facebook.com/askfmpage

Search URL Search Domain Scan URL

URL: https://instagram.com/askfm

Search URL Search Domain Scan URL

URL: https://twitter.com/askfm

Search URL Search Domain Scan URL

URL: https://vk.com/askfm

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9361.jYb_dbmJ4J-3erwjW9A-kljxPPF4qBDYgO_A4nnwsk9Vs0__wTCVMeHbVUKgCAJk.n4c1oxk7ZbShfBizeVRoHgprUDk%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9361.x4UqrKuzVPaxFs6LQdjDXZGIjfD6TeDidbY0pajPeJt4Z4LF_LY0zzjlVhxOTdEQ3GQg9HkjEmkKogq8wu7kdg%2C%2C.W0pTkTYoGsX0hRLQSKWPjNoNkoM%2C

Request Chain 10

https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fsodatramp7205&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12vwkywz4p6qw9gg56%3Afp%3A922%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A1%3Adp%3A0%3Als%3A186096430609%3Ahid%3A914903959%3Az%3A120%3Ai%3A202108010192029%3Aet%3A1628616029%3Ac%3A1%3Arn%3A926730893%3Au%3A16286160291013365627%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628616028058%3Ads%3A4%2C399%2C217%2C1%2C0%2C0%2C%2C104%2C118%2C%2C%2C%2C729%3Adsn%3A4%2C399%2C217%2C2%2C0%2C0%2C%2C105%2C117%2C%2C%2C%2C730%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628616029%3At%3Ajimenezagkhave%20(%40sodatramp7205)%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm HTTP 302
https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fsodatramp7205&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12vwkywz4p6qw9gg56%3Afp%3A922%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A1%3Adp%3A0%3Als%3A186096430609%3Ahid%3A914903959%3Az%3A120%3Ai%3A202108010192029%3Aet%3A1628616029%3Ac%3A1%3Arn%3A926730893%3Au%3A16286160291013365627%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628616028058%3Ads%3A4%2C399%2C217%2C1%2C0%2C0%2C%2C104%2C118%2C%2C%2C%2C729%3Adsn%3A4%2C399%2C217%2C2%2C0%2C0%2C%2C105%2C117%2C%2C%2C%2C730%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628616029%3At%3Ajimenezagkhave%20%28%40sodatramp7205%29%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm

Request Chain 26

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=JfK3A3xhUHJOUXZ2U3FMbnRFK0N5K2FhL1FCcGZaSDVFTlkyaTVrOGlRQytBSmUzK3QrMjZVT0IwaEtYa1l5dTIzclk4bXV5Q05HSVVHanpDWk9mb1AzRmphbFJTZFpYekMzOXppVEdWTWtDMHljb3B2WXEzOEVwcEsvQXB3WmdrZURpa2RtT2J2aXFFekN1dm9ha0NrYk9WM1NHVWIyRXl5bkgzOXBGcy95azJqaFZjUU1ld21oM1pqaERlbUN2M3NaRVhGaEptT2VoblRkV1R4L0NLMm9DU3g1cGZpSGdlUXZvWkdhTFNxRHdiVlJzPXw&cppv=2

Request Chain 50

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dedde863c-9d26-4173-babd-83539b100f29%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dedde863c-9d26-4173-babd-83539b100f29%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://prebid.a-mo.net/setuid?A=edde863c-9d26-4173-babd-83539b100f29&D=&bidder=sovrn&uid=01cea97b2e4de285b623be76

Request Chain 51

https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=edde863c-9d26-4173-babd-83539b100f29 HTTP 302
https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=edde863c-9d26-4173-babd-83539b100f29&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=edde863c-9d26-4173-babd-83539b100f29&apid=UP468b40da-f9ff-11eb-a33a-026f5c750c26 HTTP 302
https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=edde863c-9d26-4173-babd-83539b100f29&apid=UP468b40da-f9ff-11eb-a33a-026f5c750c26&verify=true HTTP 302
https://prebid.a-mo.net/setuid/verizon_video?uid=UP468b40da-f9ff-11eb-a33a-026f5c750c26&gdpr=0&gdpr_consent=

Request Chain 52

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dedde863c-9d26-4173-babd-83539b100f29%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dedde863c-9d26-4173-babd-83539b100f29%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
https://prebid.a-mo.net/setuid?A=edde863c-9d26-4173-babd-83539b100f29&D=&bidder=pubmatic&uid=B17C3646-C17F-47F5-A214-6804B2E9B0DF

Request Chain 53

https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dedde863c-9d26-4173-babd-83539b100f29%26D%3D%26bidder%3Dindex_rtb%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dedde863c-9d26-4173-babd-83539b100f29%26D%3D%26bidder%3Dindex_rtb%26uid%3D&C=1 HTTP 302
https://prebid.a-mo.net/setuid?A=edde863c-9d26-4173-babd-83539b100f29&D=&bidder=index_rtb&uid=YRK1ZBG316gTK-D41hB89wAA%261125

Request Chain 54

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dedde863c-9d26-4173-babd-83539b100f29%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253Dedde863c-9d26-4173-babd-83539b100f29%2526D%253D%2526bidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
https://prebid.a-mo.net/setuid?A=edde863c-9d26-4173-babd-83539b100f29&D=&bidder=appnexus&uid=8183877263797321952

Request Chain 56

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8183877263797321952

Request Chain 57

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=3e2ee76c19f5ba56f7e9782c

Request Chain 58

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-AJ3AokpE2uEPCYT0YlVncf3WO1Fqr5IB7U0wr7o-~A

Request Chain 59

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=099dc741-99f5-40e2-bd8c-8ec85ba16186

Request Chain 60

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=42f99442-cbff-4830-a896-7f2b2ed44e2d

Request Chain 61

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Request Chain 62

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8183877263797321952

Request Chain 64

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP468b40da-f9ff-11eb-a33a-026f5c750c26 HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP468b40da-f9ff-11eb-a33a-026f5c750c26&verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP468b40da-f9ff-11eb-a33a-026f5c750c26

Request Chain 65

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1

Request Chain 69

https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 72

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YRK1ZJUeEe7n4_qlsS9xMAAABGUAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YRK1ZJUeEe7n4_qlsS9xMAAABGUAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEA6iufqJUPa0jOnBwc3g3ew&google_cver=1

Request Chain 73

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YRK1ZJUeEe7n4-qlsS9xMAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELtsEXTOAGuqps6IR75_Oyo&google_cver=1

Request Chain 74

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRK1ZJUeEe7n4_qlsS9xMAAABGUAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRK1ZJUeEe7n4_qlsS9xMAAABGUAAAIB&dcc=t

Request Chain 76

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=qQE3RP0FMEKyBWUS-wkrRvpUMUKyB2BDqwWS8wvv

Request Chain 79

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

Request Chain 81

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YRK1ZJUeEe7n4_qlsS9xNQAABGUAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YRK1ZJUeEe7n4_qlsS9xNQAABGUAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKgVHghnxMrTZSZSJE2VPvE&google_cver=1

Request Chain 83

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRK1ZJUeEe7n4_qlsS9xNQAABGUAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRK1ZJUeEe7n4_qlsS9xNQAABGUAAAIB&dcc=t

Request Chain 84

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YRK1ZJUeEe7n4-qlsS9xNQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELtsEXTOAGuqps6IR75_Oyo&google_cver=1

Request Chain 85

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-8e6755b4-e2b1-4584-afd0-ce56ff576fe8

Request Chain 87

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YRK1ZJUeEe7n4-qlsS9xNQAA%261125?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YRK1ZJUeEe7n4-qlsS9xNQAA%261125?gdpr_consent=&us_privacy=&gdpr=1

Request Chain 88

https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=JA0asRErS4pwNbHrilKhOcJjaWM HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=JA0asRErS4pwNbHrilKhOcJjaWM&C=1

92 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set sodatramp7205 Show response
ask.fm/ 15 KB
6 KB 621ms
217ms Document
text/html 193.138.77.141
ASK-FM

General

Check archive.org

Show headers Download Go to

Full URL

https://ask.fm/sodatramp7205

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.138.77.141 , Latvia, ASN395754 (ASK-FM, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

cda44c81baaa0b34430e67c5bc3c6c9c4a4e200c83db9486a2bd1672298f8ef9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: ask.fm
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Status: 200 OK
Cache-Control: max-age=0, private, must-revalidate
ETag: W/"4f4d6b7620466738bdf56fd453aa361e"
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Date: Tue, 10 Aug 2021 17:20:28 GMT
Set-Cookie: locale=en; path=/; expires=Wed, 10 Aug 2022 23:20:28 -0000 uuid=3b152cf8-f6a0-497b-a59f-7a9f032a0d64; path=/; expires=Wed, 10 Aug 2022 23:20:28 -0000; secure; HttpOnly country=PL; path=/; expires=Wed, 10 Aug 2022 23:20:28 -0000 traffic_source=organic; path=/; expires=Thu, 12 Aug 2021 17:20:28 -0000 _m_ask_fm_session=SUw1MkNrU1k3emljL012YUcxQmFTRTZqVnpjZ3B4UlJCOVlFUjFsQnJlQ1VKSDhDcHBWZlo4dVB5Q3FwVnA5QlZrSjB4amN4Z0pQNzRFekJ1ODR3WXBjTSt3QWlIR1lIZUF4T0pNR0Q4QUpHNndGWnhMSzFWYWlYNVAxRm9XcG9VUXdSRzdsSlNBek15cXBuY3JVT2lLWVRwdHJENWh3SE9sTk1TdW5nYUtBVU4zTERXQThOaGFOak9laThPSDZjYjFjK3pYSHc5Q1pDd2xGeEw1MmRHNlFQbGM2VUhiaWMyZERWLzE3NWxZUFJTb0VERkN6dEptL29ZYmE4c254di0tbEx6emJ5UmR1ZFJ4SDJpSFZLTGxHQT09--8df1bb9fddb31e7b02daaf54716220f79880db74; path=/; expires=Fri, 13 Aug 2021 17:20:28 -0000; secure; HttpOnly
Server: Ask.FM Web Service
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security: max-age=63072000

GET
H2 200 application_ltr-4d11292337a744daa241ad119908bb989b3437648f64fd5074f0260cc6cd44c6.css
d3r6ceqp4shltl.cloudfront.net/assets/ 179 KB
39 KB 48ms
12ms Stylesheet
text/css 2600:9000:211e:2800:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-4d11292337a744daa241ad119908bb989b3437648f64fd5074f0260cc6cd44c6.css

Requested by

Host: ask.fm
URL: https://ask.fm/sodatramp7205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:2800:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

91bda5e2d381a6cf32cae9ff35027dd135e620acccfc1873295285f436e58808

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 13:05:54 GMT
content-encoding: gzip
age: 965674
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 39006
access-control-allow-origin: https://ask.fm
last-modified: Wed, 28 Jul 2021 10:28:25 GMT
server: Ask.FM Web Service
etag: "61013149-985e"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET
content-type: text/css
via: 1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: T89VI_2sBCuPRTBsWhCiAIZZDScEGV2Q9OOlqJtss2vSoGYbNVsrzg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js Show response
d3r6ceqp4shltl.cloudfront.net/assets/ 215 KB
68 KB 48ms
13ms Script
application/javascript 2600:9000:211e:2800:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js

Requested by

Host: ask.fm
URL: https://ask.fm/sodatramp7205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:2800:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 13:38:20 GMT
content-encoding: gzip
age: 6666128
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 68515
access-control-allow-origin: https://ask.fm
last-modified: Mon, 24 May 2021 13:24:40 GMT
server: Ask.FM Web Service
etag: "60aba918-10ba3"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: zWL25IvSXyPOXcMTDKwMDXDaE8y2Kpow73yTgP0eFJUBjowxVLR09A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 profile-bg-853324ad1cb1a0bbc62244f1854403cfe21ddb5bd45fd2595d018734c80daac7.png
d3r6ceqp4shltl.cloudfront.net/assets/ 24 KB
24 KB 14ms
14ms Image
image/png 2600:9000:211e:2800:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/profile-bg-853324ad1cb1a0bbc62244f1854403cfe21ddb5bd45fd2595d018734c80daac7.png

Requested by

Host: ask.fm
URL: https://ask.fm/sodatramp7205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:2800:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

853324ad1cb1a0bbc62244f1854403cfe21ddb5bd45fd2595d018734c80daac7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 00:53:40 GMT
via: 1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
age: 1441608
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 24239
last-modified: Wed, 27 Sep 2017 12:11:28 GMT
server: Ask.FM Web Service
etag: "59cb9570-5eaf"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: https://ask.fm
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: AKA9qQdkPnxmx7pHuKJkvku2k9cgdUMH6Hs5_eZc4eK7QE2hk2n0Ng==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 225 KB
72 KB 149ms
49ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

dc6045016d46e4682d7ca0c4669a05794699a50abe0bee108e2d16e747e00eea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 17:20:28 GMT
content-encoding: br
last-modified: Mon, 09 Aug 2021 14:22:52 GMT
etag: "611112b5-11dd4"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73172
expires: Tue, 10 Aug 2021 18:20:28 GMT

GET
H2 200 noAvatar-c233d6098087425dfeea8f690fd936de6b3cb2dc9fda991b0a5051169d334399.png
d3r6ceqp4shltl.cloudfront.net/assets/ 956 B
1 KB 12ms
12ms Image
image/png 2600:9000:211e:2800:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/noAvatar-c233d6098087425dfeea8f690fd936de6b3cb2dc9fda991b0a5051169d334399.png

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:2800:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

c233d6098087425dfeea8f690fd936de6b3cb2dc9fda991b0a5051169d334399

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 00:13:06 GMT
via: 1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
age: 1444042
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 956
last-modified: Wed, 06 Sep 2017 12:36:34 GMT
server: Ask.FM Web Service
etag: "59afebd2-3bc"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: https://ask.fm
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: v-YluFITXnBhdFH7fbMdvDUnezKMMgA6mQ0ZTHNRa7oj7SqsN8bF0A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fontello-4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316.woff2
d3r6ceqp4shltl.cloudfront.net/assets/ 17 KB
18 KB 40ms
14ms Font
application/font-woff2 2600:9000:211e:2800:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/fontello-4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316.woff2

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-4d11292337a744daa241ad119908bb989b3437648f64fd5074f0260cc6cd44c6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:2800:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Origin: https://ask.fm
Referer: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-4d11292337a744daa241ad119908bb989b3437648f64fd5074f0260cc6cd44c6.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 00:42:37 GMT
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin
age: 2997471
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000
content-length: 17880
last-modified: Thu, 29 Apr 2021 05:41:49 GMT
server: Ask.FM Web Service
etag: "608a471d-45d8"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: https://ask.fm
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: yj3frr6DcSTDXclCfe49o2BllBMxtIzcDRbNejao8yiAdfWglLLUuw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 proximanova-semibold-41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401.woff2
d3r6ceqp4shltl.cloudfront.net/assets/ 25 KB
25 KB 49ms
23ms Font
application/font-woff2 2600:9000:211e:2800:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/proximanova-semibold-41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401.woff2

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-4d11292337a744daa241ad119908bb989b3437648f64fd5074f0260cc6cd44c6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:2800:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Origin: https://ask.fm
Referer: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-4d11292337a744daa241ad119908bb989b3437648f64fd5074f0260cc6cd44c6.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Jul 2021 21:04:49 GMT
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin
age: 3183339
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000
content-length: 25400
last-modified: Wed, 06 Sep 2017 12:36:34 GMT
server: Ask.FM Web Service
etag: "59afebd2-6338"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: https://ask.fm
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 4wzxn96OwDT9pEU-YytlAkZjYLeqLyvLbgzuHMzoy1WPHoyNZgu6mA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 proximanovareg-98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f.woff2
d3r6ceqp4shltl.cloudfront.net/assets/ 51 KB
52 KB 52ms
26ms Font
application/font-woff2 2600:9000:211e:2800:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/proximanovareg-98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f.woff2

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-4d11292337a744daa241ad119908bb989b3437648f64fd5074f0260cc6cd44c6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:2800:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Origin: https://ask.fm
Referer: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-4d11292337a744daa241ad119908bb989b3437648f64fd5074f0260cc6cd44c6.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 00:59:21 GMT
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin
age: 1441266
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000
content-length: 52204
last-modified: Wed, 02 Aug 2017 08:00:22 GMT
server: Ask.FM Web Service
etag: "59818696-cbec"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: https://ask.fm
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: b1jumS7px7dgDi0FoAtf3QV1Onn2RL_2Dt82XIUgXsUDfEJeXgRaLA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9361.jYb_dbmJ4J-3erwjW9A-kljxPPF4qBDYgO_A4nnwsk9Vs0__wTCVMeHbVUKgCAJk.n4c1oxk7ZbShfBizeVRoHgprUDk%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9361.x4UqrKuzVPaxFs6LQdjDXZGIjfD6TeDidbY0pajPeJt4Z4LF_LY0zzjlVhxOTdEQ3GQg9HkjEmkKogq8wu7kdg%2C%2C.W0pTkTYoGsX0hRLQSKWPjNoNkoM%2C

75 B
75 B

53ms
52ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9361.x4UqrKuzVPaxFs6LQdjDXZGIjfD6TeDidbY0pajPeJt4Z4LF_LY0zzjlVhxOTdEQ3GQg9HkjEmkKogq8wu7kdg%2C%2C.W0pTkTYoGsX0hRLQSKWPjNoNkoM%2C

Requested by

Host: ask.fm
URL: https://ask.fm/sodatramp7205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 17:20:29 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9361.x4UqrKuzVPaxFs6LQdjDXZGIjfD6TeDidbY0pajPeJt4Z4LF_LY0zzjlVhxOTdEQ3GQg9HkjEmkKogq8wu7kdg%2C%2C.W0pTkTYoGsX0hRLQSKWPjNoNkoM%2C
date: Tue, 10 Aug 2021 17:20:29 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
183 B 50ms
49ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: ask.fm
URL: https://ask.fm/sodatramp7205

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 17:20:29 GMT
last-modified: Mon, 09 Aug 2021 13:26:46 GMT
etag: "611112b5-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 10 Aug 2021 18:20:29 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/48953915/
Redirect Chain

https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fsodatramp7205&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12vwkywz4p6qw9gg56%3Afp%3A922%3Afu%3A0%3Aen%3Autf-8%3...
https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fsodatramp7205&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12vwkywz4p6qw9gg56%3Afp%3A922%3Afu%3A0%3Aen%3Autf-8...

368 B
450 B

64ms
63ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fsodatramp7205&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12vwkywz4p6qw9gg56%3Afp%3A922%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A1%3Adp%3A0%3Als%3A186096430609%3Ahid%3A914903959%3Az%3A120%3Ai%3A202108010192029%3Aet%3A1628616029%3Ac%3A1%3Arn%3A926730893%3Au%3A16286160291013365627%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628616028058%3Ads%3A4%2C399%2C217%2C1%2C0%2C0%2C%2C104%2C118%2C%2C%2C%2C729%3Adsn%3A4%2C399%2C217%2C2%2C0%2C0%2C%2C105%2C117%2C%2C%2C%2C730%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628616029%3At%3Ajimenezagkhave%20%28%40sodatramp7205%29%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

d2ce0a478185596655ba4584d67729e8ef05ae90348d8dcc82a7e2efd1332f43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 17:20:29 GMT
x-content-type-options: nosniff
last-modified: Tue, 10-Aug-2021 17:20:29 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 368
x-xss-protection: 1; mode=block
expires: Tue, 10-Aug-2021 17:20:29 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Aug 2021 17:20:29 GMT
last-modified: Tue, 10-Aug-2021 17:20:29 GMT
location: /watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fsodatramp7205&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12vwkywz4p6qw9gg56%3Afp%3A922%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A1%3Adp%3A0%3Als%3A186096430609%3Ahid%3A914903959%3Az%3A120%3Ai%3A202108010192029%3Aet%3A1628616029%3Ac%3A1%3Arn%3A926730893%3Au%3A16286160291013365627%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628616028058%3Ads%3A4%2C399%2C217%2C1%2C0%2C0%2C%2C104%2C118%2C%2C%2C%2C729%3Adsn%3A4%2C399%2C217%2C2%2C0%2C0%2C%2C105%2C117%2C%2C%2C%2C730%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628616029%3At%3Ajimenezagkhave%20%28%40sodatramp7205%29%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm
strict-transport-security: max-age=31536000
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 10-Aug-2021 17:20:29 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8712bc705f2836ea4b8488d910fd4083ac54b78618b361564ce6115313b2bf6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ehadKinj50YNH0qfaMn0CA==
cross-origin-resource-policy: cross-origin
expires: Tue, 10 Aug 2021 17:27:36 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: JJK17VhgyiNLeJF4VL6Aunl3wDq/JnmmmtJoqJGJItDHDPNhFQyCDsE/Pd3Wm1wlwOKf7pf/6KQHM9jnXGlA9Q==
x-fb-trip-id: 686109401
x-fb-content-md5: 48e77de726b19661d4b8a1f96d5911e9
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
date: Tue, 10 Aug 2021 17:20:29 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "066e66f9e32c0ad896ad36f8f84b215c"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 90 KB
36 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NDJVZHZ

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

720d861e77aec34b224c189692043256bb16da50b71ded97fd3320fae1d94cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 17:20:29 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36247
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 16:05:12 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 Aug 2021 17:20:29 GMT

GET
H2 200 3eb3366e-65c3-4a24-90f5-0026136a4131.min.js Show response
cmp.optad360.io/items/ 2 B
360 B 62ms
15ms Script
application/javascript 2600:9000:206f:de00:6:b871:4f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.optad360.io/items/3eb3366e-65c3-4a24-90f5-0026136a4131.min.js
Requested by: Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:de00:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 17:20:13 GMT
via: 1.1 28ccbefb54459137bb0b0d946fd75e49.cloudfront.net (CloudFront)
last-modified: Wed, 28 Apr 2021 09:49:58 GMT
server: AmazonS3
age: 17
etag: "99914b932bd37a50b983c5e7c90ae93b"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 2
x-amz-cf-id: 64dEPIqVJgaZXVyaRDv3NvbIGmshnqy7OLst2sApMFggzu8hgtI9rQ==

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/ 274 KB
72 KB 50ms
15ms Script
application/javascript 2600:9000:206f:b000:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js
Requested by: Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:b000:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f56ad273e0204eb8d21346d7116686e717353c0864546a4e66a72b581e594a75

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 17:10:24 GMT
content-encoding: gzip
last-modified: Mon, 05 Jul 2021 07:03:23 GMT
server: AmazonS3
age: 606
etag: W/"5736885227fcd00664fbd8eea334a4cc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: oLZAs4Uwlp5BubPAssLVr23-snyS8Nn8VgrHysJk3Umrjmo58VjXtQ==

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 229 KB
67 KB 14ms
14ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=f17f1ff9fae1110366c5ede15268b8e7

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b0d93a04f1381949ac35ea8bceca9f4fee9a93699a061ea2a0f30431dd7a9dae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://ask.fm
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: etgK7agZ+pJYCVjGHHVFuA==
cross-origin-resource-policy: cross-origin
expires: Wed, 10 Aug 2022 15:44:09 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 68119
x-fb-rlafr: 0
x-fb-debug: yls8lYWjhawgFn+aZHqwd1jZ1rna7r9r0wy5OIQIl5fjE/YA3IB9t009FDfD0U6j9hv8r/epln4/tbowNgo5nw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
x-fb-content-md5: 04d4eb838f6cc7d6a3f04e45a0a94955
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 10 Aug 2021 17:20:29 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "6b9ee552f6dff3fc3d84c99c78aaee12"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=129215213762342&ev=fb_page_view&dl=https%3A%2F%2Fask.fm%2Fsodatramp7205&rl=&if=false&ts=1628616029290&sw=1600&sh=1200&at=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 17:20:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 10 Aug 2021 17:20:29 GMT

GET
H2 200 prebid4.39.0.js Show response
get.optad360.io/sf/ 492 KB
493 KB 13ms
12ms Script
application/javascript 2600:9000:206f:b000:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid4.39.0.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:b000:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 86a90b183aecfa70018125329bdc860971b2f20123c0f40e68bac0a1dcb58645

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 10:27:34 GMT
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified: Thu, 13 May 2021 10:44:35 GMT
server: AmazonS3
age: 3739976
etag: "e020700f5effdce1f4be56434553da72"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=360000000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 503605
x-amz-cf-id: 8v1UMzJfbVrHjLdvANhPKyYJoKzCEuLzDYfXHNyioBXQl6sjFzf8JA==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 6ms
6ms XHR
application/json 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210810

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

953d800488e5cd554eeed1f202d24203f31a4e753c5e354bd974ac993963f524

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 7739
x-jsd-version: 1.0.1065
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 955
etag: W/"6a1-KKkpsgRwxo73Ngq2igIVCMclHtw"
x-served-by: cache-fra19157-FRA
x-jsd-version-type: version
date: Tue, 10 Aug 2021 17:20:29 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK Cookie set conversion Show response
ask.fm/signup/ 10 KB
4 KB 150ms
150ms XHR
text/html 193.138.77.141
ASK-FM

General

Check archive.org

Show headers Download Go to

Full URL

https://ask.fm/signup/conversion

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.138.77.141 , Latvia, ASN395754 (ASK-FM, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

d2c3f1c6806615f5e438503a170eda120bb7538e4488624d0f803e3fdf2153cb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: ask.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: locale=en; uuid=3b152cf8-f6a0-497b-a59f-7a9f032a0d64; country=PL; traffic_source=organic; _m_ask_fm_session=SUw1MkNrU1k3emljL012YUcxQmFTRTZqVnpjZ3B4UlJCOVlFUjFsQnJlQ1VKSDhDcHBWZlo4dVB5Q3FwVnA5QlZrSjB4amN4Z0pQNzRFekJ1ODR3WXBjTSt3QWlIR1lIZUF4T0pNR0Q4QUpHNndGWnhMSzFWYWlYNVAxRm9XcG9VUXdSRzdsSlNBek15cXBuY3JVT2lLWVRwdHJENWh3SE9sTk1TdW5nYUtBVU4zTERXQThOaGFOak9laThPSDZjYjFjK3pYSHc5Q1pDd2xGeEw1MmRHNlFQbGM2VUhiaWMyZERWLzE3NWxZUFJTb0VERkN6dEptL29ZYmE4c254di0tbEx6emJ5UmR1ZFJ4SDJpSFZLTGxHQT09--8df1bb9fddb31e7b02daaf54716220f79880db74; _ym_uid=16286160291013365627; _ym_d=1628616029; _ym_isad=2; _ym_visorc=w
Connection: keep-alive
Referer: https://ask.fm/sodatramp7205
Accept: */*
Referer: https://ask.fm/sodatramp7205
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 17:20:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Ask.FM Web Service
ETag: W/"d336d64d69f4e8a0260ffa2e3991fd99"
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Status: 200 OK
Set-Cookie: locale=en; path=/; expires=Wed, 10 Aug 2022 23:20:31 -0000 tutm=utm_medium%3Dconversion_desktop_default_63; path=/; expires=Thu, 12 Aug 2021 17:20:31 -0000 _m_ask_fm_session=clRndjUwNXJsaUNVRUxZdXVHRDkyWit0dFNoSnU0Tno1SlIvdWVONUpYYUVNaE9mclM2OEZaSzFYMHFGR2RSMVg0S2pDVEJkcDhVYjFjaXZWcmV2RlI0TDUvaWtONWlzVTM1ZmxEdWRqV0dBUi9sN29WVkpCdWNiaFBOSERpWkFWZk5QQjkwYnhyMEFNYUJVcTFaeldqKzg0Y29TdmtKRlo3S1BBWFhBcWdqdnJZaGt5SjNqYXFqNzZNajBIM1FSS1hlZlhUT0c1NlljU3BPMDNlbXB2TkgwQnpvZi9HaTdRWGdUZmFadFRUa1dBY0h2WWtqRHpkajJReVdTWWtZbi9Hc1ptTlA3a1JLYUdmVGFjNDAyT1E9PS0tZXBxNmtQTEdOQk9MUCtrK3ZCY1d3Zz09--e788cd6b873fb3e85e4402638742ebfe6845f443; path=/; expires=Fri, 13 Aug 2021 17:20:31 -0000; secure; HttpOnly
Cache-Control: max-age=0, private, must-revalidate
Transfer-Encoding: chunked
Content-Security-Policy: frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security: max-age=63072000
X-XSS-Protection: 1; mode=block

GET
H2 200 button_app_store-3929e571584ac404ba32c11166c577244729dbd1e4189320e124126366224f08.png
d3r6ceqp4shltl.cloudfront.net/assets/ 2 KB
3 KB 13ms
13ms Image
image/png 2600:9000:211e:2800:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/button_app_store-3929e571584ac404ba32c11166c577244729dbd1e4189320e124126366224f08.png

Requested by

Host: ask.fm
URL: https://ask.fm/sodatramp7205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:2800:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

3929e571584ac404ba32c11166c577244729dbd1e4189320e124126366224f08

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:26:28 GMT
via: 1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
age: 2483643
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 2309
last-modified: Wed, 28 Oct 2020 11:38:17 GMT
server: Ask.FM Web Service
etag: "5f995829-905"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: https://ask.fm
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: s469Fnb5nUoXGgxTyGswRD6hiPMzGTv3uFq_YOiFBEfnNun44ttqlQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 button_google_play-467206f00105224e1a448a4ac9950cf1ad03988d92f95a03100b64c6feb17999.png
d3r6ceqp4shltl.cloudfront.net/assets/ 3 KB
4 KB 16ms
16ms Image
image/png 2600:9000:211e:2800:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/button_google_play-467206f00105224e1a448a4ac9950cf1ad03988d92f95a03100b64c6feb17999.png

Requested by

Host: ask.fm
URL: https://ask.fm/sodatramp7205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:2800:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

467206f00105224e1a448a4ac9950cf1ad03988d92f95a03100b64c6feb17999

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 11:14:52 GMT
via: 1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
age: 14364339
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 3404
last-modified: Wed, 28 Oct 2020 11:38:17 GMT
server: Ask.FM Web Service
etag: "5f995829-d4c"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: https://ask.fm
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-amz-cf-id: 9OM06QRrbW_lH7cgTr0tqAZKNSfgUrA6b-00QklmF1rtyyz1PieMmA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 48953915 Show response
mc.yandex.com/webvisor/ 43 B
145 B 147ms
146ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=914903959&page-url=https%3A%2F%2Fask.fm%2Fsodatramp7205&rn=653067880&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1628616032%3Aw%3A1600x1200%3Av%3A611%3Az%3A120%3Ai%3A202108010192031%3Au%3A16286160291013365627%3Avf%3A12vwkywz4p6qw9gg56%3Awe%3A1%3Ati%3A2%3Ast%3A1628616032

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 17:20:31 GMT
last-modified: Tue, 10-Aug-2021 17:20:31 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 10-Aug-2021 17:20:31 GMT

POST
H2 200 48953915 Show response
mc.yandex.com/webvisor/ 43 B
73 B 147ms
147ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=914903959&page-url=https%3A%2F%2Fask.fm%2Fsodatramp7205&rn=570163266&wv-type=5&browser-info=gdpr%3A14%3Aet%3A1628616032%3Aw%3A1600x1200%3Av%3A611%3Az%3A120%3Ai%3A202108010192031%3Au%3A16286160291013365627%3Avf%3A12vwkywz4p6qw9gg56%3Awe%3A1%3Ati%3A2%3Ast%3A1628616032

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 17:20:31 GMT
last-modified: Tue, 10-Aug-2021 17:20:31 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 10-Aug-2021 17:20:31 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 71ms
24ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1

Protocol

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://ask.fm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://ask.fm
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1533
date: Tue, 10 Aug 2021 17:20:32 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 optad360.js Show response
serving.stat-rock.com/player/ 304 KB
95 KB 189ms
64ms Script
application/javascript 78.140.185.30
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://serving.stat-rock.com/player/optad360.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.140.185.30 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: ap12.adplayer.pro
Software: nginx /
Resource Hash: 3ffd3c012ea6753cd0373b0c79c43ab8a1915dd112e15c821ea654e8b01739ed

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 17:20:32 GMT
content-encoding: gzip
last-modified: Fri, 18 Jun 2021 08:28:33 GMT
server: nginx
etag: W/"60cc5931-4beb9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=600

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1
https://mug.criteo.com/sid?cpp=JfK3A3xhUHJOUXZ2U3FMbnRFK0N5K2FhL1FCcGZaSDVFTlkyaTVrOGlRQytBSmUzK3QrMjZVT0IwaEtYa1l5dTIzclk4bXV5Q05HSVVHanpDWk9mb1AzRmphbFJTZFpYekMzOXppVEdWTWtDMHljb3B2WXEzOEVwcEsvQX...

328 B
591 B

171ms
58ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=JfK3A3xhUHJOUXZ2U3FMbnRFK0N5K2FhL1FCcGZaSDVFTlkyaTVrOGlRQytBSmUzK3QrMjZVT0IwaEtYa1l5dTIzclk4bXV5Q05HSVVHanpDWk9mb1AzRmphbFJTZFpYekMzOXppVEdWTWtDMHljb3B2WXEzOEVwcEsvQXB3WmdrZURpa2RtT2J2aXFFekN1dm9ha0NrYk9WM1NHVWIyRXl5bkgzOXBGcy95azJqaFZjUU1ld21oM1pqaERlbUN2M3NaRVhGaEptT2VoblRkV1R4L0NLMm9DU3g1cGZpSGdlUXZvWkdhTFNxRHdiVlJzPXw&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

127a25e00c62576b1015f9f8f77d4b21eec8c564716ab244502d5709772408c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 10 Aug 2021 17:20:31 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2585
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 10 Aug 2021 17:20:31 GMT
location: https://mug.criteo.com/sid?cpp=JfK3A3xhUHJOUXZ2U3FMbnRFK0N5K2FhL1FCcGZaSDVFTlkyaTVrOGlRQytBSmUzK3QrMjZVT0IwaEtYa1l5dTIzclk4bXV5Q05HSVVHanpDWk9mb1AzRmphbFJTZFpYekMzOXppVEdWTWtDMHljb3B2WXEzOEVwcEsvQXB3WmdrZURpa2RtT2J2aXFFekN1dm9ha0NrYk9WM1NHVWIyRXl5bkgzOXBGcy95azJqaFZjUU1ld21oM1pqaERlbUN2M3NaRVhGaEptT2VoblRkV1R4L0NLMm9DU3g1cGZpSGdlUXZvWkdhTFNxRHdiVlJzPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ask.fm
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1756
content-length: 482
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 260 B
1 KB 170ms
75ms XHR
application/json 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e4414ee5c8e92de5370206111f31b864df4b804c70aeffdf7d548b07f6019744

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 17:20:32 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 00caf0f0-6427-4b3c-9d56-9293096dde87
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 260
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 260 B
1 KB 249ms
155ms XHR
application/json 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

c29f91117e4b90d65c6c7bfc3a6df275164842a46db0eebbc7828b03582fec7f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 17:20:32 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: cc561187-c7b0-4b97-9e77-bff24c796b80
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 260
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 24 B
365 B 172ms
63ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=425272&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%227bcaf8c32e2ab4%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fask.fm%2Fsodatramp7205%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.39.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22854eab902d067a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22854eab902d067a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22750x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A750%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22854eab902d067a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b38e030a155a32549edddf77461271013b2d1c436f823caf3976edccfebcbdb7

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 17:20:32 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[PL], RC:[], CN:[EU], CIP:[194.99.105.99], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ask.fm
x-cs-client-geo: 09
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 44
x-ak-client-geo: 09
expires: Tue, 10 Aug 2021 17:20:32 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 10 B
449 B 193ms
98ms XHR
application/json 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTg2NTI1MyZ0cmFuc2FjdGlvbklkPTBmODNiNDFiLWI5MjQtNGVjZS1hZjU0LWY5ODFhNjQ0M2JlNyZyY3VyPVBMTg%3D%3D&bWlkPTgwMjYyMCZ0cmFuc2FjdGlvbklkPTcwOTI0MzQyLWM1ODctNGMxOC1iMTkyLWFhZjk4MTIxNjUzYiZyY3VyPVBMTg%3D%3D&pt=gross&stid=8f7aaf5a-986f-40be-bd5a-9a3ed1cf2ff5&gdpr=0&gdpr_consent=undefined&fd=1

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 17:20:32 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ask.fm
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 10
expires: -1

POST v2
i.connectad.io/api/ 0
0

POST
H2 200 c Show response
prebid.a-mo.net/a/ 861 B
778 B 445ms
160ms XHR
application/json 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: 9694ab03ee152ae51c0ba5b45fb7d5280ffa26e30f723eef5d298315fff81a19

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 10 Aug 2021 17:20:31 GMT
content-encoding: gzip
server: envoy
vary: origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ask.fm
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 25
content-length: 355

POST
H2 204 apacdex Show response
useast.quantumdex.io/auction/ 0
623 B 253ms
224ms XHR
text/plain 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/apacdex
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 10 Aug 2021 17:20:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://ask.fm
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dxmZn3hMKZXuDExRlQClVmCSTCti19m2u%2BPU5MlNMsGSi9d9oMQG8JVArBLoCDz3HtM4UitR9iuh%2F6ppeDoIGKLu23D4kWawW75m2hhzG2Vm%2FqKY5hPb%2BQJXrCgBqdFPmil9U2IPlyhseOBZutUfo%2B%2BA"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 67cae53b29d22c32-FRA

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
362 B 152ms
52ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://ask.fm
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 178ms
58ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 966
date: Tue, 10 Aug 2021 17:20:32 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 630 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK Cookie set sodatramp7205 Show response
ask.fm/ 15 KB
6 KB 205ms
204ms XHR
text/html 193.138.77.141
ASK-FM

General

Check archive.org

Show headers Download Go to

Full URL

https://ask.fm/sodatramp7205

Requested by

Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/optad360.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.138.77.141 , Latvia, ASN395754 (ASK-FM, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

f859a5ffa2d34673306ae06cdbf9e96cc4d763cc670c5d6c53c29d95bd06f943

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: ask.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://ask.fm/sodatramp7205
Cookie: locale=en; uuid=3b152cf8-f6a0-497b-a59f-7a9f032a0d64; country=PL; traffic_source=organic; _ym_uid=16286160291013365627; _ym_d=1628616029; _ym_isad=2; _ym_visorc=w; tutm=utm_medium%3Dconversion_desktop_default_63; _m_ask_fm_session=clRndjUwNXJsaUNVRUxZdXVHRDkyWit0dFNoSnU0Tno1SlIvdWVONUpYYUVNaE9mclM2OEZaSzFYMHFGR2RSMVg0S2pDVEJkcDhVYjFjaXZWcmV2RlI0TDUvaWtONWlzVTM1ZmxEdWRqV0dBUi9sN29WVkpCdWNiaFBOSERpWkFWZk5QQjkwYnhyMEFNYUJVcTFaeldqKzg0Y29TdmtKRlo3S1BBWFhBcWdqdnJZaGt5SjNqYXFqNzZNajBIM1FSS1hlZlhUT0c1NlljU3BPMDNlbXB2TkgwQnpvZi9HaTdRWGdUZmFadFRUa1dBY0h2WWtqRHpkajJReVdTWWtZbi9Hc1ptTlA3a1JLYUdmVGFjNDAyT1E9PS0tZXBxNmtQTEdOQk9MUCtrK3ZCY1d3Zz09--e788cd6b873fb3e85e4402638742ebfe6845f443; _pbjs_userid_consent_data=6683316680106290; cto_bidid=3A88rV82ZiUyQiUyQiUyRjRmMndPcDdVejJUVXJVU0tzRUs5cXBCUnNDVTZjbmdYUyUyQklxVEVTb0doanEwMzNaRmo0bmF0SHhDR2R5VXU2YVFXVlVlOEJ1VGlvWlNpN1BRJTNEJTNE; cto_bundle=7H-P2V9vdURzbjlvZWRKR1BwNzA1JTJCVGptcG9WN2ZKTEd1cEU4NmNxYUlKT0lNQTdYZjl2V1EwdVk2MzlXdllBcXVxcjF4aUtPNEUwOSUyQjBiZG52N0glMkY1bzhTRzJ0dXhROGc1ZkxsU29sZTVRUSUyRnlnJTNE
Connection: keep-alive
Referer: https://ask.fm/sodatramp7205
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 17:20:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Ask.FM Web Service
ETag: W/"f99d3f64f85143cbc919e4f01b9f1ec0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Status: 200 OK
Set-Cookie: locale=en; path=/; expires=Wed, 10 Aug 2022 23:20:33 -0000 _m_ask_fm_session=ek1Gd3BnWDlJemgxelA1TElOVXgzbHk4M29RWEgvRUthSFNBT3hUUjFkcWczYlZ1dTltVlVHRlNqYmdVb3lGTkZpV1Z3ZGJUYzE4MmN3MjdTZm8vV1RXSEJ2dm9hWFVseFhiNUJ6OXp0MjZ1bnZlN1k1eFpnWDN5TFVMLzd0ZE9YcnlsV0pRQWdxVTBJVlJTSlZ5bDIrTXhPWnorblBXQ2NJRzVhZXdkUGJVMElQa0NNbWNPQnBtM09WMC9qNFdOMkx4Y3M1TkRqWGVQajJodG1US3NqZG1sbU12RUV0WXI2Mlc1WFArWUtjZzdmTWsvSTlrZlpycXN0aDVrTWZIei0tRVJZMW1rVk15ejVKZ2ErTkU4SDgrZz09--db5664493bcd1a3db6f08f97df081c691741ee3c; path=/; expires=Fri, 13 Aug 2021 17:20:33 -0000; secure; HttpOnly
Cache-Control: max-age=0, private, must-revalidate
Transfer-Encoding: chunked
Content-Security-Policy: frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security: max-age=63072000
X-XSS-Protection: 1; mode=block

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
163 B 187ms
63ms Image
image/gif 78.140.185.30
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?id=1628616033081.6467&type=INIT&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fsodatramp7205&t=334&v=91&width=528&z=p%3Adf%3Bv%3AinView%3B&r=0.14910654284077274
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.140.185.30 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: ap12.adplayer.pro
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: https://ask.fm
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ask.fm
date: Tue, 10 Aug 2021 17:20:33 GMT
srvf: 78.140.185.30
server: nginx
srvb: 127.0.0.1:8082
content-length: 35
content-type: image/gif

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
162 B 187ms
63ms Image
image/gif 78.140.185.30
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?id=1628616033081.6467&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fsodatramp7205&t=341&v=91&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.2362055899747637
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.140.185.30 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: ap12.adplayer.pro
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: https://ask.fm
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ask.fm
date: Tue, 10 Aug 2021 17:20:33 GMT
srvf: 78.140.185.30
server: nginx
srvb: 127.0.0.1:8082
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK Cookie set sodatramp7205 Show response
ask.fm/ 15 KB
6 KB 207ms
206ms XHR
text/html 193.138.77.141
ASK-FM

General

Check archive.org

Show headers Download Go to

Full URL

https://ask.fm/sodatramp7205

Requested by

Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/optad360.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.138.77.141 , Latvia, ASN395754 (ASK-FM, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

1f1dc8878083c7176cdb99243679b9dada7335245dff0c7e383628ba1c1922c2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: ask.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://ask.fm/sodatramp7205
Cookie: locale=en; uuid=3b152cf8-f6a0-497b-a59f-7a9f032a0d64; country=PL; traffic_source=organic; _ym_uid=16286160291013365627; _ym_d=1628616029; _ym_isad=2; _ym_visorc=w; tutm=utm_medium%3Dconversion_desktop_default_63; _pbjs_userid_consent_data=6683316680106290; cto_bidid=3A88rV82ZiUyQiUyQiUyRjRmMndPcDdVejJUVXJVU0tzRUs5cXBCUnNDVTZjbmdYUyUyQklxVEVTb0doanEwMzNaRmo0bmF0SHhDR2R5VXU2YVFXVlVlOEJ1VGlvWlNpN1BRJTNEJTNE; cto_bundle=7H-P2V9vdURzbjlvZWRKR1BwNzA1JTJCVGptcG9WN2ZKTEd1cEU4NmNxYUlKT0lNQTdYZjl2V1EwdVk2MzlXdllBcXVxcjF4aUtPNEUwOSUyQjBiZG52N0glMkY1bzhTRzJ0dXhROGc1ZkxsU29sZTVRUSUyRnlnJTNE; _m_ask_fm_session=ek1Gd3BnWDlJemgxelA1TElOVXgzbHk4M29RWEgvRUthSFNBT3hUUjFkcWczYlZ1dTltVlVHRlNqYmdVb3lGTkZpV1Z3ZGJUYzE4MmN3MjdTZm8vV1RXSEJ2dm9hWFVseFhiNUJ6OXp0MjZ1bnZlN1k1eFpnWDN5TFVMLzd0ZE9YcnlsV0pRQWdxVTBJVlJTSlZ5bDIrTXhPWnorblBXQ2NJRzVhZXdkUGJVMElQa0NNbWNPQnBtM09WMC9qNFdOMkx4Y3M1TkRqWGVQajJodG1US3NqZG1sbU12RUV0WXI2Mlc1WFArWUtjZzdmTWsvSTlrZlpycXN0aDVrTWZIei0tRVJZMW1rVk15ejVKZ2ErTkU4SDgrZz09--db5664493bcd1a3db6f08f97df081c691741ee3c
Connection: keep-alive
Referer: https://ask.fm/sodatramp7205
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 17:20:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Ask.FM Web Service
ETag: W/"09426255868a0d7328735e580cdd089e"
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Status: 200 OK
Set-Cookie: locale=en; path=/; expires=Wed, 10 Aug 2022 23:20:33 -0000 _m_ask_fm_session=RERxRjk5M2xldGl1Zkdnb21nczdOdVArN1hsWnBjYWdWVzdsaUU4LzJPd1d3S1FXeTZEM21seDlkTXl2VnBFNzBRZklPeUVwV1ZqQlVhU2lvU1dTMGlzVGZzZU1NWXBzZnphWDNtTE9OZU5EczdlZy9TY2pwN2VkNHJZVStiaFA3Z2JBZXVoMEowRzZoUVZIMTVBNXZPSms4VWVINlZqMkUxUVF6Y0lQZlQzK2VDRXdscHpvL1lMaDQ4aEFjQkM2d2N0R1gzZHhsaDRlYTNnakowYzNIbUdac3lTQkN4Nm9IMmplczlPMlJ4Z1l1d0Y0dGVXRFFsdUlpS2tNTWZCTi0tcUI5OTVUMHNQQ2VFcWNVOVd4NHYyZz09--c7d58679893b4c4824b123933f28f9765291ffe1; path=/; expires=Fri, 13 Aug 2021 17:20:33 -0000; secure; HttpOnly
Cache-Control: max-age=0, private, must-revalidate
Transfer-Encoding: chunked
Content-Security-Policy: frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security: max-age=63072000
X-XSS-Protection: 1; mode=block

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
162 B 87ms
87ms Image
image/gif 78.140.185.30
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?d=1&id=1628616033081.6467&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fsodatramp7205&t=550&v=91&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.5145996850677841
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.140.185.30 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: ap12.adplayer.pro
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: https://ask.fm
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ask.fm
date: Tue, 10 Aug 2021 17:20:33 GMT
srvf: 78.140.185.30
server: nginx
srvb: 127.0.0.1:8082
content-length: 35
content-type: image/gif

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
162 B 64ms
64ms Image
image/gif 78.140.185.30
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?id=1628616033081.6467&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fsodatramp7205&t=759&v=91&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.03474812580351805
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.140.185.30 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: ap12.adplayer.pro
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: https://ask.fm
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ask.fm
date: Tue, 10 Aug 2021 17:20:33 GMT
srvf: 78.140.185.30
server: nginx
srvb: 127.0.0.1:8082
content-length: 35
content-type: image/gif

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
162 B 64ms
64ms Image
image/gif 78.140.185.30
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?d=1&id=1628616033081.6467&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fsodatramp7205&t=760&v=91&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.4615364063046494
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.140.185.30 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: ap12.adplayer.pro
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: https://ask.fm
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ask.fm
date: Tue, 10 Aug 2021 17:20:33 GMT
srvf: 78.140.185.30
server: nginx
srvb: 127.0.0.1:8082
content-length: 35
content-type: image/gif

POST
H2 200 48953915 Show response
mc.yandex.com/webvisor/ 43 B
176 B 147ms
50ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=2&wv-hit=914903959&page-url=https%3A%2F%2Fask.fm%2Fsodatramp7205&rn=919592147&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1628616034%3Aw%3A1600x1200%3Av%3A611%3Az%3A120%3Ai%3A202108010192033%3Au%3A16286160291013365627%3Avf%3A12vwkywz4p6qw9gg56%3Awe%3A1%3Ati%3A2%3Ast%3A1628616034

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 17:20:33 GMT
last-modified: Tue, 10-Aug-2021 17:20:33 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 10-Aug-2021 17:20:33 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame EC7A 52 KB
17 KB 223ms
92ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ask.fm/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ask.fm/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Wed, 11 Aug 2021 17:20:38 GMT
Date: Tue, 10 Aug 2021 17:20:36 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 apacdex Show response
sync.quantumdex.io/usersync/ Frame FDF3 3 KB
1 KB 139ms
130ms Document
text/html 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/apacdex
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 393b0ad88002a772a8bdec29bba4bb36183c0d03400b2c42c233df1069a7d8d7

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/apacdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ask.fm/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ask.fm/

Response headers

date: Tue, 10 Aug 2021 17:20:36 GMT
content-type: text/html
set-cookie: uid=cad472f2-1c31-4a91-9110-ed9bea65c0fe; expires=Mon, 30 Aug 2021 17:20:35 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ws%2F%2FuL%2FggBHCIhoisUmijXC9fQlKVYAhDkJMu5XGERwDSd3cc2jDaQe6qDEfaizdhLIFIjRQnEA2sGl9hwqN%2BLHUHL6%2B7yaHy%2FxL%2F7ny25VeJSplXYPIVtzNGvtYknmeoqh6FOG%2FRGqaH9%2FAUIc70g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 67cae5509c8b2c32-FRA
content-encoding: br

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 0FBC 2 KB
1 KB 193ms
64ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ask.fm/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ask.fm/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Tue, 10 Aug 2021 17:20:36 GMT
Connection: keep-alive

GET
H2 403 connectmyusers.php
cdn.connectad.io/ Frame 2DA0 0
0 22ms
17ms Document
text/html 2606:4700:10::ac43:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.connectad.io/connectmyusers.php?

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: cdn.connectad.io
:scheme: https
:path: /connectmyusers.php?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ask.fm/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ask.fm/

Response headers

date: Tue, 10 Aug 2021 17:20:35 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 67cae55098b4dfbb-FRA
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 9F30 2 KB
823 B 49ms
49ms Document
text/html 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1628616032633

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?cb=1628616032633
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ask.fm/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ask.fm/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2

204

setuid
prebid.a-mo.net/
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dedde863c-9d26-4173-babd-83539b100f29%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dedde863c-9d26-4173-babd-83539b100f29%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://prebid.a-mo.net/setuid?A=edde863c-9d26-4173-babd-83539b100f29&D=&bidder=sovrn&uid=01cea97b2e4de285b623be76

0
116 B

139ms
139ms

Image
text/plain

147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=edde863c-9d26-4173-babd-83539b100f29&D=&bidder=sovrn&uid=01cea97b2e4de285b623be76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 17:20:35 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 2
server: envoy
vary: Accept-Encoding

Redirect headers

Date: Tue, 10 Aug 2021 17:20:36 GMT
Server: nginx
Location: https://prebid.a-mo.net/setuid?A=edde863c-9d26-4173-babd-83539b100f29&D=&bidder=sovrn&uid=01cea97b2e4de285b623be76
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

204

verizon_video
prebid.a-mo.net/setuid/
Redirect Chain

https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=edde863c-9d26-4173-babd-83539b100f29
https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=edde863c-9d26-4173-babd-83539b100f29&verify=true
https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=edde863c-9d26-4173-babd-83539b100f29&apid=UP468b40da-f9ff-11eb-a33a-026f5c750c26
https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=edde863c-9d26-4173-babd-83539b100f29&apid=UP468b40da-f9ff-11eb-a33a-026f5c750c26&verify=true
https://prebid.a-mo.net/setuid/verizon_video?uid=UP468b40da-f9ff-11eb-a33a-026f5c750c26&gdpr=0&gdpr_consent=

0
150 B

141ms
141ms

Image
text/plain

147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid/verizon_video?uid=UP468b40da-f9ff-11eb-a33a-026f5c750c26&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 17:20:36 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 3
server: envoy
vary: Accept-Encoding

Redirect headers

Date: Tue, 10 Aug 2021 17:20:36 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://prebid.a-mo.net/setuid/verizon_video?uid=UP468b40da-f9ff-11eb-a33a-026f5c750c26&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H2

204

setuid
prebid.a-mo.net/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dedde863c-9d26-4173-babd-83539b100f29%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dedde863c-9d26-4173-babd-83539b100f29%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID
https://prebid.a-mo.net/setuid?A=edde863c-9d26-4173-babd-83539b100f29&D=&bidder=pubmatic&uid=B17C3646-C17F-47F5-A214-6804B2E9B0DF

0
121 B

139ms
139ms

Image
text/plain

147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=edde863c-9d26-4173-babd-83539b100f29&D=&bidder=pubmatic&uid=B17C3646-C17F-47F5-A214-6804B2E9B0DF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 17:20:35 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 2
server: envoy
vary: Accept-Encoding

Redirect headers

location: https://prebid.a-mo.net/setuid?A=edde863c-9d26-4173-babd-83539b100f29&D=&bidder=pubmatic&uid=B17C3646-C17F-47F5-A214-6804B2E9B0DF
date: Tue, 10 Aug 2021 17:20:36 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

204

setuid
prebid.a-mo.net/
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dedde863c-9d26-4173-babd-83539b100f29%26D%3D%26bidder%3Dindex_rtb%26uid%3D
https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dedde863c-9d26-4173-babd-83539b100f29%26D%3D%26bidder%3Dindex_rtb%26uid%3D&C=1
https://prebid.a-mo.net/setuid?A=edde863c-9d26-4173-babd-83539b100f29&D=&bidder=index_rtb&uid=YRK1ZBG316gTK-D41hB89wAA%261125

0
116 B

137ms
137ms

Image
text/plain

147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=edde863c-9d26-4173-babd-83539b100f29&D=&bidder=index_rtb&uid=YRK1ZBG316gTK-D41hB89wAA%261125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 17:20:35 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 2
server: envoy
vary: Accept-Encoding

Redirect headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 17:20:36 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://prebid.a-mo.net/setuid?A=edde863c-9d26-4173-babd-83539b100f29&D=&bidder=index_rtb&uid=YRK1ZBG316gTK-D41hB89wAA%261125
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 321
Expires: Tue, 10 Aug 2021 17:20:36 GMT

GET
H2

204

setuid
prebid.a-mo.net/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dedde863c-9d26-4173-babd-83539b100f29%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253Dedde863c-9d26-4173-babd-83539b100f29%2526D%253D%2526bidder%253Dappnexus%2526uid%253D%2524UID
https://prebid.a-mo.net/setuid?A=edde863c-9d26-4173-babd-83539b100f29&D=&bidder=appnexus&uid=8183877263797321952

0
154 B

138ms
137ms

Image
text/plain

147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=edde863c-9d26-4173-babd-83539b100f29&D=&bidder=appnexus&uid=8183877263797321952
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 17:20:35 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 2
server: envoy
vary: Accept-Encoding

Redirect headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 17:20:35 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: cd7b9b74-f091-41af-b8a2-6d1dccc5174a
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://prebid.a-mo.net/setuid?A=edde863c-9d26-4173-babd-83539b100f29&D=&bidder=appnexus&uid=8183877263797321952
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 /
onetag-sys.com/usync/ 0
52 B 49ms
48ms Image
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform

GET
H2

200

setuid
sync.quantumdex.io/ Frame FDF3
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8183877263797321952

43 B
338 B

129ms
129ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8183877263797321952
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 17:20:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zc29x%2BOu17eZnvBz9iGqYkIKRGvVWMY51EqRz45ieZoDvA%2FNGUWTCtT6J9KLEE93JZt2a6I2UOR%2BA5RvSZGfmKhOFltIK2iktiKyjXYWG1%2FULeHCYFM4q54ZiWFl0BvrkJ5eiluIs0mAn1cOEqGlOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 67cae551bf0a2c32-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 17:20:36 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 1a978d41-1384-44a2-ad94-eed53d3bbe06
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8183877263797321952
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame FDF3
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=3e2ee76c19f5ba56f7e9782c

43 B
330 B

127ms
127ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=3e2ee76c19f5ba56f7e9782c
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 17:20:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SL718J4048MXeqeGcOxAZKl0wM3hN87fxV21Rxz3a%2Ffje9JxXWasHlBmd9%2BchID9eSEoCWkOMvaPzPqvEXpVM3zR%2FyqU3IYsRsaOynksJKqRQevryRVdOk%2BR1nMiU1z8lyAO%2FXBkKYu4oXQ5YV%2B3Rw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 67cae55268a62c32-FRA
content-length: 43

Redirect headers

Date: Tue, 10 Aug 2021 17:20:36 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=3e2ee76c19f5ba56f7e9782c
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame FDF3
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-AJ3AokpE2uEPCYT0YlVncf3WO1Fqr5IB7U0wr7o-~A

43 B
483 B

131ms
130ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-AJ3AokpE2uEPCYT0YlVncf3WO1Fqr5IB7U0wr7o-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 17:20:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tCwJWDYlhrPndE8wxhtAObYVMZAPGqiPRJSAR%2F%2FRsW%2BfQMGNizn1W1wUv%2FI%2BoMcyxNrbOz3X%2BIbLRkfC2eLUYcAKkaUlxakflitByTOV2geMExkGrBdsj0la2csETR9M5GMaBt%2FVZtAAIuqEoaRCGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 67cae552d9a42c32-FRA
content-length: 43

Redirect headers

Date: Tue, 10 Aug 2021 17:20:36 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-AJ3AokpE2uEPCYT0YlVncf3WO1Fqr5IB7U0wr7o-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame FDF3
Redirect Chain

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=099dc741-99f5-40e2-bd8c-8ec85ba16186

43 B
324 B

133ms
132ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=099dc741-99f5-40e2-bd8c-8ec85ba16186
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 17:20:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=afsr5qDziaTyKZObbuJdUera3k7U7fu3g2Qream3p6O8WAAWDlrVr%2FlKl%2Bkt0Qi6yKo37FF4s0wqvCFkuY22i0YPc0CXN9BXfintqr0JCK6AQd76byUbq%2FLqAMruXlo%2Fbs63ngkOCELiDOCmWkTIkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 67cae55268952c32-FRA
content-length: 43

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=099dc741-99f5-40e2-bd8c-8ec85ba16186
date: Tue, 10 Aug 2021 17:20:36 GMT
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame FDF3
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=42f99442-cbff-4830-a896-7f2b2ed44e2d

43 B
328 B

128ms
128ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=42f99442-cbff-4830-a896-7f2b2ed44e2d
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 17:20:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w5W8ixlX%2FDEJBJYIYP5m5xvVTfCFNVSHypBHyvnxzBJzQmf79Y%2B9eO78WHfapdRjaVafjGgQVJlcDJo3YZ6WAYctUruRd8JmVOhUn7fQx42Mzi%2BcYRLao78XwNJrDIRwZaoh3mWM%2Bb5lr6x4uNv0RA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 67cae552a95c2c32-FRA
content-length: 43

Redirect headers

date: Tue, 10 Aug 2021 17:20:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aIXdJKqVEVQa7bxWbrjYAqqnT%2F2nUux95VHkNcNJeoiyeTBmkqPuSHEkR7pXKjNeI270%2BBbulclsCGqqDrkaiRHyd2hHzaa3aFWDYUW2LT3cANuUB5VZ4WFO8I%2B2V4GvhFe4WwFssVnel43S70Q%3D"}],"group":"cf-nel","max_age":604800}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=42f99442-cbff-4830-a896-7f2b2ed44e2d
cf-ray: 67cae5518e962c32-FRA
content-length: 0

GET
H/1.1

200

1.gif
id5-sync.com/c/495/0/0/ Frame FDF3
Redirect Chain

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

43 B
1 KB

54ms
54ms

Image
image/gif

54.36.109.48
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.48 , France, ASN16276 (OVH, FR),

Reverse DNS

p03.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 17:20:21 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

Location: https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date: Tue, 10 Aug 2021 17:20:21 GMT
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H2

200

setuid
sync.quantumdex.io/ Frame FDF3
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8183877263797321952

43 B
328 B

126ms
126ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8183877263797321952
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 17:20:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2F8X47NwVNenX0hd8WWtvTX7MFINPWuuZetxuuV%2FxouKuVddVKEBgTpki5c%2FfHr2OXFDEt8K9Xbgn6bbzqZmiNAV9xeZFLoyjpu7pOElJNkUhOSp1wEMzfOxCQ8s6JE0jpNlU1tfGBXFCoU%2FCqL4fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 67cae551df362c32-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 17:20:36 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0d7c85ee-412a-4221-a498-aa37a8b00dab
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8183877263797321952
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame FDF3 0
478 B 217ms
53ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 17:20:36 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame FDF3
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP468b40da-f9ff-11eb-a33a-026f5c750c26
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP468b40da-f9ff-11eb-a33a-026f5c750c26&verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP468b40da-f9ff-11eb-a33a-026f5c750c26

43 B
353 B

127ms
127ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP468b40da-f9ff-11eb-a33a-026f5c750c26
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 17:20:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KwGiaqZAOGSvxluLbsny%2BQzKbu%2Bo3M3g%2Bpi5CeR3SYTLh4CSnEJR%2F%2Fnpb953kjduL75nFpSvTldKEq4Ns8o24WvzkLIIIQN%2BKbi0Si8v8kOsW87XpVjCpgb71RGc9HiqQyNLKO7W2ib8YOsUjV9Fww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 67cae5533a712c32-FRA
content-length: 43

Redirect headers

Date: Tue, 10 Aug 2021 17:20:36 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP468b40da-f9ff-11eb-a33a-026f5c750c26
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame E862
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1

2 KB
3 KB

76ms
76ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 51e662bb2878b0ad5af6bbf2d282b777eb7e846db726449e36fc090f2596fcf6

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMPS=1155; CMPRO=1125; CMST=YRK1ZGEStWQA; CMID=YRK1ZJUeEe7n4-qlsS9xMAAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 230|45|241|39|81|5|156|196
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1670
Expires: Tue, 10 Aug 2021 17:20:36 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 10 Aug 2021 17:20:36 GMT
Connection: keep-alive
Set-Cookie: CMID=YRK1ZJUeEe7n4-qlsS9xMAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 10 Aug 2022 17:20:36 GMT CMPS=1155;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 08 Nov 2021 17:20:36 GMT CMPRO=1125;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 08 Nov 2021 17:20:36 GMT CMRUM3=2d6112b56405a0&f16112b56405a0&516112b56405a0&e66112b5642760&9c6112b56405a00&c46112b56405a0&056112b56405a0&276112b5640b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 10 Aug 2022 17:20:36 GMT

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Tue, 10 Aug 2021 17:20:36 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 10 Aug 2021 17:20:36 GMT
Connection: keep-alive
Set-Cookie: CMID=YRK1ZJUeEe7n4-qlsS9xMAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 10 Aug 2022 17:20:36 GMT CMPS=1155;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 08 Nov 2021 17:20:36 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame D3E5 2 KB
823 B 51ms
49ms Document
text/html 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame FC09 14 KB
5 KB 195ms
66ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=18758
expires: Tue, 10 Aug 2021 22:33:14 GMT
date: Tue, 10 Aug 2021 17:20:36 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame 1230 43 B
551 B 194ms
48ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Date: Tue, 10 Aug 2021 17:20:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s579|YRK1Z; path=/; domain=.go.sonobi.com

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 5853
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

77ms
77ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 53e34fa4ae9549328be54ae9227a7f9a3603a0262b3fa8c16565c42c6e9acdf0

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMPS=1155; CMPRO=1125; CMST=YRK1ZGEStWQA; CMID=YRK1ZJUeEe7n4-qlsS9xNQAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 230|39|241|45|195|206|221|123
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1884
Expires: Tue, 10 Aug 2021 17:20:36 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 10 Aug 2021 17:20:36 GMT
Connection: keep-alive
Set-Cookie: CMID=YRK1ZJUeEe7n4-qlsS9xNQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 10 Aug 2022 17:20:36 GMT CMPS=1155;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 08 Nov 2021 17:20:36 GMT CMPRO=1125;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 08 Nov 2021 17:20:36 GMT CMRUM3=7b6112b56405a00&ce6112b56405a0&e66112b5642760&f16112b56405a0&2d6112b56405a0&c36112b56405a00&276112b5640b40&dd6112b5642760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 10 Aug 2022 17:20:36 GMT

Redirect headers

Server: Apache
Content-Length: 329
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Tue, 10 Aug 2021 17:20:36 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 10 Aug 2021 17:20:36 GMT
Connection: keep-alive
Set-Cookie: CMID=YRK1ZJUeEe7n4-qlsS9xNQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 10 Aug 2022 17:20:36 GMT CMPS=1155;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 08 Nov 2021 17:20:36 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame EC7A 0
731 B 62ms
61ms Script
text/html 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 17:20:36 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5e5d2434-3f7a-4618-a298-1494eb48b8d3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame FC09 0
42 B 195ms
64ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=6646416&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 17:20:36 GMT
content-length: 0

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame E862
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YRK1ZJUeEe7n4_qlsS9xMAAABGUAAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YRK1ZJUeEe7n4_qlsS9xMAAABGUAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEA6iufqJUPa0jOnBwc3g3ew&google_cver=1

43 B
315 B

72ms
72ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEA6iufqJUPa0jOnBwc3g3ew&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 17:20:36 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 10 Aug 2021 17:20:36 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Aug 2021 17:20:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEA6iufqJUPa0jOnBwc3g3ew&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame E862
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YRK1ZJUeEe7n4-qlsS9xMAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELtsEXTOAGuqps6IR75_Oyo&google_cver=1

43 B
1 KB

74ms
74ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELtsEXTOAGuqps6IR75_Oyo&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 17:20:36 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 10 Aug 2021 17:20:36 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Aug 2021 17:20:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELtsEXTOAGuqps6IR75_Oyo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame E862
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRK1ZJUeEe7n4_qlsS9xMAAABGUAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRK1ZJUeEe7n4_qlsS9xMAAABGUAAAIB&dcc=t

43 B
645 B

138ms
138ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRK1ZJUeEe7n4_qlsS9xMAAABGUAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 17:20:36 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: QX7EWWDCA1MP5G1WHKDS
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 17:20:36 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: WH6KW6VHQ95XJPS1X32Z
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRK1ZJUeEe7n4_qlsS9xMAAABGUAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame E862 70 B
264 B 202ms
67ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YRK1ZJUeEe7n4-qlsS9xMAAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 17:20:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E862
Redirect Chain

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=qQE3RP0FMEKyBWUS-wkrRvpUMUKyB2BDqwWS8wvv

43 B
1013 B

212ms
75ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=qQE3RP0FMEKyBWUS-wkrRvpUMUKyB2BDqwWS8wvv
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 17:20:36 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 10 Aug 2021 17:20:36 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Aug 2021 17:20:36 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=qQE3RP0FMEKyBWUS-wkrRvpUMUKyB2BDqwWS8wvv
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 ix
ad4m.at/ad/sim/ Frame E862 0
0 36ms
18ms Image
text/html 2606:4700:3039::6815:c029
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c029 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame E862 35 B
380 B 542ms
135ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName: Track004-dc3
Pragma: no-cache
Date: Tue, 10 Aug 2021 17:19:39 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame E862
Redirect Chain

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

43 B
315 B

70ms
70ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 17:20:36 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 10 Aug 2021 17:20:36 GMT

Redirect headers

date: Tue, 10 Aug 2021 17:20:36 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H2 200 setuid
sync.quantumdex.io/ Frame E862 43 B
325 B 139ms
138ms Image
image/gif 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YRK1ZJUeEe7n4_qlsS9xMAAABGUAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 17:20:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJqkkTYSqZdtITwCBNK9YqbiWwnFAhquJvXlHomSUL%2FPIF2qMZvMND6YR6cOe2BWPI2gZ471EWTQrD55had0s45HweM%2FnWhhm6FFE5EsQpq725EkZLBPFNSkReD10FlTSu8zve5z6t6uH5NYQPbm8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 67cae5534a832c32-FRA
content-length: 43

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 5853
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YRK1ZJUeEe7n4_qlsS9xNQAABGUAAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YRK1ZJUeEe7n4_qlsS9xNQAABGUAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKgVHghnxMrTZSZSJE2VPvE&google_cver=1

43 B
315 B

70ms
70ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKgVHghnxMrTZSZSJE2VPvE&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 17:20:36 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 10 Aug 2021 17:20:36 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Aug 2021 17:20:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKgVHghnxMrTZSZSJE2VPvE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 5853 70 B
265 B 133ms
63ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YRK1ZJUeEe7n4-qlsS9xNQAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 17:20:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 5853
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRK1ZJUeEe7n4_qlsS9xNQAABGUAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRK1ZJUeEe7n4_qlsS9xNQAABGUAAAIB&dcc=t

43 B
645 B

139ms
138ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRK1ZJUeEe7n4_qlsS9xNQAABGUAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 17:20:36 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 69G3F0J1H3F06VWPS7MT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 17:20:36 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: FTH29VKWS6DJ6N2CFC78
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YRK1ZJUeEe7n4_qlsS9xNQAABGUAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 5853
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YRK1ZJUeEe7n4-qlsS9xNQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELtsEXTOAGuqps6IR75_Oyo&google_cver=1

43 B
1001 B

72ms
72ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELtsEXTOAGuqps6IR75_Oyo&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 17:20:36 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 10 Aug 2021 17:20:36 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Aug 2021 17:20:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELtsEXTOAGuqps6IR75_Oyo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 5853
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-8e6755b4-e2b1-4584-afd0-ce56ff576fe8

43 B
1 KB

77ms
77ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-8e6755b4-e2b1-4584-afd0-ce56ff576fe8
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 17:20:37 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 10 Aug 2021 17:20:37 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-8e6755b4-e2b1-4584-afd0-ce56ff576fe8
date: Tue, 10 Aug 2021 17:20:37 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H/1.1 204
No Content sync
ups.analytics.yahoo.com/ups/55940/ Frame 5853 0
234 B 51ms
50ms Image
text/plain 18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YRK1ZJUeEe7n4_qlsS9xNQAABGUAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 17:20:36 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

tpid=YRK1ZJUeEe7n4-qlsS9xNQAA%261125
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame 5853
Redirect Chain

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YRK1ZJUeEe7n4-qlsS9xNQAA%261125?gdpr_consent=&us_privacy=&gdpr=1
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YRK1ZJUeEe7n4-qlsS9xNQAA%261125?gdpr_consent=&us_privacy=&gdpr=1

49 B
738 B

78ms
78ms

Image
image/gif

52.30.14.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YRK1ZJUeEe7n4-qlsS9xNQAA%261125?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 17:20:36 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.12.164
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 10 Aug 2021 17:20:36 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YRK1ZJUeEe7n4-qlsS9xNQAA%261125?gdpr_consent=&us_privacy=&gdpr=1
cache-control: no-cache
x-server: 10.45.8.170
content-length: 0
expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5853
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=68
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=JA0asRErS4pwNbHrilKhOcJjaWM
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=JA0asRErS4pwNbHrilKhOcJjaWM&C=1

43 B
1014 B

315ms
315ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=JA0asRErS4pwNbHrilKhOcJjaWM&C=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 17:20:37 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 10 Aug 2021 17:20:37 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 17:20:37 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=JA0asRErS4pwNbHrilKhOcJjaWM&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 291
Expires: Tue, 10 Aug 2021 17:20:37 GMT

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 5853 43 B
425 B 65ms
64ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YRK1ZJUeEe7n4-qlsS9xNQAA%261125
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 17:20:36 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=2949
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 10 Aug 2021 18:09:45 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame EC7A 0
731 B 60ms
60ms Script
text/html 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 17:20:37 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 6d61cdf2-5e1c-4eb2-bc08-7f976dc4970e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 48953915 Show response
mc.yandex.com/webvisor/ 43 B
148 B 53ms
53ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=3&wv-hit=914903959&page-url=https%3A%2F%2Fask.fm%2Fsodatramp7205&rn=80356160&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1628616038%3Aw%3A1600x1200%3Av%3A611%3Az%3A120%3Ai%3A202108010192037%3Au%3A16286160291013365627%3Avf%3A12vwkywz4p6qw9gg56%3Awe%3A1%3Ati%3A2%3Ast%3A1628616038

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 17:20:37 GMT
last-modified: Tue, 10-Aug-2021 17:20:37 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 10-Aug-2021 17:20:37 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: i.connectad.io
URL: https://i.connectad.io/api/v2

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ask.fm/	1970-01-19 20:24:48	Name: _ym_isad Value: 2
.ask.fm/	1970-01-20 05:09:12	Name: _ym_d Value: 1628616029
.ask.fm/	1970-01-20 05:09:12	Name: _ym_uid Value: 16286160291013365627
ask.fm/	1970-01-19 20:27:55	Name: _m_ask_fm_session Value: SUw1MkNrU1k3emljL012YUcxQmFTRTZqVnpjZ3B4UlJCOVlFUjFsQnJlQ1VKSDhDcHBWZlo4dVB5Q3FwVnA5QlZrSjB4amN4Z0pQNzRFekJ1ODR3WXBjTSt3QWlIR1lIZUF4T0pNR0Q4QUpHNndGWnhMSzFWYWlYNVAxRm9XcG9VUXdSRzdsSlNBek15cXBuY3JVT2lLWVRwdHJENWh3SE9sTk1TdW5nYUtBVU4zTERXQThOaGFOak9laThPSDZjYjFjK3pYSHc5Q1pDd2xGeEw1MmRHNlFQbGM2VUhiaWMyZERWLzE3NWxZUFJTb0VERkN6dEptL29ZYmE4c254di0tbEx6emJ5UmR1ZFJ4SDJpSFZLTGxHQT09--8df1bb9fddb31e7b02daaf54716220f79880db74
ask.fm/	1970-01-20 05:09:33	Name: country Value: PL
ask.fm/	1970-01-20 05:09:33	Name: uuid Value: 3b152cf8-f6a0-497b-a59f-7a9f032a0d64
ask.fm/	1970-01-19 20:26:28	Name: traffic_source Value: organic
ask.fm/	1970-01-20 05:09:33	Name: locale Value: en

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ad4m.at
ads.pubmatic.com
adx.adform.net
ap.lijit.com
ask.fm
bcp.crwdcntrl.net
bttrack.com
cdn.connectad.io
cdn.jsdelivr.net
cm.g.doubleclick.net
cmp.optad360.io
connect.facebook.net
d3r6ceqp4shltl.cloudfront.net
dsum-sec.casalemedia.com
get.optad360.io
gu.dyntrk.com
gum.criteo.com
htlb.casalemedia.com
i.connectad.io
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
match.adsrvr.org
match.sharethrough.com
mc.yandex.com
mc.yandex.ru
ms.quantumdex.io
mug.criteo.com
nep.advangelists.com
onetag-sys.com
pixel.advertising.com
pixel.quantserve.com
prebid.a-mo.net
s.amazon-adsystem.com
serving.stat-rock.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
sync.go.sonobi.com
sync.quantumdex.io
sync.srv.stackadapt.com
ups.analytics.yahoo.com
useast.quantumdex.io
www.facebook.com
www.googletagmanager.com
i.connectad.io
142.250.186.66
147.75.38.124
178.162.133.149
178.250.2.146
18.156.0.31
18.197.99.6
185.33.221.52
185.64.190.78
185.64.190.80
192.132.33.46
193.138.77.141
2.18.232.130
2.18.233.180
2.18.234.21
209.54.177.54
23.37.38.181
2600:9000:206f:b000:11:a4de:2580:93a1
2600:9000:206f:de00:6:b871:4f00:93a1
2600:9000:211e:2800:11:3771:2e40:21
2606:4700:10::ac43:8ae
2606:4700:20::681a:34e
2606:4700:3039::6815:c029
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:82b::2008
2a02:2638::1c
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42:3::485
34.193.59.132
35.158.223.21
37.157.3.30
51.178.20.140
51.89.9.251
52.30.14.23
54.36.109.48
54.81.207.173
72.251.249.13
76.223.111.131
78.140.185.30
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127a25e00c62576b1015f9f8f77d4b21eec8c564716ab244502d5709772408c5
1f1dc8878083c7176cdb99243679b9dada7335245dff0c7e383628ba1c1922c2
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3929e571584ac404ba32c11166c577244729dbd1e4189320e124126366224f08
393b0ad88002a772a8bdec29bba4bb36183c0d03400b2c42c233df1069a7d8d7
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3ffd3c012ea6753cd0373b0c79c43ab8a1915dd112e15c821ea654e8b01739ed
41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
467206f00105224e1a448a4ac9950cf1ad03988d92f95a03100b64c6feb17999
4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316
51e662bb2878b0ad5af6bbf2d282b777eb7e846db726449e36fc090f2596fcf6
53e34fa4ae9549328be54ae9227a7f9a3603a0262b3fa8c16565c42c6e9acdf0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
720d861e77aec34b224c189692043256bb16da50b71ded97fd3320fae1d94cc7
78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
853324ad1cb1a0bbc62244f1854403cfe21ddb5bd45fd2595d018734c80daac7
86a90b183aecfa70018125329bdc860971b2f20123c0f40e68bac0a1dcb58645
8712bc705f2836ea4b8488d910fd4083ac54b78618b361564ce6115313b2bf6b
89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
91bda5e2d381a6cf32cae9ff35027dd135e620acccfc1873295285f436e58808
953d800488e5cd554eeed1f202d24203f31a4e753c5e354bd974ac993963f524
9694ab03ee152ae51c0ba5b45fb7d5280ffa26e30f723eef5d298315fff81a19
98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b0d93a04f1381949ac35ea8bceca9f4fee9a93699a061ea2a0f30431dd7a9dae
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b38e030a155a32549edddf77461271013b2d1c436f823caf3976edccfebcbdb7
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c233d6098087425dfeea8f690fd936de6b3cb2dc9fda991b0a5051169d334399
c29f91117e4b90d65c6c7bfc3a6df275164842a46db0eebbc7828b03582fec7f
cda44c81baaa0b34430e67c5bc3c6c9c4a4e200c83db9486a2bd1672298f8ef9
d2c3f1c6806615f5e438503a170eda120bb7538e4488624d0f803e3fdf2153cb
d2ce0a478185596655ba4584d67729e8ef05ae90348d8dcc82a7e2efd1332f43
dc6045016d46e4682d7ca0c4669a05794699a50abe0bee108e2d16e747e00eea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4414ee5c8e92de5370206111f31b864df4b804c70aeffdf7d548b07f6019744
f56ad273e0204eb8d21346d7116686e717353c0864546a4e66a72b581e594a75
f859a5ffa2d34673306ae06cdbf9e96cc4d763cc670c5d6c53c29d95bd06f943

ask.fm Open in urlscan Pro 193.138.77.141 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

92 Requests

99 %HTTPS

33 %IPv6

36 Domains

47 Subdomains

32 IPs

10 Countries

1150 kBTransfer

2273 kBSize

8 Cookies

11 Outgoing links

Redirected requests

92 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

ask.fm Open in urlscan Pro
193.138.77.141 Public Scan

Screenshot
Live screenshot

Full Image

92
Requests

99 %
HTTPS

33 %
IPv6

36
Domains

47
Subdomains

32
IPs

10
Countries

1150 kB
Transfer

2273 kB
Size

8
Cookies

92 HTTP transactions
1 data transactions