users.wefindfreedom.shop Open in urlscan Pro
178.32.225.161 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://users.wefindfreedom.shop/
Submission: On April 06 via automatic, source certstream-suspicious (April 6th 2023, 1:07:22 pm UTC) — Scanned from FR

Summary HTTP 150 Redirects Links 53 Behaviour Indicators

Summary

This website contacted 53 IPs in 9 countries across 44 domains to perform 150 HTTP transactions. The main IP is 178.32.225.161, located in France and belongs to OVH, FR. The main domain is users.wefindfreedom.shop.
TLS certificate: Issued by R3 on April 6th 2023. Valid for: 3 months.

This is the only time users.wefindfreedom.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	178.32.225.161 178.32.225.161	16276 (OVH) (OVH)
41	151.101.2.114 151.101.2.114	54113 (FASTLY) (FASTLY)
1	2600:9000:223... 2600:9000:223d:9c00:16:4f4c:d340:21	16509 (AMAZON-02) (AMAZON-02)
1	23.2.211.147 23.2.211.147	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	52.222.247.205 52.222.247.205	16509 (AMAZON-02) (AMAZON-02)
2	213.19.147.43 213.19.147.43	3356 (LEVEL3) (LEVEL3)
2	2603:c020:400... 2603:c020:400d:3000:f50:982a:7877:65bd	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
2	3.121.0.176 3.121.0.176	16509 (AMAZON-02) (AMAZON-02)
1 3	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2100	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	2620:100:a001... 2620:100:a001::18	19750 (AS-CRITEO) (AS-CRITEO)
1	81.17.55.113 81.17.55.113	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	198.148.27.134 198.148.27.134	19189 (PULSEPOINT) (PULSEPOINT)
1	69.166.1.9 69.166.1.9	27630 (AS-XFERNET) (AS-XFERNET)
1	52.51.163.12 52.51.163.12	16509 (AMAZON-02) (AMAZON-02)
1	104.18.25.185 104.18.25.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.66.151.117 3.66.151.117	16509 (AMAZON-02) (AMAZON-02)
1	3.64.122.52 3.64.122.52	16509 (AMAZON-02) (AMAZON-02)
2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	18.185.81.93 18.185.81.93	16509 (AMAZON-02) (AMAZON-02)
1	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
6	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
2	3.126.10.14 3.126.10.14	16509 (AMAZON-02) (AMAZON-02)
2	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
1 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.7.13 178.250.7.13	() ()
1	23.35.236.201 23.35.236.201	() ()
1	2606:2800:233... 2606:2800:233:f76:14f7:d635:25c4:c8d7	() ()
1	13.248.245.213 13.248.245.213	() ()
2	104.126.125.209 104.126.125.209	() ()
1	151.101.65.108 151.101.65.108	() ()
1	198.148.27.139 198.148.27.139	() ()
1	104.18.10.47 104.18.10.47	() ()
1 2	185.80.39.216 185.80.39.216	() ()
1	198.47.127.19 198.47.127.19	() ()
1	34.252.10.35 34.252.10.35	() ()
1	35.204.74.118 35.204.74.118	() ()
150	53

3 178.32.225.161 (France)

ASN16276 (OVH, FR)
PTR: ip161.ip-178-32-225.eu

users.wefindfreedom.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 151.101.2.114 (United States)

ASN54113 (FASTLY, US)

www.ask.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
parallax.askmediagroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223d:9c00:16:4f4c:d340:21 (United States)

ASN16509 (AMAZON-02, US)

ds8tuylnjknkd.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.2.211.147 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-2-211-147.deploy.static.akamaitechnologies.com

micro.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.247.205 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-247-205.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.43 (Castricum, Netherlands)

ASN3356 (LEVEL3, US)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2603:c020:400d:3000:f50:982a:7877:65bd (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

askmedia.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.0.176 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-0-176.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.85 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2100 (Singapore)

ASN41041 (VCLK-EU-SE, US)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.17.55.113 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.134 (New York, United States)

ASN19189 (PULSEPOINT, US)

bid.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.9 (United States)

ASN27630 (AS-XFERNET, US)

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.163.12 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-163-12.eu-west-1.compute.amazonaws.com

prebid.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.66.151.117 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-151-117.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.64.122.52 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-122-52.eu-central-1.compute.amazonaws.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

ask-media-group-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.81.93 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-81-93.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f57eb95add9c67446aeb61da9559c3da.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.10.14 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-10-14.eu-central-1.compute.amazonaws.com

prebid-a.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (None, )

ASN- ()

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.201 (None, )

ASN- ()

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:f76:14f7:d635:25c4:c8d7 (None, )

ASN- ()

ad-cdn.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (None, )

ASN- ()

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.126.125.209 (None, )

ASN- ()

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (None, )

ASN- ()

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (None, )

ASN- ()

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.47 (None, )

ASN- ()

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (None, ) 1 redirects

ASN- ()

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (None, )

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.10.35 (None, )

ASN- ()

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (None, )

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	ask.com www.ask.com — Cisco Umbrella Rank: 27041	840 KB
8	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 111 f57eb95add9c67446aeb61da9559c3da.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 145	40 KB
8	rubiconproject.com micro.rubiconproject.com — Cisco Umbrella Rank: 3210 prebid-server.rubiconproject.com — Cisco Umbrella Rank: 987 fastlane.rubiconproject.com — Cisco Umbrella Rank: 498 prebid-a.rubiconproject.com — Cisco Umbrella Rank: 2977 eus.rubiconproject.com token.rubiconproject.com Failed pixel.rubiconproject.com Failed	163 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	21 KB
4	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 748 gum.criteo.com — Cisco Umbrella Rank: 416 mug.criteo.com	8 KB
4	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 230 acdn.adnxs.com	20 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 201 stats.g.doubleclick.net — Cisco Umbrella Rank: 100 cm.g.doubleclick.net Failed	125 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 309 aax.amazon-adsystem.com — Cisco Umbrella Rank: 412 s.amazon-adsystem.com Failed aax-eu.amazon-adsystem.com Failed	59 KB
3	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 500 ads.pubmatic.com image6.pubmatic.com simage2.pubmatic.com Failed image2.pubmatic.com Failed	9 KB
3	casalemedia.com 1 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 526 ssum-sec.casalemedia.com dsum-sec.casalemedia.com Failed	4 KB
3	technoratimedia.com askmedia.technoratimedia.com — Cisco Umbrella Rank: 241216 ad-cdn.technoratimedia.com	8 KB
3	wefindfreedom.shop users.wefindfreedom.shop	21 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 670	58 KB
2	askmediagroup.com parallax.askmediagroup.com — Cisco Umbrella Rank: 213324	87 B
2	google.com adservice.google.com — Cisco Umbrella Rank: 90 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	openx.net ask-media-group-d.openx.net — Cisco Umbrella Rank: 210601 u.openx.net	475 B
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 541 eb2.3lift.com	668 B
2	contextweb.com bid.contextweb.com — Cisco Umbrella Rank: 2700 bh.contextweb.com	1 KB
2	unrulymedia.com targeting.unrulymedia.com — Cisco Umbrella Rank: 886	172 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	139 KB
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 1372	104 B
2	wp.com stats.wp.com — Cisco Umbrella Rank: 2973 pixel.wp.com — Cisco Umbrella Rank: 2697	3 KB
1	simpli.fi um.simpli.fi	612 B
1	crwdcntrl.net sync.crwdcntrl.net
1	indexww.com js-sec.indexww.com cdn.indexww.com Failed	2 KB
1	google.fr adservice.google.fr — Cisco Umbrella Rank: 32237	531 B
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1399	396 B
1	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 1123	164 B
1	bidswitch.net grid.bidswitch.net — Cisco Umbrella Rank: 978 x.bidswitch.net Failed	246 B
1	smaato.net prebid.ad.smaato.net — Cisco Umbrella Rank: 5221	333 B
1	sonobi.com apex.go.sonobi.com — Cisco Umbrella Rank: 1738	902 B
1	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1664	566 B
1	dotomi.com web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3075 casale-match.dotomi.com Failed	155 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 198	26 KB
1	cloudfront.net ds8tuylnjknkd.cloudfront.net	44 KB
0	rfihub.com Failed p.rfihub.com Failed
0	brand-display.com Failed dmp.brand-display.com Failed
0	yahoo.com Failed ups.analytics.yahoo.com Failed
0	adsrvr.org Failed match.adsrvr.org Failed
0	adform.net Failed c1.adform.net Failed
0	audrte.com Failed a.audrte.com Failed
0	weborama.fr Failed cr.frontend.weborama.fr Failed
0	quantserve.com Failed cms.quantserve.com Failed
0	de17a.com Failed d5p.de17a.com Failed
150	44

	Domain	Requested by
39	www.ask.com	users.wefindfreedom.shop www.ask.com
6	www.google-analytics.com	ds8tuylnjknkd.cloudfront.net users.wefindfreedom.shop
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	tpc.googlesyndication.com	ds8tuylnjknkd.cloudfront.net
3	ib.adnxs.com	1 redirects micro.rubiconproject.com acdn.adnxs.com
3	securepubads.g.doubleclick.net	ds8tuylnjknkd.cloudfront.net www.googletagservices.com securepubads.g.doubleclick.net
3	c.amazon-adsystem.com	users.wefindfreedom.shop c.amazon-adsystem.com
3	users.wefindfreedom.shop	users.wefindfreedom.shop www.ask.com
2	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com
2	eus.rubiconproject.com	ds8tuylnjknkd.cloudfront.net eus.rubiconproject.com
2	gum.criteo.com	1 redirects ds8tuylnjknkd.cloudfront.net
2	static.criteo.net	ds8tuylnjknkd.cloudfront.net static.criteo.net
2	parallax.askmediagroup.com	www.ask.com
2	prebid-a.rubiconproject.com	micro.rubiconproject.com
2	prebid-server.rubiconproject.com	micro.rubiconproject.com
2	askmedia.technoratimedia.com	micro.rubiconproject.com
2	targeting.unrulymedia.com	micro.rubiconproject.com
2	www.googletagmanager.com	ds8tuylnjknkd.cloudfront.net
2	i.clean.gg	ds8tuylnjknkd.cloudfront.net
1	um.simpli.fi	ads.pubmatic.com
1	sync.crwdcntrl.net	ads.pubmatic.com
1	image6.pubmatic.com	ads.pubmatic.com
1	js-sec.indexww.com	ds8tuylnjknkd.cloudfront.net
1	bh.contextweb.com	ds8tuylnjknkd.cloudfront.net
1	acdn.adnxs.com	ds8tuylnjknkd.cloudfront.net
1	u.openx.net	ds8tuylnjknkd.cloudfront.net
1	eb2.3lift.com	ds8tuylnjknkd.cloudfront.net
1	ad-cdn.technoratimedia.com	ds8tuylnjknkd.cloudfront.net
1	ads.pubmatic.com	ds8tuylnjknkd.cloudfront.net
1	mug.criteo.com
1	www.google.com	ds8tuylnjknkd.cloudfront.net
1	f57eb95add9c67446aeb61da9559c3da.safeframe.googlesyndication.com	ds8tuylnjknkd.cloudfront.net
1	adservice.google.com	ds8tuylnjknkd.cloudfront.net
1	adservice.google.fr	ds8tuylnjknkd.cloudfront.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	pixel.wp.com	users.wefindfreedom.shop
1	fastlane.rubiconproject.com	micro.rubiconproject.com
1	a.teads.tv	micro.rubiconproject.com
1	btlr.sharethrough.com	micro.rubiconproject.com
1	hbopenbid.pubmatic.com	micro.rubiconproject.com
1	ask-media-group-d.openx.net	micro.rubiconproject.com
1	grid.bidswitch.net	micro.rubiconproject.com
1	tlx.3lift.com	micro.rubiconproject.com
1	htlb.casalemedia.com	micro.rubiconproject.com
1	prebid.ad.smaato.net	micro.rubiconproject.com
1	apex.go.sonobi.com	micro.rubiconproject.com
1	bid.contextweb.com	micro.rubiconproject.com
1	prg.smartadserver.com	micro.rubiconproject.com
1	bidder.criteo.com	micro.rubiconproject.com
1	web.hb.ad.cpe.dotomi.com	micro.rubiconproject.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	stats.wp.com	users.wefindfreedom.shop
1	www.googletagservices.com	users.wefindfreedom.shop
1	micro.rubiconproject.com	users.wefindfreedom.shop
1	ds8tuylnjknkd.cloudfront.net	users.wefindfreedom.shop
0	cdn.indexww.com Failed	ssum-sec.casalemedia.com
0	p.rfihub.com Failed	ssum-sec.casalemedia.com
0	dmp.brand-display.com Failed	ssum-sec.casalemedia.com
0	casale-match.dotomi.com Failed	ssum-sec.casalemedia.com
0	ups.analytics.yahoo.com Failed	ssum-sec.casalemedia.com
0	dsum-sec.casalemedia.com Failed	ssum-sec.casalemedia.com
0	pixel.rubiconproject.com Failed
0	aax-eu.amazon-adsystem.com Failed
0	s.amazon-adsystem.com Failed	ssum-sec.casalemedia.com
0	token.rubiconproject.com Failed
0	match.adsrvr.org Failed	ads.pubmatic.com ssum-sec.casalemedia.com
0	c1.adform.net Failed	ads.pubmatic.com
0	image2.pubmatic.com Failed	ads.pubmatic.com
0	a.audrte.com Failed	ads.pubmatic.com
0	cr.frontend.weborama.fr Failed	ads.pubmatic.com
0	cm.g.doubleclick.net Failed	ads.pubmatic.com ssum-sec.casalemedia.com
0	cms.quantserve.com Failed	ads.pubmatic.com
0	simage2.pubmatic.com Failed	ads.pubmatic.com
0	d5p.de17a.com Failed	ads.pubmatic.com
0	x.bidswitch.net Failed
150	75

This site contains links to these domains. Also see Links.

Domain
www.ask.com
www.askmoney.com
www.thehealthfeed.com
www.reference.com
www.consumersearch.com
www.bloglines.com
www.facebook.com
twitter.com
www.instagram.com
help.askmediagroup.com

Subject Issuer	Validity	Valid
users.wefindfreedom.shop R3	`2023-04-06` - `2023-07-05`	3 months	crt.sh
*.about.ask.com GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-16` - `2024-01-17`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
i.clean.gg GTS CA 1D4	`2023-03-27` - `2023-06-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-09` - `2023-05-09`	a year	crt.sh
*.technoratimedia.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-15` - `2023-09-15`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-05-31` - `2023-07-02`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.contextweb.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-07` - `2023-05-08`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2022-12-06` - `2024-01-07`	a year	crt.sh
smaato.net Sectigo ECC Domain Validation Secure Server CA	`2022-09-19` - `2023-09-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-22` - `2023-06-21`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M01	`2023-02-10` - `2023-06-11`	4 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
teads.tv R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2022-12-13` - `2024-01-13`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://users.wefindfreedom.shop/
Frame ID: 764099233C531F109AF4AFD3ED05B3BC
Requests: 94 HTTP requests in this frame

Frame: https://f57eb95add9c67446aeb61da9559c3da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9E34B46525586864652BDDAB79F53CA3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7B73A67C20615492B528574BFE212FBE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5DFDD758F92B0170206F6AE78B2C83F2
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=users.wefindfreedom.shop
Frame ID: E447620E5BCA08BAF358A0D8690CFA2F
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161291
Frame ID: 5027688DBE017F62DBD8AC1713BE59BC
Requests: 11 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.31.0-PPI
Frame ID: 1FA47C3436BACED951DBBE8F59BBBEF2
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: CEDEE0AF49DE16AE03C3CC85CDF3952A
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 20BC4C10EFAC7923E609D6E1BF33B6DD
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: DC5AC469BDB77816F64C0B9C94B7BAD6
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0FACB51500B1A505AB4A81FC2B910DE5
Requests: 2 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch
Frame ID: 16BD21172BA6DF68073CAD914202569B
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 15761D8402AB770B42D3FDB34F93249E
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fusers.wefindfreedom.shop%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 6F43EFE4B2D205F07A969C5384C2268B
Requests: 10 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: CCF41C5D23D9B8A9F0EC309CA9CE24F0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:71d3642e-c40a-4100-9986-d7b713b1ca16&gdpr=0&gdpr_consent=
Frame ID: 7BD1DD18FF07A4502AEC19CD50FED6DA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 86B08A5275CA79786CED4ADE1BA3C09D
Requests: 1 HTTP requests in this frame

Frame: https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
Frame ID: 577E8C167118493A6FCC56ACC8ED4E66
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7058026853928816852&gdpr=0&gdpr_consent=
Frame ID: F09B5136C5B80213AB1E0381F17D093A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ask.com - What's Your Question?

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PerimeterX (Security) Expand

Overall confidence: 100%
Detected patterns

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

150
Requests

78 %
HTTPS

37 %
IPv6

44
Domains

75
Subdomains

53
IPs

9
Countries

1595 kB
Transfer

3651 kB
Size

18
Cookies

53 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ask.com/
Title: Site Logo

Search URL Search Domain Scan URL

URL: https://www.ask.com/tv-movies?qo=tv-movies
Title: TV & Movies

Search URL Search Domain Scan URL

URL: https://www.ask.com/tv-movies/awards-season?qo=awards-season
Title: Awards Season

Search URL Search Domain Scan URL

URL: https://www.ask.com/tv-movies/reviews?qo=reviews
Title: Reviews

Search URL Search Domain Scan URL

URL: https://www.ask.com/tv-movies/spotlight?qo=spotlight
Title: Spotlight

Search URL Search Domain Scan URL

URL: https://www.ask.com/tv-movies/streaming?qo=streaming
Title: Streaming

Search URL Search Domain Scan URL

URL: https://www.ask.com/news?qo=news
Title: News

Search URL Search Domain Scan URL

URL: https://www.ask.com/news/big-stories?qo=big-stories
Title: Big Stories

Search URL Search Domain Scan URL

URL: https://www.ask.com/news/tech-talk?qo=tech-talk
Title: Tech Talk

Search URL Search Domain Scan URL

URL: https://www.ask.com/news/trending?qo=trending
Title: Trending

Search URL Search Domain Scan URL

URL: https://www.ask.com/culture?qo=culture
Title: Culture

Search URL Search Domain Scan URL

URL: https://www.ask.com/culture/books?qo=books
Title: Books

Search URL Search Domain Scan URL

URL: https://www.ask.com/culture/music?qo=music
Title: Music

Search URL Search Domain Scan URL

URL: https://www.ask.com/culture/pop-culture?qo=pop-culture
Title: Pop Culture

Search URL Search Domain Scan URL

URL: https://www.ask.com/culture/video-games?qo=video-games
Title: Video Games

Search URL Search Domain Scan URL

URL: https://www.ask.com/lifestyle?qo=lifestyle
Title: Lifestyle

Search URL Search Domain Scan URL

URL: https://www.ask.com/lifestyle/celebrities?qo=celebrities
Title: Celebrities

Search URL Search Domain Scan URL

URL: https://www.ask.com/lifestyle/roundups?qo=roundups
Title: Roundups

Search URL Search Domain Scan URL

URL: https://www.ask.com/lifestyle/sports?qo=sports
Title: Sports

Search URL Search Domain Scan URL

URL: https://www.ask.com/lifestyle/travel?qo=travel
Title: Travel

Search URL Search Domain Scan URL

URL: https://www.askmoney.com/

Search URL Search Domain Scan URL

URL: https://www.thehealthfeed.com/

Search URL Search Domain Scan URL

URL: https://www.reference.com/

Search URL Search Domain Scan URL

URL: https://www.consumersearch.com/

Search URL Search Domain Scan URL

URL: https://www.ask.com/tv-movies/top-reasons-amazon-prime-video
Title: Image Thumbnail

Search URL Search Domain Scan URL

URL: https://www.bloglines.com/article/the-best-inexpensive-home-security-systems
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.ask.com%2F%23questions_of_day
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Which%20of%20these%20is%20a%20top%20home%20security%20company?&url=https%3A%2F%2Fwww.ask.com%2F%23questions_of_day
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.ask.com/lifestyle/hollywood-marriages-that-actually-lasted
Title: Lifestyle Longtime Lovebirds: 14 Inspiring Hollywood Relationships

Search URL Search Domain Scan URL

URL: https://www.ask.com/lifestyle/nfl-football-podcasts
Title: Lifestyle 8 NFL Podcasts for Football Fans

Search URL Search Domain Scan URL

URL: https://www.ask.com/tv-movies/best-documentaries-of-2022

Search URL Search Domain Scan URL

URL: https://www.ask.com/culture/best-podcasts-of-2022

Search URL Search Domain Scan URL

URL: https://www.ask.com/culture/must-play-survival-horror-games

Search URL Search Domain Scan URL

URL: https://www.ask.com/culture/best-e-reader-of-2022

Search URL Search Domain Scan URL

URL: https://www.ask.com/tv-movies/tegan-and-sara-high-school-review

Search URL Search Domain Scan URL

URL: https://www.ask.com/news/headspace-app-explainer

Search URL Search Domain Scan URL

URL: https://www.ask.com/tv-movies/films-capture-hispanic-american-experiences

Search URL Search Domain Scan URL

URL: https://www.ask.com/tv-movies/shows-that-depict-mental-illness-well

Search URL Search Domain Scan URL

URL: https://www.ask.com/culture/groundhog-day-history
Title: Culture What Is Groundhog Day — and Why Do We Care?

Search URL Search Domain Scan URL

URL: https://www.ask.com/culture/black-novelists-poets-must-read-works-shaped-literature
Title: Culture Contemporary Black Writers Whose Must-Read Works Are Shaping Today’s Literary Landscape

Search URL Search Domain Scan URL

URL: https://www.ask.com/culture/hello-im-johnny-cash-facts-about-the-man-in-black
Title: Culture “Hello, I’m Johnny Cash”: Facts About the Man In Black

Search URL Search Domain Scan URL

URL: https://www.ask.com/news/will-puerto-rico-become-a-state
Title: News Will Puerto Rico Become A State?

Search URL Search Domain Scan URL

URL: https://www.ask.com/culture/the-most-anticipated-albums-of-2023-so-far
Title: Culture The Most Anticipated Albums of 2023 – So Far

Search URL Search Domain Scan URL

URL: https://www.ask.com/lifestyle/how-can-i-watch-super-bowl-lvii
Title: Lifestyle How Can I Watch Super Bowl LVII?

Search URL Search Domain Scan URL

URL: https://www.ask.com/culture/weird-nft-crypto-moments
Title: Culture Blockchain Cities and Forbidden Cubes: 6 Times Crypto and NFTs Got Really, Really Weird

Search URL Search Domain Scan URL

URL: https://www.ask.com/lifestyle/photos-new-york
Title: Lifestyle Photographs of New York: Transport Yourself to the Big Apple in 10 Snapshots

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Askdotcom
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/AskDotCom
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/askdotcom/
Title: instagram

Search URL Search Domain Scan URL

URL: https://www.ask.com/about?qo=footerLinks
Title: About

Search URL Search Domain Scan URL

URL: https://help.askmediagroup.com/hc/en-us?domain=users.wefindfreedom.shop&u=1598447398.1680786436
Title: Help

Search URL Search Domain Scan URL

URL: https://www.ask.com/privacy?qo=footerLinks
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.ask.com/terms?qo=footerLinks
Title: Terms of Service

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 104

https://gum.criteo.com/sid/json?origin=publishertag&domain=wefindfreedom.shop&sn=ChromeSyncframe&so=0&topUrl=users.wefindfreedom.shop&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=aHryh3wyM3BBZnBvNzlnVnRYNVAwTEJKQnNXM05LdElyUXBoK25ZbTkyUDU4eU9zeS9QbnJ1NytBeWIwc1JmVHlWa3VaY0QwejVWWDRNMys0UHczZjU4bFVvdjRyMkRhbkg5NWRhNGZKTStUOUVidkxrZTVJd05HYi9PdXNyVDZjL0VFZ3IrWlpya0R0eW1SekxrSlhwSlVaYWtJNDU0MlJNYjU5ZGVQTVA1UzkyVmp4M1REYXQ4SXVOV0grcU1oVlRIdzRLMWhJbzE0OUIyQjRDVDVVSW5Kbms2dnBJUmNxSHhFRUJPODBpbDFYaDN4aDhrWFJKbEhyUmlvTFhiS1g5UXNHWldUWi9CdWFyNWtzQzdUZFNlaU5MZFg4RitYcVNOclorRXpTMTNnTTJ6bz18&cppv=2

Request Chain 113

https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dthemediagrid%26bsw_param%3D4242bcaa-d57b-4c04-9dd6-a217c54dd656&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=80&user_id=7f8b642e-c40a-4f00-82ff-ba86bc1572c0&expires=30&ssp=themediagrid&bsw_param=4242bcaa-d57b-4c04-9dd6-a217c54dd656&gdpr=&gdpr_consent=

Request Chain 114

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 116

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fusers.wefindfreedom.shop%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fusers.wefindfreedom.shop%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 119

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:71d3642e-c40a-4100-9986-d7b713b1ca16&gdpr=0&gdpr_consent=

Request Chain 120

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 122

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7058026853928816852&gdpr=0&gdpr_consent=

Request Chain 125

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3496521552

Request Chain 127

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MENCNERGNzctMEI4My00MUQwLTlDMjAtREVGOERFMDM1QjQ3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 128

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENP8YY5uV18b4cHryMAyL5M&google_cver=1

Request Chain 139

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEE9lZ7-bHZvsKBp7mEHOdbc&google_cver=1

150 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
users.wefindfreedom.shop/ 95 KB
21 KB 251ms
183ms Document
text/html 178.32.225.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://users.wefindfreedom.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.32.225.161 , France, ASN16276 (OVH, FR),

Reverse DNS

ip161.ip-178-32-225.eu

Software

nginx/1.22.1 /

Resource Hash

89939cc6d812a358c0c8f29c0306e6ae0fb5567e4ccb61ca56e24a7065dd94ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 629
cache-control: private, max-age=0, proxy-revalidate, no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 20081
content-security-policy: frame-ancestors 'none'
content-type: text/html; charset=UTF-8
date: Thu, 06 Apr 2023 13:07:14 GMT
expires: Sat, 08 Oct 2022 12:22:31 GMT
fastly-restarts: 1
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://www.ask.com/wp-json/>; rel="https://api.w.org/" <https://www.ask.com/wp-json/wp/v2/pages/150197>; rel="alternate"; type="application/json" <https://www.ask.com/>; rel=shortlink
pragma: no-cache
rtss: 2-13-161
server: nginx/1.22.1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: hit, MISS
x-cache-hits: 0
x-frame-options: DENY
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
x-rq: lhr4
x-served-by: cache-cdg20787-CDG

GET
H2 200 /
www.ask.com/_static/ 108 KB
16 KB 212ms
141ms Stylesheet
text/css 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ask.com/_static/??-eJyNjkEKwjAQRS9kOg2CrYviWaaTQadOYsmkSG5vXAgVXLh8/Pfgw3N1kki3wAZkBkGswKwPujuVOWOuYKUqd1FS14QD7IvFIHIQZOXIqXzBqlg5O+UrUv0vb9uef0fvl6RoJuTKrYn28S5x8qexH47en4cXQjdQlw==

Requested by

Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

521456997880d55855fed0fce6e1110f9b5f4c911bab32f33b559eb253cfb8ee

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:07:14 GMT
content-encoding: gzip
content-security-policy: frame-ancestors 'none'
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
strict-transport-security: max-age=31536000
age: 54410
x-cache: hit, MISS
rtss: 2-13-18
fastly-restarts: 1
content-length: 15610
x-served-by: cache-cdg20788-CDG
x-rq: lhr4
last-modified: Wed, 05 Apr 2023 21:46:37 GMT
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 /
www.ask.com/_static/ 218 KB
37 KB 192ms
121ms Stylesheet
text/css 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ask.com/_static/??-eJyFjlsOgjAQRTfk0AdG9MO4llLHin3QMEOMuxcqJhpN+L33njMj7hlsnxgTixxG1yUShnzEc2fAtdCG3vo5ImQSlr7byzChy6aayo34o4uGGAcw0cEr+rQVww/KV4xYToGWWgviR8DV1ao2jvB+6oacjfWgVHUoxBLMzCke1W4vm1o22/oJ9wxokw==

Requested by

Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d92391651c0491a811ca6e8ce8d073ca50a58c2fbdeff42cac9375cc2d95f140

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:07:14 GMT
content-encoding: gzip
content-security-policy: frame-ancestors 'none'
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
strict-transport-security: max-age=31536000
age: 54410
x-cache: hit, MISS
rtss: 2-13-161
fastly-restarts: 1
content-length: 37409
x-served-by: cache-cdg20788-CDG
x-rq: lhr4
last-modified: Wed, 05 Apr 2023 21:39:03 GMT
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 script.js Show response
ds8tuylnjknkd.cloudfront.net/ 124 KB
44 KB 120ms
32ms Script
application/javascript 2600:9000:223d:9c00:16:4f4c:d340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ds8tuylnjknkd.cloudfront.net/script.js?ver=6.1.1
Requested by: Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:9c00:16:4f4c:d340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab380aa38b1c733a369cc7d12f8443ad80831cb683cc362a8dbc340700fd6f87

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: A4sgllEe5EX1z3fxB7Ut115JDEmoPBrv
content-encoding: gzip
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
date: Thu, 06 Apr 2023 13:02:43 GMT
last-modified: Thu, 06 Apr 2023 10:35:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 271
x-amz-server-side-encryption: AES256
etag: W/"93fe7fc52aee87f85fa90e5142412bb1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600,public,must-revalidate
x-amz-cf-id: _vsS376XG2i56OnwsgrCvLqPMd1I9T4yXPel3WLhDObKV60EqjMtqQ==

GET
H2 200 / Show response
www.ask.com/_static/ 112 KB
38 KB 194ms
124ms Script
application/javascript 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ask.com/_static/??-eJx9jMEKwkAMRH/INC6C1YP4LaGGkKWJ62bX0r+3qAdPwsCD4c3gUkB9mvuNA/OWR+e6fjGY+pBjh/8kMJVKjX/l6e6NvWGZu6gHGkXjCmQCnwopgtv7rJAwPJUXENr2V7uk42k/HlI6j/kFvFY6GQ==

Requested by

Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

21cccc8fea94a86c191cd41060d5b6d9302821b7c3dcb5bc14792288bac2b258

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:07:14 GMT
content-encoding: gzip
content-security-policy: frame-ancestors 'none'
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
strict-transport-security: max-age=31536000
age: 54410
x-cache: hit, MISS
rtss: 2-13-44
fastly-restarts: 1
content-length: 38348
x-served-by: cache-cdg20788-CDG
x-rq: lhr4
last-modified: Wed, 05 Apr 2023 21:46:37 GMT
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 8941.js Show response
micro.rubiconproject.com/prebid/dynamic/ 538 KB
151 KB 111ms
30ms Script
text/javascript 23.2.211.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://micro.rubiconproject.com/prebid/dynamic/8941.js?ver=1.0.0
Requested by: Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.2.211.147 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-2-211-147.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cbfb8aee274b4fd8bf965693eb6a94de09b9b7af97aaffa18306535b4d5b8002

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:07:14 GMT
content-encoding: gzip
last-modified: Thu, 19 Jan 2023 21:39:37 GMT
server: Apache
vary: accept-encoding, referer
edge-cache-tag: prod-prebid-8941_US_CA_Group1.js
content-type: text/javascript
cache-control: public, must-revalidate, max-age=14400
content-length: 153790
expires: Fri, 07 Apr 2023 07:32:53 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 77 KB
26 KB 162ms
70ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js?ver=1.0.0

Requested by

Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dfeec9ed4b15a00f1c737dca0d2f0169a17d8d15609646e67fa4ac26cac967e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:07:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25655
x-xss-protection: 0
server: cafe
etag: 818 / 19453 / m202303300101 / config-hash: 10004049301988528966
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 13:07:14 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 224 KB
55 KB 119ms
33ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js?ver=1.0.0
Requested by: Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5056f93d2315caf4c9d3a9c6a47f7b7ecbb29d2544909b9b1f296f6ab17e6b29

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 12:12:17 GMT
content-encoding: gzip
via: 1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront), 1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront)
last-modified: Wed, 05 Apr 2023 20:18:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 3299
x-amz-server-side-encryption: AES256
etag: W/"f3bdba5d8011fb0ade3d89050f53abe7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: TLV21Ym6QnPt7XZse30HJpp8vM6iOKF0kdHKk_yLbGUDwBjeTFGSqQ==

GET
H2 200 site-logo.svg
www.ask.com/wp-content/themes/ask-2022/assets/images/ 8 KB
4 KB 45ms
45ms Image
image/svg+xml 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ask.com/wp-content/themes/ask-2022/assets/images/site-logo.svg

Requested by

Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0b3ea9b150cca3644176f60aff78a6f54b41a63a92e05efab7edf99d120fc9a7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 06 Apr 2023 13:07:15 GMT
content-encoding: gzip
content-security-policy: frame-ancestors 'none'
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
strict-transport-security: max-age=31536000
age: 190
x-cache: hit, MISS
rtss: 2-13-18
content-length: 3707
x-served-by: cache-cdg20788-CDG
x-rq: lhr4
last-modified: Mon, 13 Mar 2023 13:33:15 GMT
x-timer: S1680786435.491232,VS0,VE19
etag: W/"640f261b-1f2d"
vary: X-Mobile-Class, Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Apr 2024 13:07:15 GMT

GET
H2 200 ask-money.svg
www.ask.com/wp-content/uploads/sites/3/2022/05/ 14 KB
7 KB 53ms
53ms Image
image/svg+xml 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ask.com/wp-content/uploads/sites/3/2022/05/ask-money.svg

Requested by

Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3f96d9b1f23b1550c3c38e9f8d6022718a25971e3957ac304ac6bde6374ff238

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 06 Apr 2023 13:07:15 GMT
content-encoding: gzip
content-security-policy: frame-ancestors 'none'
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
strict-transport-security: max-age=31536000
x-cache: HIT, MISS
rtss: 2-13-18
x-served-by: cache-cdg20788-CDG
x-rq: lhr4 109 198 443
last-modified: Wed, 18 May 2022 05:50:39 GMT
x-timer: S1680786436.542901,VS0,VE20
etag: W/"172641ecfd1ba625"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
expires: Thu, 18 May 2023 05:52:28 GMT

GET
H2 200 sf-svg.svg
www.ask.com/wp-content/uploads/sites/3/2022/10/ 4 KB
3 KB 65ms
64ms Image
image/svg+xml 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ask.com/wp-content/uploads/sites/3/2022/10/sf-svg.svg

Requested by

Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d95e5dda15f3aa037c751de4327ec7a0cd7c1b47e20f4cd8c4f72bb606d7d10a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 06 Apr 2023 13:07:15 GMT
content-encoding: gzip
content-security-policy: frame-ancestors 'none'
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
strict-transport-security: max-age=31536000
x-cache: HIT, MISS
rtss: 2-13-18
x-served-by: cache-cdg20788-CDG
x-rq: lhr4 109 144 443
last-modified: Mon, 31 Oct 2022 06:26:42 GMT
x-timer: S1680786436.608126,VS0,VE22
etag: W/"0981f628d8583b6c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
expires: Tue, 31 Oct 2023 06:28:38 GMT

GET
H2 200 ref.svg
www.ask.com/wp-content/uploads/sites/3/2022/05/ 16 KB
7 KB 56ms
53ms Image
image/svg+xml 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ask.com/wp-content/uploads/sites/3/2022/05/ref.svg

Requested by

Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7b0b827e47592c243203328f1db86de6e25351f3c0bb2f2bfd2fe38d056aff52

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 06 Apr 2023 13:07:15 GMT
content-encoding: gzip
content-security-policy: frame-ancestors 'none'
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
strict-transport-security: max-age=31536000
x-cache: HIT, MISS
rtss: 2-13-18
x-served-by: cache-cdg20788-CDG
x-rq: lhr4 109 196 443
last-modified: Wed, 18 May 2022 05:50:46 GMT
x-timer: S1680786436.675948,VS0,VE20
etag: W/"fb51e9cf943d67b0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
expires: Thu, 18 May 2023 05:52:28 GMT

GET
H2 200 cs.svg
www.ask.com/wp-content/uploads/sites/3/2022/05/ 19 KB
8 KB 52ms
51ms Image
image/svg+xml 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ask.com/wp-content/uploads/sites/3/2022/05/cs.svg

Requested by

Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d567651ab435a32cd8a15341024837915c6b6c6f9939a1a1945e0fc4efea0f61

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 06 Apr 2023 13:07:15 GMT
content-encoding: gzip
content-security-policy: frame-ancestors 'none'
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
strict-transport-security: max-age=31536000
x-cache: HIT, MISS
rtss: 2-13-18
x-served-by: cache-cdg20788-CDG
x-rq: lhr4 109 83 443
last-modified: Wed, 18 May 2022 05:50:43 GMT
x-timer: S1680786436.724270,VS0,VE19
etag: W/"71f336c4870ff8f2"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
expires: Thu, 18 May 2023 05:52:28 GMT

GET
H2 200 iStock-1353378923.jpg
www.ask.com/wp-content/uploads/sites/3/2023/02/ 106 KB
106 KB 43ms
42ms Image
image/webp 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ask.com/wp-content/uploads/sites/3/2023/02/iStock-1353378923.jpg

Requested by

Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c1f676248bf63bd46503108e517f1151c7aa0653dafe65efd68d351b3c4d4750

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 06 Apr 2023 13:07:15 GMT
content-security-policy: frame-ancestors 'none'
strict-transport-security: max-age=31536000
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
x-cache: HIT, MISS
rtss: 2-13-18
content-length: 108420
x-served-by: cache-cdg20788-CDG
x-rq: lhr4 109 27 443
last-modified: Fri, 17 Feb 2023 21:05:42 GMT
x-timer: S1680786436.747288,VS0,VE19
etag: "a8e2aed943a7d62b"
vary: Accept
x-frame-options: DENY
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 21:05:42 GMT

GET
H2 200 / Show response
www.ask.com/_static/ 66 KB
17 KB 86ms
86ms Script
application/javascript 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ask.com/_static/??-eJydj8sKAjEMRX/IGltE6UL8FAlD7KS2mdLEx+c74k4XMm4v5xy4cG9umMRIDFq5JhaFimrUHdbk3hOgKplCVjj3GV5nXcFCsWHHUvDxj1sxCRuddOjcTD8TNlIlnfmLC5sQXobgjRMaT/IL/r52rAe/28cQvd/G/ATcVGoe

Requested by

Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d428ed4d0176fd522f7e70ce795fb03b5e277e027e730dcba39f37be33c2b01e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:07:15 GMT
content-encoding: gzip
content-security-policy: frame-ancestors 'none'
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
strict-transport-security: max-age=31536000
age: 77603
x-cache: hit, MISS
rtss: 2-13-18
fastly-restarts: 1
content-length: 16780
x-served-by: cache-cdg20788-CDG
x-rq: lhr4
last-modified: Mon, 20 Mar 2023 05:45:49 GMT
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 e-202314.js Show response
stats.wp.com/ 9 KB
3 KB 122ms
18ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202314.js
Requested by: Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc: HIT cdg
date: Thu, 06 Apr 2023 13:07:15 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 01 Apr 2024 02:43:19 GMT

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 103ms
102ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: ds8tuylnjknkd.cloudfront.net
URL: https://ds8tuylnjknkd.cloudfront.net/script.js?ver=6.1.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://users.wefindfreedom.shop/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 06 Apr 2023 13:07:15 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 159ms
99ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://users.wefindfreedom.shop
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Thu, 06 Apr 2023 13:07:15 GMT
server: nginx/1.21.6
via: 1.1 google

GET
H2 200 get-header-variable Show response
www.ask.com/wp-json/amg/v2/ 38 B
1 KB 434ms
388ms XHR
application/json 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ask.com/wp-json/amg/v2/get-header-variable

Requested by

Host: www.ask.com
URL: https://www.ask.com/_static/??-eJx9jMEKwkAMRH/INC6C1YP4LaGGkKWJ62bX0r+3qAdPwsCD4c3gUkB9mvuNA/OWR+e6fjGY+pBjh/8kMJVKjX/l6e6NvWGZu6gHGkXjCmQCnwopgtv7rJAwPJUXENr2V7uk42k/HlI6j/kFvFY6GQ==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

345a17546f92b21289d0c70b850878314163e789e59a735ed878671eb6e4ee57

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 06 Apr 2023 13:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
strict-transport-security: max-age=31536000
age: 0
x-cache: miss, MISS
rtss: 2-13-164
fastly-restarts: 1
content-length: 58
x-served-by: cache-cdg20754-CDG
pragma: no-cache
x-rq: lhr4
x-frame-options: DENY
allow: GET
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://users.wefindfreedom.shop
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: must-revalidate, proxy-revalidate, max-age=0, no-cache
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
x-robots-tag: noindex
link: <https://www.ask.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
expires: Sat, 08 Oct 2022 12:23:57 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/ 397 KB
123 KB 142ms
33ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Requested by

Host: ds8tuylnjknkd.cloudfront.net
URL: https://ds8tuylnjknkd.cloudfront.net/script.js?ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

991fe33155584583fa75319093a543a4f074e91a7db90ab8b6fbb2f39aa1023d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://users.wefindfreedom.shop/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 06 Apr 2023 11:14:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6780
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125910
x-xss-protection: 0
server: cafe
etag: 14470834828239977126
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 05 Apr 2024 11:14:15 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 46 B
587 B 179ms
72ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=users.wefindfreedom.shop

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d66c9c18626a264294a03e880ab22ed8b172a9c4dc0513271f3540662672b4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:07:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45
x-xss-protection: 0
expires: Thu, 06 Apr 2023 13:07:15 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 292 KB
81 KB 168ms
54ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KMFC6W2

Requested by

Host: ds8tuylnjknkd.cloudfront.net
URL: https://ds8tuylnjknkd.cloudfront.net/script.js?ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f6a414a28c79444c3503197f92a8bf24b9dcd73701d4da8b020b6dba2ca9c728

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:07:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82684
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 06 Apr 2023 13:07:15 GMT

GET
H2 200 chevron-thin.svg
www.ask.com/wp-content/themes/ask-2022/assets/images/ 170 B
718 B 84ms
83ms Image
image/svg+xml 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ask.com/wp-content/themes/ask-2022/assets/images/chevron-thin.svg

Requested by

Host: www.ask.com
URL: https://www.ask.com/_static/??-eJyFjlsOgjAQRTfk0AdG9MO4llLHin3QMEOMuxcqJhpN+L33njMj7hlsnxgTixxG1yUShnzEc2fAtdCG3vo5ImQSlr7byzChy6aayo34o4uGGAcw0cEr+rQVww/KV4xYToGWWgviR8DV1ao2jvB+6oacjfWgVHUoxBLMzCke1W4vm1o22/oJ9wxokw==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b249948785a88546dfcec58f815c274126c8b2522b705f5aaf0b066c7ce681bd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ask.com/_static/??-eJyFjlsOgjAQRTfk0AdG9MO4llLHin3QMEOMuxcqJhpN+L33njMj7hlsnxgTixxG1yUShnzEc2fAtdCG3vo5ImQSlr7byzChy6aayo34o4uGGAcw0cEr+rQVww/KV4xYToGWWgviR8DV1ao2jvB+6oacjfWgVHUoxBLMzCke1W4vm1o22/oJ9wxokw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 06 Apr 2023 13:07:15 GMT
content-encoding: gzip
content-security-policy: frame-ancestors 'none'
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
strict-transport-security: max-age=31536000
age: 179
x-cache: hit, MISS
rtss: 2-13-18
content-length: 156
x-served-by: cache-cdg20788-CDG
x-rq: lhr4
last-modified: Mon, 13 Mar 2023 13:33:15 GMT
x-timer: S1680786436.870817,VS0,VE22
etag: "640f261b-aa-gzip"
vary: X-Mobile-Class,Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Apr 2024 13:07:15 GMT

GET
H2 200 tooltip.svg
www.ask.com/wp-content/themes/ask-2022/assets/images/ 651 B
674 B 84ms
84ms Image
image/svg+xml 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ask.com/wp-content/themes/ask-2022/assets/images/tooltip.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e8eaae534598d47473449cbb5fd8d4a91f4c625081e5202da0e15db59b1cac7c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ask.com/_static/??-eJyFjlsOgjAQRTfk0AdG9MO4llLHin3QMEOMuxcqJhpN+L33njMj7hlsnxgTixxG1yUShnzEc2fAtdCG3vo5ImQSlr7byzChy6aayo34o4uGGAcw0cEr+rQVww/KV4xYToGWWgviR8DV1ao2jvB+6oacjfWgVHUoxBLMzCke1W4vm1o22/oJ9wxokw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 06 Apr 2023 13:07:15 GMT
content-encoding: gzip
content-security-policy: frame-ancestors 'none'
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
strict-transport-security: max-age=31536000
age: 179
x-cache: hit, MISS
rtss: 2-13-44
content-length: 417
x-served-by: cache-cdg20788-CDG
x-rq: lhr4
last-modified: Mon, 13 Mar 2023 13:33:15 GMT
x-timer: S1680786436.871017,VS0,VE24
etag: W/"640f261b-28b"
vary: X-Mobile-Class, Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Apr 2024 13:07:15 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
www.ask.com/wp-content/themes/ask-2022/assets/fonts/ 15 KB
16 KB 121ms
119ms Font
application/font-woff2 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ask.com/wp-content/themes/ask-2022/assets/fonts/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

Referer: https://www.ask.com/_static/??-eJyFjlsOgjAQRTfk0AdG9MO4llLHin3QMEOMuxcqJhpN+L33njMj7hlsnxgTixxG1yUShnzEc2fAtdCG3vo5ImQSlr7byzChy6aayo34o4uGGAcw0cEr+rQVww/KV4xYToGWWgviR8DV1ao2jvB+6oacjfWgVHUoxBLMzCke1W4vm1o22/oJ9wxokw==
Origin: https://users.wefindfreedom.shop
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Fri, 05 Apr 2024 13:07:15 GMT
date: Thu, 06 Apr 2023 13:07:15 GMT
content-encoding: gzip
content-security-policy: frame-ancestors 'none'
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
strict-transport-security: max-age=31536000
age: 7
x-cache: hit, MISS
rtss: 2-13-68
content-length: 15711
x-served-by: cache-cdg20754-CDG
x-rq: lhr4
last-modified: Mon, 13 Mar 2023 13:33:15 GMT
x-timer: S1680786436.870976,VS0,VE63
etag: W/"640f261b-3d48"
vary: X-Mobile-Class
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000
x-frame-options: DENY
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
www.ask.com/wp-content/themes/ask-2022/assets/fonts/ 15 KB
16 KB 78ms
77ms Font
application/font-woff2 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ask.com/wp-content/themes/ask-2022/assets/fonts/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

Referer: https://www.ask.com/_static/??-eJyFjlsOgjAQRTfk0AdG9MO4llLHin3QMEOMuxcqJhpN+L33njMj7hlsnxgTixxG1yUShnzEc2fAtdCG3vo5ImQSlr7byzChy6aayo34o4uGGAcw0cEr+rQVww/KV4xYToGWWgviR8DV1ao2jvB+6oacjfWgVHUoxBLMzCke1W4vm1o22/oJ9wxokw==
Origin: https://users.wefindfreedom.shop
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Fri, 05 Apr 2024 13:07:15 GMT
date: Thu, 06 Apr 2023 13:07:15 GMT
content-encoding: gzip
content-security-policy: frame-ancestors 'none'
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
strict-transport-security: max-age=31536000
age: 7
x-cache: hit, MISS
rtss: 2-13-164
content-length: 15743
x-served-by: cache-cdg20754-CDG
x-rq: lhr4
last-modified: Mon, 13 Mar 2023 13:33:15 GMT
x-timer: S1680786436.870967,VS0,VE22
etag: W/"640f261b-3d68"
vary: X-Mobile-Class
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000
x-frame-options: DENY
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 RobotoCondensed-Bold.woff2
www.ask.com/wp-content/themes/ask-2022/assets/fonts/ 64 KB
64 KB 128ms
126ms Font
application/font-woff2 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ask.com/wp-content/themes/ask-2022/assets/fonts/RobotoCondensed-Bold.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4c294eb370e855b72fc34c1c8a50001ffe93653542d4d87d47bd8328ceb00558

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

Referer: https://www.ask.com/_static/??-eJyFjlsOgjAQRTfk0AdG9MO4llLHin3QMEOMuxcqJhpN+L33njMj7hlsnxgTixxG1yUShnzEc2fAtdCG3vo5ImQSlr7byzChy6aayo34o4uGGAcw0cEr+rQVww/KV4xYToGWWgviR8DV1ao2jvB+6oacjfWgVHUoxBLMzCke1W4vm1o22/oJ9wxokw==
Origin: https://users.wefindfreedom.shop
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Fri, 05 Apr 2024 13:07:15 GMT
date: Thu, 06 Apr 2023 13:07:15 GMT
content-encoding: gzip
content-security-policy: frame-ancestors 'none'
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
strict-transport-security: max-age=31536000
age: 226
x-cache: hit, MISS
rtss: 2-13-68
content-length: 65614
x-served-by: cache-cdg20754-CDG
x-rq: lhr4
last-modified: Mon, 13 Mar 2023 13:33:15 GMT
x-timer: S1680786436.872486,VS0,VE64
etag: W/"640f261b-100c8"
vary: X-Mobile-Class
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000
x-frame-options: DENY
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 subset-Oswald-Regular.woff2
www.ask.com/wp-content/themes/ask-2022/assets/fonts/ 17 KB
17 KB 118ms
117ms Font
application/font-woff2 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ask.com/wp-content/themes/ask-2022/assets/fonts/subset-Oswald-Regular.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

23b645615a0ebe4470f6653f88ab141fe7dfc44f60647797da24673c529c92bd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

Referer: https://www.ask.com/_static/??-eJyFjlsOgjAQRTfk0AdG9MO4llLHin3QMEOMuxcqJhpN+L33njMj7hlsnxgTixxG1yUShnzEc2fAtdCG3vo5ImQSlr7byzChy6aayo34o4uGGAcw0cEr+rQVww/KV4xYToGWWgviR8DV1ao2jvB+6oacjfWgVHUoxBLMzCke1W4vm1o22/oJ9wxokw==
Origin: https://users.wefindfreedom.shop
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Fri, 05 Apr 2024 13:07:15 GMT
date: Thu, 06 Apr 2023 13:07:15 GMT
content-encoding: gzip
content-security-policy: frame-ancestors 'none'
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
strict-transport-security: max-age=31536000
age: 226
x-cache: hit, MISS
rtss: 2-13-13
content-length: 17076
x-served-by: cache-cdg20754-CDG
x-rq: lhr4
last-modified: Mon, 13 Mar 2023 13:33:15 GMT
x-timer: S1680786436.872486,VS0,VE61
etag: W/"640f261b-4298"
vary: X-Mobile-Class
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000
x-frame-options: DENY
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 subset-Oswald-Medium.woff2
www.ask.com/wp-content/themes/ask-2022/assets/fonts/ 17 KB
17 KB 142ms
141ms Font
application/font-woff2 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ask.com/wp-content/themes/ask-2022/assets/fonts/subset-Oswald-Medium.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

638ecb2ff7e389f441b39af208f02d3056b8ff03fd7d3c1de4636cd9d89c6ba6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

Referer: https://www.ask.com/_static/??-eJyFjlsOgjAQRTfk0AdG9MO4llLHin3QMEOMuxcqJhpN+L33njMj7hlsnxgTixxG1yUShnzEc2fAtdCG3vo5ImQSlr7byzChy6aayo34o4uGGAcw0cEr+rQVww/KV4xYToGWWgviR8DV1ao2jvB+6oacjfWgVHUoxBLMzCke1W4vm1o22/oJ9wxokw==
Origin: https://users.wefindfreedom.shop
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Fri, 05 Apr 2024 13:07:15 GMT
date: Thu, 06 Apr 2023 13:07:15 GMT
content-encoding: gzip
content-security-policy: frame-ancestors 'none'
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
strict-transport-security: max-age=31536000
age: 226
x-cache: hit, MISS
rtss: 2-13-68
content-length: 17520
x-served-by: cache-cdg20754-CDG
x-rq: lhr4
last-modified: Mon, 13 Mar 2023 13:33:15 GMT
x-timer: S1680786436.872449,VS0,VE64
etag: W/"640f261b-4454"
vary: X-Mobile-Class
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000
x-frame-options: DENY
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 KFOkCnqEu92Fr1MmgVxIIzI.woff2
www.ask.com/wp-content/themes/ask-2022/assets/fonts/ 15 KB
16 KB 121ms
121ms Font
application/font-woff2 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ask.com/wp-content/themes/ask-2022/assets/fonts/KFOkCnqEu92Fr1MmgVxIIzI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

22482584aeaa7b1d74de072793246c65e38b402ac231f38bb0d9102802543230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

Referer: https://www.ask.com/_static/??-eJyFjlsOgjAQRTfk0AdG9MO4llLHin3QMEOMuxcqJhpN+L33njMj7hlsnxgTixxG1yUShnzEc2fAtdCG3vo5ImQSlr7byzChy6aayo34o4uGGAcw0cEr+rQVww/KV4xYToGWWgviR8DV1ao2jvB+6oacjfWgVHUoxBLMzCke1W4vm1o22/oJ9wxokw==
Origin: https://users.wefindfreedom.shop
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Fri, 05 Apr 2024 13:07:15 GMT
date: Thu, 06 Apr 2023 13:07:15 GMT
content-encoding: gzip
content-security-policy: frame-ancestors 'none'
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
strict-transport-security: max-age=31536000
age: 53
x-cache: hit, MISS
rtss: 2-13-68
content-length: 15735
x-served-by: cache-cdg20754-CDG
x-rq: lhr4
last-modified: Mon, 13 Mar 2023 13:33:15 GMT
x-timer: S1680786436.872409,VS0,VE62
etag: W/"640f261b-3d60"
vary: X-Mobile-Class
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000
x-frame-options: DENY
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 RobotoCondensed-Medium.woff2
www.ask.com/wp-content/themes/ask-2022/assets/fonts/ 67 KB
68 KB 117ms
117ms Font
application/font-woff2 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ask.com/wp-content/themes/ask-2022/assets/fonts/RobotoCondensed-Medium.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

26c0204bbecb256f71fa50a3f0facced7e6d4d76a8af54d2ea72c8617847c990

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

Referer: https://www.ask.com/_static/??-eJyFjlsOgjAQRTfk0AdG9MO4llLHin3QMEOMuxcqJhpN+L33njMj7hlsnxgTixxG1yUShnzEc2fAtdCG3vo5ImQSlr7byzChy6aayo34o4uGGAcw0cEr+rQVww/KV4xYToGWWgviR8DV1ao2jvB+6oacjfWgVHUoxBLMzCke1W4vm1o22/oJ9wxokw==
Origin: https://users.wefindfreedom.shop
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Fri, 05 Apr 2024 13:07:15 GMT
date: Thu, 06 Apr 2023 13:07:15 GMT
content-encoding: gzip
content-security-policy: frame-ancestors 'none'
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
strict-transport-security: max-age=31536000
age: 214
x-cache: hit, MISS
rtss: 2-13-13
content-length: 68886
x-served-by: cache-cdg20754-CDG
x-rq: lhr4
last-modified: Mon, 13 Mar 2023 13:33:15 GMT
x-timer: S1680786436.872385,VS0,VE63
etag: W/"640f261b-10d90"
vary: X-Mobile-Class
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000
x-frame-options: DENY
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 5fe2920c102df51ad9fe632f5ca0ee93.jpg
www.ask.com/wp-content/uploads/sites/3/2022/03/ 21 KB
22 KB 47ms
43ms Image
image/webp 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ask.com/wp-content/uploads/sites/3/2022/03/5fe2920c102df51ad9fe632f5ca0ee93.jpg

Requested by

Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

def3ef41357c0137f5d9232f002b37d9e13f50c75fcd3ad10f9163ccc975fb89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 06 Apr 2023 13:07:15 GMT
content-security-policy: frame-ancestors 'none'
strict-transport-security: max-age=31536000
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
x-cache: HIT, MISS
rtss: 2-13-161
content-length: 21706
x-served-by: cache-cdg20788-CDG
x-rq: lhr4 109 86 443
last-modified: Mon, 05 Dec 2022 14:55:27 GMT
x-timer: S1680786436.874047,VS0,VE21
etag: "b513d7b29652510b"
vary: Accept
x-frame-options: DENY
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 14:55:27 GMT

GET
H2 200 6afe19ee5fe68d6f8c47174d0a455e49.jpg
www.ask.com/wp-content/uploads/sites/3/2023/02/ 7 KB
7 KB 85ms
80ms Image
image/webp 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ask.com/wp-content/uploads/sites/3/2023/02/6afe19ee5fe68d6f8c47174d0a455e49.jpg?resize=150,84

Requested by

Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d15eecb627e39f1e52a9a84582119234114fb09e3c7ae973567bd2df44aa17db

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 06 Apr 2023 13:07:15 GMT
content-security-policy: frame-ancestors 'none'
strict-transport-security: max-age=31536000
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
x-cache: HIT, MISS
rtss: 2-13-13
content-length: 7222
x-served-by: cache-cdg20788-CDG
x-rq: lhr4 109 142 443
last-modified: Thu, 09 Feb 2023 02:21:59 GMT
x-timer: S1680786436.874845,VS0,VE59
etag: "6224ba2558e958fa"
vary: Accept
x-frame-options: DENY
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
expires: Fri, 09 Feb 2024 02:21:59 GMT

GET
H2 200 AdobeStock_388303295_Editorial_Use_Only.jpeg
www.ask.com/wp-content/uploads/sites/3/2023/02/ 5 KB
6 KB 174ms
169ms Image
image/webp 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ask.com/wp-content/uploads/sites/3/2023/02/AdobeStock_388303295_Editorial_Use_Only.jpeg?resize=150,84

Requested by

Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9ef218450b346e2c5057382d12df51bb23d9501d28a59cc53b7228c419e01d71

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 06 Apr 2023 13:07:15 GMT
content-security-policy: frame-ancestors 'none'
strict-transport-security: max-age=31536000
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
x-cache: HIT, MISS
rtss: 2-13-68
content-length: 5550
x-served-by: cache-cdg20788-CDG
x-rq: lhr4 109 84 443
last-modified: Tue, 07 Feb 2023 21:59:29 GMT
x-timer: S1680786436.874840,VS0,VE118
etag: "103e045223425649"
vary: Accept
x-frame-options: DENY
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
expires: Wed, 07 Feb 2024 21:59:29 GMT

GET
H2 200 best-docs-2022.png
www.ask.com/wp-content/uploads/sites/3/2022/08/ 40 KB
40 KB 89ms
85ms Image
image/webp 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ask.com/wp-content/uploads/sites/3/2022/08/best-docs-2022.png?resize=269,151

Requested by

Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ecbff4ec6aff5ba6fce2f40b39d8805d7d9acff780f31614adcb29706d936f5d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 06 Apr 2023 13:07:15 GMT
content-security-policy: frame-ancestors 'none'
strict-transport-security: max-age=31536000
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
x-cache: HIT, MISS
rtss: 2-13-13
content-length: 40552
x-served-by: cache-cdg20788-CDG
x-rq: lhr4 109 140 443
last-modified: Thu, 01 Sep 2022 20:22:26 GMT
x-timer: S1680786436.875152,VS0,VE63
etag: "4bb8f107ab6028bd"
vary: Accept
x-frame-options: DENY
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
expires: Fri, 01 Sep 2023 20:22:26 GMT

GET
H2 200 best-podcasts-2022-feature.png
www.ask.com/wp-content/uploads/sites/3/2022/08/ 37 KB
38 KB 90ms
86ms Image
image/webp 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ask.com/wp-content/uploads/sites/3/2022/08/best-podcasts-2022-feature.png?resize=269,151

Requested by

Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fdf3d3a1e1f97ab95fc14893922fe4f1b792501744f37d6dd6c14e40ebe3b99e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 06 Apr 2023 13:07:15 GMT
content-security-policy: frame-ancestors 'none'
strict-transport-security: max-age=31536000
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
x-cache: HIT, MISS
rtss: 2-13-13
content-length: 38384
x-served-by: cache-cdg20788-CDG
x-rq: lhr4 109 139 443
last-modified: Mon, 10 Oct 2022 17:41:06 GMT
x-timer: S1680786436.875129,VS0,VE63
etag: "32d600ff1e55f9d1"
vary: Accept
x-frame-options: DENY
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
expires: Tue, 10 Oct 2023 17:41:06 GMT

GET
H2 200 horror-games-feature.png
www.ask.com/wp-content/uploads/sites/3/2022/05/ 46 KB
46 KB 88ms
84ms Image
image/webp 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ask.com/wp-content/uploads/sites/3/2022/05/horror-games-feature.png?resize=269,151

Requested by

Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b15ffa36bf69c1686dc556549e885542f1e6057537380cbc43ad51767c5cf3b6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 06 Apr 2023 13:07:15 GMT
content-security-policy: frame-ancestors 'none'
strict-transport-security: max-age=31536000
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
x-cache: HIT, MISS
rtss: 2-13-68
content-length: 46950
x-served-by: cache-cdg20788-CDG
x-rq: lhr4 109 84 443
last-modified: Wed, 05 Oct 2022 08:04:40 GMT
x-timer: S1680786436.875138,VS0,VE61
etag: "5962057f4b793c7f"
vary: Accept
x-frame-options: DENY
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
expires: Thu, 05 Oct 2023 08:04:40 GMT

GET
H2 200 ereaders-feature.png
www.ask.com/wp-content/uploads/sites/3/2022/09/ 31 KB
31 KB 175ms
171ms Image
image/webp 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ask.com/wp-content/uploads/sites/3/2022/09/ereaders-feature.png?resize=269,151

Requested by

Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

63bc69ccb53e95975bbb50505e31f4fa460a8f9e4ca8457cefaf69293272beec

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 06 Apr 2023 13:07:15 GMT
content-security-policy: frame-ancestors 'none'
strict-transport-security: max-age=31536000
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
x-cache: HIT, MISS
rtss: 2-13-33
content-length: 31366
x-served-by: cache-cdg20788-CDG
x-rq: lhr4 109 196 443
last-modified: Thu, 15 Sep 2022 22:07:16 GMT
x-timer: S1680786436.893956,VS0,VE100
etag: "cc979e64e5ee6cb1"
vary: Accept
x-frame-options: DENY
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
expires: Fri, 15 Sep 2023 22:07:16 GMT

GET
H2 200 efe9ba04969e24158f4560d5f9402081.jpg
www.ask.com/wp-content/uploads/sites/3/2022/10/ 15 KB
15 KB 66ms
62ms Image
image/webp 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ask.com/wp-content/uploads/sites/3/2022/10/efe9ba04969e24158f4560d5f9402081.jpg?resize=269,179

Requested by

Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

873de681bf771d021402cd6b7d5aa616786b5c18ef53d0fd881d6999ff333884

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 06 Apr 2023 13:07:15 GMT
content-security-policy: frame-ancestors 'none'
strict-transport-security: max-age=31536000
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
x-cache: HIT, MISS
rtss: 2-13-44
content-length: 15092
x-served-by: cache-cdg20788-CDG
x-rq: lhr4 109 144 443
last-modified: Tue, 11 Oct 2022 14:55:25 GMT
x-timer: S1680786436.894211,VS0,VE20
etag: "67ee2822afd2d8d8"
vary: Accept
x-frame-options: DENY
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
expires: Wed, 11 Oct 2023 14:55:25 GMT

GET
H2 200 headspace101.png
www.ask.com/wp-content/uploads/sites/3/2022/10/ 25 KB
25 KB 174ms
170ms Image
image/webp 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ask.com/wp-content/uploads/sites/3/2022/10/headspace101.png?resize=269,151

Requested by

Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f098489519769f020fe8faeb92a626ac3b18d99168bc7862fc4093983d0c32c5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 06 Apr 2023 13:07:15 GMT
content-security-policy: frame-ancestors 'none'
strict-transport-security: max-age=31536000
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
x-cache: HIT, MISS
rtss: 2-13-33
content-length: 25526
x-served-by: cache-cdg20788-CDG
x-rq: lhr4 109 139 443
last-modified: Thu, 13 Oct 2022 07:17:29 GMT
x-timer: S1680786436.892791,VS0,VE101
etag: "fdbc821f807f69c2"
vary: Accept
x-frame-options: DENY
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
expires: Fri, 13 Oct 2023 07:17:29 GMT

GET
H2 200 HispanicHeritageMonth.png
www.ask.com/wp-content/uploads/sites/3/2022/09/ 38 KB
39 KB 144ms
140ms Image
image/webp 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ask.com/wp-content/uploads/sites/3/2022/09/HispanicHeritageMonth.png?resize=269,151

Requested by

Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

12f7bdfcf1b22ff2011197856a490397f310fda5dac7edb4cbdee9a968f2101d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 06 Apr 2023 13:07:15 GMT
content-security-policy: frame-ancestors 'none'
strict-transport-security: max-age=31536000
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
x-cache: HIT, MISS
rtss: 2-13-33
content-length: 39324
x-served-by: cache-cdg20788-CDG
x-rq: lhr4 109 28 443
last-modified: Fri, 16 Sep 2022 19:45:15 GMT
x-timer: S1680786436.893165,VS0,VE66
etag: "c7fd277d4a24a829"
vary: Accept
x-frame-options: DENY
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
expires: Sat, 16 Sep 2023 19:45:15 GMT

GET
H2 200 mental-illness-tv-feature.png
www.ask.com/wp-content/uploads/sites/3/2022/05/ 30 KB
30 KB 136ms
133ms Image
image/webp 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ask.com/wp-content/uploads/sites/3/2022/05/mental-illness-tv-feature.png?resize=269,151

Requested by

Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

86ba470b1c795a6d14cf48a7768395bcaf8e3ab8a2bc9ab4c25492b92852f453

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 06 Apr 2023 13:07:15 GMT
content-security-policy: frame-ancestors 'none'
strict-transport-security: max-age=31536000
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
x-cache: HIT, MISS
rtss: 2-13-33
content-length: 30560
x-served-by: cache-cdg20788-CDG
x-rq: lhr4 109 200 443
last-modified: Mon, 10 Oct 2022 07:41:59 GMT
x-timer: S1680786436.893064,VS0,VE62
etag: "5d773cd5baa8fb19"
vary: Accept
x-frame-options: DENY
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
expires: Tue, 10 Oct 2023 07:41:59 GMT

GET
H2 200 ed77cd6024e48bfab2b22cd10c715e8d.jpg
www.ask.com/wp-content/uploads/sites/3/2023/02/ 2 KB
2 KB 140ms
137ms Image
image/webp 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ask.com/wp-content/uploads/sites/3/2023/02/ed77cd6024e48bfab2b22cd10c715e8d.jpg?resize=221,124

Requested by

Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

55f9ec1cd4ded7b18259e25423314056adaeab81c78fa6e102d3cd2d62c6c220

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 06 Apr 2023 13:07:15 GMT
content-security-policy: frame-ancestors 'none'
strict-transport-security: max-age=31536000
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
x-cache: HIT, MISS
rtss: 2-13-33
content-length: 1858
x-served-by: cache-cdg20788-CDG
x-rq: lhr4 109 195 443
last-modified: Thu, 02 Feb 2023 20:22:51 GMT
x-timer: S1680786436.893012,VS0,VE65
etag: "518db704c2c5410d"
vary: Accept
x-frame-options: DENY
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
expires: Fri, 02 Feb 2024 20:22:51 GMT

GET
H2 200 1d40384ccf7a2b0199114f2666a214dc.jpg
www.ask.com/wp-content/uploads/sites/3/2023/02/ 4 KB
4 KB 68ms
65ms Image
image/webp 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ask.com/wp-content/uploads/sites/3/2023/02/1d40384ccf7a2b0199114f2666a214dc.jpg?resize=221,124

Requested by

Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

78ab5380bd7554e999492526feb98a3928f42de9b85e4c2f559ae8b3168a5f20

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 06 Apr 2023 13:07:15 GMT
content-security-policy: frame-ancestors 'none'
strict-transport-security: max-age=31536000
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
x-cache: HIT, MISS
rtss: 2-13-18
content-length: 3896
x-served-by: cache-cdg20788-CDG
x-rq: lhr4 109 32 443
last-modified: Wed, 01 Feb 2023 19:01:02 GMT
x-timer: S1680786436.891459,VS0,VE28
etag: "0f16c0fa86679d0a"
vary: Accept
x-frame-options: DENY
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
expires: Thu, 01 Feb 2024 19:01:02 GMT

GET
H2 200 MCDJOCA_EC086.jpg
www.ask.com/wp-content/uploads/sites/3/2023/01/ 3 KB
4 KB 133ms
130ms Image
image/webp 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ask.com/wp-content/uploads/sites/3/2023/01/MCDJOCA_EC086.jpg?resize=221,92

Requested by

Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c73517454446a5358ddf041e3a1d40338e416d1c121f895751019d9f1873fc38

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 06 Apr 2023 13:07:15 GMT
content-security-policy: frame-ancestors 'none'
strict-transport-security: max-age=31536000
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
x-cache: HIT, MISS
rtss: 2-13-33
content-length: 3574
x-served-by: cache-cdg20788-CDG
x-rq: lhr4 109 83 443
last-modified: Tue, 31 Jan 2023 22:58:42 GMT
x-timer: S1680786436.891435,VS0,VE61
etag: "624a952cbbc23224"
vary: Accept
x-frame-options: DENY
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
expires: Wed, 31 Jan 2024 22:58:42 GMT

GET
H2 200 iStock-506161846.jpg
www.ask.com/wp-content/uploads/sites/3/2023/01/ 15 KB
15 KB 131ms
128ms Image
image/webp 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ask.com/wp-content/uploads/sites/3/2023/01/iStock-506161846.jpg?resize=215,143

Requested by

Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

90f1daad53641ad4ea822b6bdebd1e7d21f9c29d1a4f1d76ad2f269554188b66

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 06 Apr 2023 13:07:15 GMT
content-security-policy: frame-ancestors 'none'
strict-transport-security: max-age=31536000
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
x-cache: HIT, MISS
rtss: 2-13-33
content-length: 15146
x-served-by: cache-cdg20788-CDG
x-rq: lhr4 109 196 443
last-modified: Tue, 31 Jan 2023 21:58:07 GMT
x-timer: S1680786436.891427,VS0,VE61
etag: "057ba55d112e4644"
vary: Accept
x-frame-options: DENY
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
expires: Wed, 31 Jan 2024 21:58:07 GMT

GET
H2 200 GORILLAZ.New-Gold.landscape.jpg
www.ask.com/wp-content/uploads/sites/3/2023/01/ 8 KB
8 KB 162ms
160ms Image
image/webp 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ask.com/wp-content/uploads/sites/3/2023/01/GORILLAZ.New-Gold.landscape.jpg?resize=215,143

Requested by

Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7bfecb65b6afdd4ce98806c8d46caf08cc98a0151b85aa42981c85c7b6da4621

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 06 Apr 2023 13:07:15 GMT
content-security-policy: frame-ancestors 'none'
strict-transport-security: max-age=31536000
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
x-cache: HIT, MISS
rtss: 2-13-33
content-length: 7858
x-served-by: cache-cdg20788-CDG
x-rq: lhr4 109 140 443
last-modified: Mon, 30 Jan 2023 20:49:19 GMT
x-timer: S1680786436.891381,VS0,VE80
etag: "d9faf0d6af90fc6f"
vary: Accept
x-frame-options: DENY
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
expires: Tue, 30 Jan 2024 20:49:19 GMT

GET
H2 200 AdobeStock_388303214_Editorial_Use_Only.jpeg
www.ask.com/wp-content/uploads/sites/3/2023/01/ 15 KB
15 KB 163ms
161ms Image
image/webp 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ask.com/wp-content/uploads/sites/3/2023/01/AdobeStock_388303214_Editorial_Use_Only.jpeg?resize=215,143

Requested by

Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

748f5b480a2fb290f40033d36e98e336ffff8228968db609011eaec1f0dfe295

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 06 Apr 2023 13:07:15 GMT
content-security-policy: frame-ancestors 'none'
strict-transport-security: max-age=31536000
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
x-cache: HIT, MISS
rtss: 2-13-33
content-length: 15104
x-served-by: cache-cdg20788-CDG
x-rq: lhr4 109 30 443
last-modified: Mon, 30 Jan 2023 20:08:12 GMT
x-timer: S1680786436.891439,VS0,VE87
etag: "6f2380e63e433f8c"
vary: Accept
x-frame-options: DENY
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
expires: Tue, 30 Jan 2024 20:08:12 GMT

GET
H2 200 c2b77d7e93a31a1434606975ea5dd45c.jpg
www.ask.com/wp-content/uploads/sites/3/2023/01/ 13 KB
13 KB 124ms
122ms Image
image/webp 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ask.com/wp-content/uploads/sites/3/2023/01/c2b77d7e93a31a1434606975ea5dd45c.jpg?resize=221,124

Requested by

Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bccab5ec95e922c4d7d877ff9547d42f8f36858c501608204ebdddaecab01a30

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 06 Apr 2023 13:07:15 GMT
content-security-policy: frame-ancestors 'none'
strict-transport-security: max-age=31536000
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
x-cache: HIT, MISS
rtss: 2-13-33
content-length: 13220
x-served-by: cache-cdg20788-CDG
x-rq: lhr4 109 200 443
last-modified: Mon, 30 Jan 2023 16:09:34 GMT
x-timer: S1680786436.891348,VS0,VE60
etag: "47a74685042009d9"
vary: Accept
x-frame-options: DENY
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
expires: Tue, 30 Jan 2024 16:09:34 GMT

GET
H2 200 iStock-1167636633.jpg
www.ask.com/wp-content/uploads/sites/3/2022/08/ 19 KB
19 KB 140ms
138ms Image
image/webp 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ask.com/wp-content/uploads/sites/3/2022/08/iStock-1167636633.jpg?resize=221,138

Requested by

Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

108834498b7737aadfc5c1ef8cd6fc2201ec5b4796ba6927542c2fb13db67bd8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 06 Apr 2023 13:07:15 GMT
content-security-policy: frame-ancestors 'none'
strict-transport-security: max-age=31536000
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_sitespect_wp_production
x-cache: HIT, MISS
rtss: 2-13-33
content-length: 18966
x-served-by: cache-cdg20788-CDG
x-rq: lhr4 109 84 443
last-modified: Mon, 30 Jan 2023 06:46:40 GMT
x-timer: S1680786436.893449,VS0,VE65
etag: "1bccac29496f15f3"
vary: Accept
x-frame-options: DENY
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
expires: Tue, 30 Jan 2024 06:46:40 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
309 B 129ms
129ms XHR
text/plain 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3594&u=https%3A%2F%2Fusers.wefindfreedom.shop
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js?ver=1.0.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:07:15 GMT
via: 1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
access-control-allow-origin: https://users.wefindfreedom.shop
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: qAF2lwc9Zjgm5RzejHgNl1YaFonXkdWe83q_Hrr5kv5fnQ-UdajMTw==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
469 B 390ms
139ms XHR
text/javascript 52.222.247.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3594&u=https%3A%2F%2Fusers.wefindfreedom.shop%2F&pid=eq1R2Jojpvz5e&cb=0&ws=1600x1200&v=23.331.1910&t=1600&slots=%5B%7B%22sd%22%3A%22ad_block_4%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22322166814%2Fiacpl-test.www.ask.com%2FAsk_Desktop_Feed_Center2_728x90%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%2C%22cmpTimeout%22%3A50%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.247.205 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-247-205.fra60.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:07:16 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-amz-rid: GBVA58E27DH1ZWT7FMXG
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://users.wefindfreedom.shop
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: L504VVDeNk7v5aUt0L4jz5VHv8RdC-BBswXmyQQAlYux3Ir2fVoz_g==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 469ms
418ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js?ver=1.0.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:07:17 GMT
x-amz-version-id: F_FDbbUyUmFtmAPMghF.UJjGVPnjBMtx
content-encoding: gzip
via: 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Mon, 03 Apr 2023 21:14:40 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: uuLeMOVAPwp01pW41muHKaH3zs9sl5rQ_dAd1K0Yke7WV-m0HB_Epw==

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 244ms
28ms Preflight
text/plain 213.19.147.43
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 Castricum, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://users.wefindfreedom.shop
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://users.wefindfreedom.shop
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Thu, 06 Apr 2023 13:07:16 GMT

OPTIONS
H2 204 askmedia
askmedia.technoratimedia.com/openrtb/bids/ Frame 0
0 312ms
99ms Preflight 2603:c020:400d:3000:f50:982a:7877:65bd
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://askmedia.technoratimedia.com/openrtb/bids/askmedia?src=prebid_prebid_7.31.0-PPI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://users.wefindfreedom.shop
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET, HEAD, OPTIONS
access-control-allow-origin: https://users.wefindfreedom.shop
access-control-max-age: 86400
date: Thu, 06 Apr 2023 13:07:16 GMT
server: nginx

POST
H2 400 cookie_sync Show response
prebid-server.rubiconproject.com/ 49 B
278 B 489ms
31ms XHR
text/plain 3.121.0.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/cookie_sync
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/8941.js?ver=1.0.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.0.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-0-176.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: c096a407308f10208f1283bf386d16fa88753abe15d84e7bbd4e16e8e7a4ef3e

Request headers

Referer: https://users.wefindfreedom.shop/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 13:07:16 GMT
content-encoding: gzip
access-control-allow-origin: https://users.wefindfreedom.shop
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 71
expires: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 172 B
409 B 488ms
32ms XHR
application/json 3.121.0.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/8941.js?ver=1.0.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.0.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-0-176.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: abe02e6ee7bd919db1e0a04a2433cb377386d6b17454f63b2bcc4925456afd44

Request headers

Referer: https://users.wefindfreedom.shop/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 13:07:16 GMT
content-encoding: gzip
x-prebid: pbs-java/1.115.0
content-type: application/json
access-control-allow-origin: https://users.wefindfreedom.shop
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 168
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
867 B 113ms
48ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/8941.js?ver=1.0.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://users.wefindfreedom.shop/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 06 Apr 2023 13:07:15 GMT
AN-X-Request-Uuid: 93763c53-d0c9-4ffa-8fa4-c94ae95b8633
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://users.wefindfreedom.shop
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 37.59.164.98; 37.59.164.98; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 25 Show response
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 0
155 B 268ms
26ms XHR
text/plain 2a02:fa8:8806:20::2100
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/8941.js?ver=1.0.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://users.wefindfreedom.shop/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://users.wefindfreedom.shop
pragma: no-cache
date: Thu, 06 Apr 2023 13:07:16 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
322 B 338ms
102ms XHR
application/json 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.31.0-PPI&cb=52789523041&lsavail=1

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/8941.js?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://users.wefindfreedom.shop/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 06 Apr 2023 13:07:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://users.wefindfreedom.shop
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
566 B 400ms
166ms XHR
application/json 81.17.55.113
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/8941.js?ver=1.0.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://users.wefindfreedom.shop/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 13:07:15 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://users.wefindfreedom.shop
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 ortb Show response
bid.contextweb.com/header/ 0
626 B 332ms
99ms XHR
text/plain 198.148.27.134
PULSEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/ortb?src=prebid
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/8941.js?ver=1.0.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.148.27.134 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://users.wefindfreedom.shop/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 06 Apr 2023 13:07:16 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: envoy
cwdl: 22/139
access-control-allow-origin: https://users.wefindfreedom.shop
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
cw-server: bid-deployment-5568f6bf6d-w76qr

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ 95 B
902 B 331ms
101ms XHR
application/json 69.166.1.9
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2214aa148bc9701b8%22%3A%2268f20f70d9318c30c730%7C728x90%7Cgpid%3D322166814%2Fiacpl-test.www.ask.com%2FAsk_Desktop_Feed_Center2_728x90%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fusers.wefindfreedom.shop%2F&s=c5725d30-909c-468e-b151-6fc4fcbaef20&pv=4d267b05-dd29-45f5-ab94-5ce6d775bcb4&vp=desktop&lib_name=prebid&lib_v=7.31.0-PPI&us=3&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fusers.wefindfreedom.shop%2F%22%2C%22domain%22%3A%22users.wefindfreedom.shop%22%2C%22publisher%22%3A%7B%22domain%22%3A%22wefindfreedom.shop%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.146%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22coppa%22%3A0%7D%7D&ius=1&coppa=0

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/8941.js?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

c0903487babee17c7bb06f6bc0911852dec1b0d2a1e22440d62ea0af976d310e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://users.wefindfreedom.shop/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 13:07:16 GMT
content-encoding: gzip
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-142
content-type: application/json
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://users.wefindfreedom.shop
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
tcn: Choice
content-length: 120
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 400 prebid Show response
prebid.ad.smaato.net/oapi/ 0
333 B 263ms
34ms XHR
text/plain 52.51.163.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/8941.js?ver=1.0.0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.51.163.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-163-12.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://users.wefindfreedom.shop/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 06 Apr 2023 13:07:16 GMT
server: SOMA
x-smt-message: GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin: https://users.wefindfreedom.shop
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials: true
content-length: 0
x-smt-sessionid: 0a3cbb94-4f20-712f-d727-9252447a6734

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
570 B 254ms
41ms XHR
application/json 104.18.25.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=559697
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/8941.js?ver=1.0.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50f8d2e207b2e0ab4f7b14e230601cb54e0695887cd79a5c299528f55df45b6f

Request headers

Referer: https://users.wefindfreedom.shop/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 13:07:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2Fa9SlfA4nfCeLA37Li9hTHpfGWwmmtQJgKRL%2BjVIAWMeym8ok6r7XtfWwsjrAjeyDK0u6g6OAloeaNUgM5chlGlga4FwjXbD1pGOL0m%2BfDKs9khAXhELtUlDqtuGBR0tQjss6%2Br"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://users.wefindfreedom.shop
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7b3a40b9ebe93d17-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ 0
172 B 86ms
31ms XHR
text/plain 213.19.147.43
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/8941.js?ver=1.0.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 Castricum, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://users.wefindfreedom.shop/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://users.wefindfreedom.shop
pragma: no-cache
date: Thu, 06 Apr 2023 13:07:16 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
528 B 252ms
31ms XHR
application/json 3.66.151.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.31.0-PPI&referrer=https%3A%2F%2Fusers.wefindfreedom.shop%2F&tmax=3500

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/8941.js?ver=1.0.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.66.151.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-66-151-117.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://users.wefindfreedom.shop/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 13:07:16 GMT
accept-ch: sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory
x-auction-status: 3
content-type: application/json; charset=utf-8
access-control-allow-origin: https://users.wefindfreedom.shop
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 hbjson Show response
grid.bidswitch.net/ 24 B
246 B 251ms
32ms XHR
application/json 3.64.122.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/8941.js?ver=1.0.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.122.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-122-52.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: f1a5e0d1575ac8268ebf75be867fde063948652a8c8bc6bbf4b3c49fdff25150

Request headers

Referer: https://users.wefindfreedom.shop/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://users.wefindfreedom.shop
date: Thu, 06 Apr 2023 13:07:16 GMT
content-encoding: gzip
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate
content-length: 49
content-type: application/json

GET
H2 200 arj Show response
ask-media-group-d.openx.net/w/1.0/ 73 B
384 B 255ms
38ms XHR
application/json 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ask-media-group-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fusers.wefindfreedom.shop%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=0fe63e21-e732-44ef-96a6-b9ca797aec74&nocache=1680786435930&aus=728x90&divids=d630d900&aucs=322166814%252Fiacpl-test.www.ask.com%252FAsk_Desktop_Feed_Center2_728x90&auid=556401532
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/8941.js?ver=1.0.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: d40e1a7003036adfb1fbe67a86c3cbcbcae217c5f8ba5bb5e64e50331c880bcd

Request headers

Referer: https://users.wefindfreedom.shop/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 13:07:16 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://users.wefindfreedom.shop
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
122 B 259ms
53ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/8941.js?ver=1.0.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://users.wefindfreedom.shop/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://users.wefindfreedom.shop
date: Thu, 06 Apr 2023 13:07:16 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 458 askmedia Show response
askmedia.technoratimedia.com/openrtb/bids/ 22 B
408 B 297ms
101ms XHR
text/plain 2603:c020:400d:3000:f50:982a:7877:65bd
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://askmedia.technoratimedia.com/openrtb/bids/askmedia?src=prebid_prebid_7.31.0-PPI
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/8941.js?ver=1.0.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: 01073f53cf528369f725936b73afd8786d3e6f6a4b15001f6c1800e0a1c66de1

Request headers

Referer: https://users.wefindfreedom.shop/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 06 Apr 2023 13:07:16 GMT
content-encoding: gzip
via: 1.1 varnish
server: nginx
age: 0
vary: Accept-Encoding
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: text/plain
access-control-allow-origin: https://users.wefindfreedom.shop
x-varnish: 284433128
access-control-allow-credentials: true
content-length: 48

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
164 B 274ms
65ms XHR
text/plain 18.185.81.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/8941.js?ver=1.0.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.81.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-81-93.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://users.wefindfreedom.shop/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://users.wefindfreedom.shop
date: Thu, 06 Apr 2023 13:07:16 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
396 B 331ms
123ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/8941.js?ver=1.0.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://users.wefindfreedom.shop/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 13:07:16 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://users.wefindfreedom.shop
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Thu, 06 Apr 2023 13:07:16 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 549 B
1 KB 529ms
120ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8941&site_id=393452&zone_id=2194292&size_id=2&rf=https%3A%2F%2Fusers.wefindfreedom.shop%2F&tg_i.page=https%3A%2F%2Fusers.wefindfreedom.shop%2F&tg_i.domain=users.wefindfreedom.shop&tg_i.elementid=ad_block_4&tg_i.pbadslot=322166814%2Fiacpl-test.www.ask.com%2FAsk_Desktop_Feed_Center2_728x90&tg_i.aupName=322166814%2Fiacpl-test.www.ask.com%2FAsk_Desktop_Feed_Center2_728x90&tk_flint=dmpbjs_v7.31.0-PPI&x_source.tid=0fe63e21-e732-44ef-96a6-b9ca797aec74&l_pb_bid_id=3606ee393bb5f97&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=322166814%2Fiacpl-test.www.ask.com%2FAsk_Desktop_Feed_Center2_728x90&slots=1&rand=0.5070816278935673
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/8941.js?ver=1.0.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: bbee96a59467983ed98adc79fbfbc72446a8debb315396444fe11f256c0b2144

Request headers

Referer: https://users.wefindfreedom.shop/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 13:07:16 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://users.wefindfreedom.shop
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 38ms
29ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=197401897&post=150197&tz=-7&srv=www.ask.com&hp=vip&j=1%3A11.9.1&host=users.wefindfreedom.shop&ref=&fcp=1438&rand=0.5791234461163568
Requested by: Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 06 Apr 2023 13:07:15 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

POST admin-ajax.php
www.ask.com/wp-admin/ 0
0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 99ms
28ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ds8tuylnjknkd.cloudfront.net
URL: https://ds8tuylnjknkd.cloudfront.net/script.js?ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Apr 2023 12:05:12 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3724
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 06 Apr 2023 14:05:12 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 171 KB
57 KB 51ms
51ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T3KVMC&l=dataLayer

Requested by

Host: ds8tuylnjknkd.cloudfront.net
URL: https://ds8tuylnjknkd.cloudfront.net/script.js?ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f4a2dfbe99a1577d48502b54a992d7d510029544d78fc37ad3ceb48c77f6506b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:07:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58726
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 06 Apr 2023 13:07:16 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: ds8tuylnjknkd.cloudfront.net
URL: https://ds8tuylnjknkd.cloudfront.net/script.js?ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 12:45:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1309
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 06 Apr 2023 13:45:27 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
352 B 85ms
25ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-190343097-163&cid=1598447398.1680786436&jid=596044553&gjid=2097773177&_gid=2086104710.1680786436&_u=aHBAgUAjAAAAAEAFK~&z=1343656733

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://users.wefindfreedom.shop/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 06 Apr 2023 13:07:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://users.wefindfreedom.shop
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
39ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=738033938&t=pageview&_s=1&dl=https%3A%2F%2Fusers.wefindfreedom.shop%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Ask.com%20-%20What%27s%20Your%20Question%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHBAgUAjAAAAAAAFK~&jid=596044553&gjid=2097773177&cid=1598447398.1680786436&tid=UA-190343097-163&_gid=2086104710.1680786436&gtm=45He3430n81KMFC6W2&cd1=dirN&cd7=home&cd9=https%3A%2F%2Fusers.wefindfreedom.shop%2F&cd12=2023-04-06%2013%3A07%3A16.78%20GMT%2B0000(GMT)&cd13=&cd14=IACOrganic&cd16=en-US&cd17=13&cd18=0&cd19=054c0769-fa4a-4ebc-8849-01ad76c30cb1&cd21=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.146%20Safari%2F537.36&cd27=6970689106&cd29=1&cd30=Ask.com%20-%20What%27s%20Your%20Question%3F&cd31=home&cd32=ask.com&cd39=GA%20Page%20View%20-%20Core%20Page%20View&cd57=wpvip_ask&cd66=b9d5551c-0a75-4642-bf04-065829b665f8&cd10=1598447398.1680786436&z=1230225428

Requested by

Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68524
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
39ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=738033938&t=event&ni=1&_s=1&dl=https%3A%2F%2Fusers.wefindfreedom.shop%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Ask.com%20-%20What%27s%20Your%20Question%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=content&ea=trending%20article%20impressions&el=home&_u=aHDAgUAjAAAAAEAFK~&jid=&gjid=&cid=1598447398.1680786436&tid=UA-190343097-163&_gid=2086104710.1680786436&gtm=45He3430n81KMFC6W2&cd1=dirN&cd7=home&cd9=https%3A%2F%2Fusers.wefindfreedom.shop%2F&cd12=2023-04-06%2013%3A07%3A16.106%20GMT%2B0000(GMT)&cd13=&cd14=IACOrganic&cd16=en-US&cd17=13&cd18=0&cd19=054c0769-fa4a-4ebc-8849-01ad76c30cb1&cd21=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.146%20Safari%2F537.36&cd27=6970689106&cd29=1&cd30=Ask.com%20-%20What%27s%20Your%20Question%3F&cd31=home&cd32=ask.com&cd39=GA%20Event%20-%20Content%20-%20Trending%20Article%20Impressions&cd57=wpvip_ask&cd66=b9d5551c-0a75-4642-bf04-065829b665f8&cd10=1598447398.1680786436&z=776528481

Requested by

Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68524
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
39ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=738033938&t=event&ni=1&_s=1&dl=https%3A%2F%2Fusers.wefindfreedom.shop%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Ask.com%20-%20What%27s%20Your%20Question%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=content&ea=article%20tile%20impressions&el=home&_u=aHDAgUAjAAAAAEAFK~&jid=&gjid=&cid=1598447398.1680786436&tid=UA-190343097-163&_gid=2086104710.1680786436&gtm=45He3430n81KMFC6W2&cd1=dirN&cd7=home&cd9=https%3A%2F%2Fusers.wefindfreedom.shop%2F&cd12=2023-04-06%2013%3A07%3A16.112%20GMT%2B0000(GMT)&cd13=&cd14=IACOrganic&cd16=en-US&cd17=13&cd18=0&cd19=054c0769-fa4a-4ebc-8849-01ad76c30cb1&cd21=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.146%20Safari%2F537.36&cd27=6970689106&cd29=1&cd30=Ask.com%20-%20What%27s%20Your%20Question%3F&cd31=home&cd32=ask.com&cd39=GA%20Event%20-%20Content%20-%20Article%20Tile%20Impressions&cd57=wpvip_ask&cd66=b9d5551c-0a75-4642-bf04-065829b665f8&cd10=1598447398.1680786436&cm82=27&cm58=19&z=994048367

Requested by

Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68524
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
40ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=738033938&t=event&ni=1&_s=1&dl=https%3A%2F%2Fusers.wefindfreedom.shop%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Ask.com%20-%20What%27s%20Your%20Question%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=content&ea=general%20impressions&el=https%3A%2F%2Fusers.wefindfreedom.shop%2F&_u=aHDAgUAjAAAAAEAFK~&jid=&gjid=&cid=1598447398.1680786436&tid=UA-190343097-163&_gid=2086104710.1680786436&gtm=45He3430n81KMFC6W2&cd1=dirN&cd7=home&cd9=https%3A%2F%2Fusers.wefindfreedom.shop%2F&cd12=2023-04-06%2013%3A07%3A16.119%20GMT%2B0000(GMT)&cd13=&cd14=IACOrganic&cd16=en-US&cd17=13&cd18=0&cd19=054c0769-fa4a-4ebc-8849-01ad76c30cb1&cd21=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.146%20Safari%2F537.36&cd27=6970689106&cd29=1&cd30=Ask.com%20-%20What%27s%20Your%20Question%3F&cd31=home&cd32=ask.com&cd39=GA%20Event%20-%20Content%20-%20General%20Impressions&cd57=wpvip_ask&cd66=b9d5551c-0a75-4642-bf04-065829b665f8&cd10=1598447398.1680786436&cm82=27&cd70=Which%20of%20these%20is%20a%20top%20home%20security%20company%3F&cd72=top-reasons-amazon-prime-video&cm1=1&cm2=1&cm3=1&cm55=1&cm57=1&cm63=4&cm64=0&cm66=4&cm114=8&cm118=1&z=471767172

Requested by

Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68524
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ard.png Show response
users.wefindfreedom.shop/__ssobj/ 0
443 B 64ms
64ms XHR
text/javascript 178.32.225.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://users.wefindfreedom.shop/__ssobj/ard.png?7218922766265782007_1-801-1680786434&n=1

Requested by

Host: users.wefindfreedom.shop
URL: https://users.wefindfreedom.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.32.225.161 , France, ASN16276 (OVH, FR),

Reverse DNS

ip161.ip-178-32-225.eu

Software

nginx/1.22.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 06 Apr 2023 13:07:16 GMT
content-security-policy: frame-ancestors 'none'
strict-transport-security: max-age=31536000
x-origin: 1JFPtFGLOS9tiOpaD8EN4o--F_site_spect_origin
x-cache: MISS
rtss: 2-13-165
content-length: 0
sbss: 1
x-served-by: cache-cdg20740-CDG
pragma: no-cache
last-modified: Sat, 14 Jan 2023 14:47:32 GMT
server: nginx/1.22.1
x-timer: S1680786436.478378,VS0,VE17
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
cache-control: private, no-store, no-cache, max-age=0, must-revalidate, proxy-revalidate
accept-ranges: bytes
expires: -1

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
531 B 105ms
44ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=users.wefindfreedom.shop

Requested by

Host: ds8tuylnjknkd.cloudfront.net
URL: https://ds8tuylnjknkd.cloudfront.net/script.js?ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 108ms
47ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=users.wefindfreedom.shop

Requested by

Host: ds8tuylnjknkd.cloudfront.net
URL: https://ds8tuylnjknkd.cloudfront.net/script.js?ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 735 B
763 B 276ms
275ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3296478904490357&correlator=1316222693503756&eid=44785728&output=ldjh&gdfp_req=1&vrg=202303300101&ptt=17&impl=fifs&iu_parts=322166814%2Ciacpl-test.www.ask.com%2CAsk_Desktop_Feed_Center2_728x90&enc_prev_ius=0%2F1%2F2&prev_iu_szs=728x90&ifi=1&adks=774434193&sfv=1-0-40&prev_scp=ad%3DdirN%26origin%3D0%26amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1680786436571&lmt=1680786436&dlt=1680786434704&idt=1060&adxs=247&adys=1091&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fusers.wefindfreedom.shop%2F&frm=20&vis=1&psz=1136x0&msz=728x0&fws=132&ohw=1600&ga_vid=1598447398.1680786436&ga_sid=1680786437&ga_hid=738033938&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f721af828ff1c2c8fda9cd2e8b1897fdd70775e023d1f06c6ed23e41639108d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:07:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 385
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://users.wefindfreedom.shop
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 148ms
76ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202303300101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94cc1168087b7f6f44237ac46f936701ce89bcbf16ebfc02899ee4aeb6dc9e2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:07:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11324
x-xss-protection: 0

GET
H2 200 container.html Show response
f57eb95add9c67446aeb61da9559c3da.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9E34 6 KB
3 KB 148ms
38ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f57eb95add9c67446aeb61da9559c3da.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: ds8tuylnjknkd.cloudfront.net
URL: https://ds8tuylnjknkd.cloudfront.net/script.js?ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://users.wefindfreedom.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Apr 2023 13:07:16 GMT
expires: Fri, 05 Apr 2024 13:07:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 117ms
40ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: ds8tuylnjknkd.cloudfront.net
URL: https://ds8tuylnjknkd.cloudfront.net/script.js?ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 06 Apr 2023 13:07:16 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7B73 13 KB
5 KB 34ms
33ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: ds8tuylnjknkd.cloudfront.net
URL: https://ds8tuylnjknkd.cloudfront.net/script.js?ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://users.wefindfreedom.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 7063
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Apr 2023 11:09:33 GMT
expires: Fri, 05 Apr 2024 11:09:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5DFD 783 B
1 KB 106ms
35ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ds8tuylnjknkd.cloudfront.net
URL: https://ds8tuylnjknkd.cloudfront.net/script.js?ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0f4e4770d641985de524f7fa7889e2f84268d3d1407fe199d113668e76b53f53

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lyOgC957ynMKBI0bGj6NUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://users.wefindfreedom.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-lyOgC957ynMKBI0bGj6NUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 06 Apr 2023 13:07:16 GMT
expires: Thu, 06 Apr 2023 13:07:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 1qDM7jHzlwhnZd-s95CHH_k3xryNtTKIC4s2Es7tSnI.js Show response
pagead2.googlesyndication.com/bg/ Frame 7B73 36 KB
14 KB 89ms
29ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1qDM7jHzlwhnZd-s95CHH_k3xryNtTKIC4s2Es7tSnI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6a0ccee31f397086765dfacf790871ff937c6bc8db532880b8b3612ceed4a72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 10:02:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 97467
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14260
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Apr 2024 10:02:49 GMT

GET
H2 204 _page_view Show response
users.wefindfreedom.shop/ 0
208 B 45ms
44ms XHR
text/plain 178.32.225.161
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://users.wefindfreedom.shop/_page_view?pt=home&pageViewId=054c0769-fa4a-4ebc-8849-01ad76c30cb1&pd=ask.com&fullUrl=https%3A%2F%2Fusers.wefindfreedom.shop%2F&ad=dirN&lc=en-US&gsid=6970689106&ueid=b9d5551c-0a75-4642-bf04-065829b665f8&eid=1680786436925&url=https%253A%252F%252Fusers.wefindfreedom.shop%252F&tmtry=false

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.32.225.161 , France, ASN16276 (OVH, FR),

Reverse DNS

ip161.ip-178-32-225.eu

Software

nginx/1.22.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

Accept: */*
Referer: https://users.wefindfreedom.shop/
X-Requested-With: XMLHttpRequest
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 06 Apr 2023 13:07:16 GMT
content-security-policy: frame-ancestors 'none'
strict-transport-security: max-age=31536000
server: nginx/1.22.1
x-frame-options: DENY
x-cache: HIT
accept-ranges: bytes
retry-after: 0
x-served-by: cache-cdg20732-CDG

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5DFD 0
0 66ms
65ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202303300101&jk=3296478904490357&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7B73 0
10 B 27ms
27ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ylIW6w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:07:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 event Show response
prebid-a.rubiconproject.com/ 0
125 B 23ms
23ms XHR
text/plain 3.126.10.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/8941.js?ver=1.0.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.10.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-10-14.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://users.wefindfreedom.shop/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 06 Apr 2023 13:07:18 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 651ms
23ms Preflight 3.126.10.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.10.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-10-14.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://users.wefindfreedom.shop
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Thu, 06 Apr 2023 13:07:17 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 62ms
62ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202303300101&jk=3296478904490357&bg=!goGlgdXNAAYIJb0jKCU7ADkAdvg8WkOBAyLd6IcZ4aDvCcJrNKPSKJGl8sIANVq6E0t6DnO697OYtG_4iG0HO8vUCKT0JD4AdnUCAAAAVVIAAAAJaAEHCgAFb12Js1GZAp_N_F1I_vSCiVjLGW2c2Iw8WEeDA7rAIivLCmEsfvOVW7Ly0uTgYKyX8GZ5X-Gx1TYH3-MJXGsoDunOJrfcXqcYyKjUJ7gpwoFfedeRKgqKd8qERclFt9QSzCM23aHLrfiv0fh-1_3ZdRsNau-vRC1hmMF6Tr557XLiY3VZwgvbW3XKvZpwUyUHLQ8rplN9WOmCCH2UyxSCpCHXDock50iXuHJfwnwZ-ROGGUBXPYUxmGS2m-HeRo4MuIP6R12z4x_xxwldsZqTbJceDzkgWdt6i0BZqZqx8rop-Ih_A4Uj3enAMfeEMkK4cNOCqgZsRLem4SLWj6GdHc1aPCOlzYQ6v22WjqrXXEIQkPSVkU3bFWvb2e8K4Oc3Mm-0xaJP1F37VIbJguEOAp3ymKvDqfUNgvQ3LU7SWIn1pVPca2O5KBVlPtJ_polriZwD0GAok91ZkpsYk9rKZ6dBnb_MUTrFA7Y0VUxJ9U68ZX6oz8l3OmbBa8q_XH6F7k4ntbcPr5ms07xwiE2B_BNlqtVM-y8AwIJkvjozHjAczsSUVEVd6hwGhTWa-bjCtnCjLllIrz75Zc8GkGxt7FhUlirgTCnlIr_ymtM5_IZIoQokj7MRGp3u5KLLoBYK6psJ-VQQmo_Q7yO8vnD8CSfmXrn8xe_xt7DD-eUYKxbwkoISerbpKlWlltFubtS2gpzMFlGvRSKurJ37oanCLbyutNPu4gProugXZUmtwku1FpigsZO8TEVE0V2u19AaKEDGK_tlOzGpQDeZHFnJ46jJdJ9XxzEAyHtDF9APUHzdPwSMZDcQXSiCQd3N7__OL6q8gvwdGWq0S5X1CkWx2JQXTrj1mbCMydh0J79B1w5mnxkFSgeeNe4fZM--aRsgghSvE4NLLA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

POST
H2 200 post Show response
parallax.askmediagroup.com/ 8 B
87 B 341ms
340ms XHR
text/plain 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://parallax.askmediagroup.com/post
Requested by: Host: www.ask.com
URL: https://www.ask.com/_static/??-eJx9jMEKwkAMRH/INC6C1YP4LaGGkKWJ62bX0r+3qAdPwsCD4c3gUkB9mvuNA/OWR+e6fjGY+pBjh/8kMJVKjX/l6e6NvWGZu6gHGkXjCmQCnwopgtv7rJAwPJUXENr2V7uk42k/HlI6j/kFvFY6GQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5

Request headers

Access-Control-Allow-Origin: *
Accept: application/json
Referer: https://users.wefindfreedom.shop/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

x-served-by: cache-cdg20754-CDG
date: Thu, 06 Apr 2023 13:07:18 GMT
via: 1.1 varnish
x-timer: S1680786438.208223,VS0,VE322
vary: Accept-Encoding
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-cache: MISS
accept-ranges: bytes
access-control-allow-headers: *
content-length: 8
x-cache-hits: 0

OPTIONS
H2 200 post
parallax.askmediagroup.com/ Frame 0
0 349ms
340ms Preflight 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://parallax.askmediagroup.com/post
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin,content-type
Access-Control-Request-Method: POST
Origin: https://users.wefindfreedom.shop
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
content-length: 0
date: Thu, 06 Apr 2023 13:07:18 GMT
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-cdg20754-CDG
x-timer: S1680786438.868793,VS0,VE316

GET
H2 200 publishertag.prebid.132.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 434ms
204ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.132.js

Requested by

Host: ds8tuylnjknkd.cloudfront.net
URL: https://ds8tuylnjknkd.cloudfront.net/script.js?ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:07:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:15:31 GMT
server: nginx
etag: W/"642e8db3-16298"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 07 Apr 2023 13:07:19 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame E447 15 KB
6 KB 71ms
25ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=users.wefindfreedom.shop

Requested by

Host: ds8tuylnjknkd.cloudfront.net
URL: https://ds8tuylnjknkd.cloudfront.net/script.js?ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://users.wefindfreedom.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 06 Apr 2023 13:07:19 GMT
server: Kestrel
server-processing-duration-in-ticks: 388292
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.132.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 398ms
196ms XHR
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.132.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.132.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://users.wefindfreedom.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:07:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:15:31 GMT
server: nginx
etag: W/"642e8db3-16298"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 07 Apr 2023 13:07:20 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame E447
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=wefindfreedom.shop&sn=ChromeSyncframe&so=0&topUrl=users.wefindfreedom.shop&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=aHryh3wyM3BBZnBvNzlnVnRYNVAwTEJKQnNXM05LdElyUXBoK25ZbTkyUDU4eU9zeS9QbnJ1NytBeWIwc1JmVHlWa3VaY0QwejVWWDRNMys0UHczZjU4bFVvdjRyMkRhbkg5NWRhNGZKTStUOUVidkxrZTVJd05HYi9PdX...

446 B
670 B

306ms
20ms

Fetch
application/json

178.250.7.13

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=aHryh3wyM3BBZnBvNzlnVnRYNVAwTEJKQnNXM05LdElyUXBoK25ZbTkyUDU4eU9zeS9QbnJ1NytBeWIwc1JmVHlWa3VaY0QwejVWWDRNMys0UHczZjU4bFVvdjRyMkRhbkg5NWRhNGZKTStUOUVidkxrZTVJd05HYi9PdXNyVDZjL0VFZ3IrWlpya0R0eW1SekxrSlhwSlVaYWtJNDU0MlJNYjU5ZGVQTVA1UzkyVmp4M1REYXQ4SXVOV0grcU1oVlRIdzRLMWhJbzE0OUIyQjRDVDVVSW5Kbms2dnBJUmNxSHhFRUJPODBpbDFYaDN4aDhrWFJKbEhyUmlvTFhiS1g5UXNHWldUWi9CdWFyNWtzQzdUZFNlaU5MZFg4RitYcVNOclorRXpTMTNnTTJ6bz18&cppv=2

Protocol

Server

178.250.7.13 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

7047a3ef25f4d832a4c950890460ef664dc0c170db2f8f0c487190294e05649c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 13:07:19 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1702984
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 06 Apr 2023 13:07:19 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=aHryh3wyM3BBZnBvNzlnVnRYNVAwTEJKQnNXM05LdElyUXBoK25ZbTkyUDU4eU9zeS9QbnJ1NytBeWIwc1JmVHlWa3VaY0QwejVWWDRNMys0UHczZjU4bFVvdjRyMkRhbkg5NWRhNGZKTStUOUVidkxrZTVJd05HYi9PdXNyVDZjL0VFZ3IrWlpya0R0eW1SekxrSlhwSlVaYWtJNDU0MlJNYjU5ZGVQTVA1UzkyVmp4M1REYXQ4SXVOV0grcU1oVlRIdzRLMWhJbzE0OUIyQjRDVDVVSW5Kbms2dnBJUmNxSHhFRUJPODBpbDFYaDN4aDhrWFJKbEhyUmlvTFhiS1g5UXNHWldUWi9CdWFyNWtzQzdUZFNlaU5MZFg4RitYcVNOclorRXpTMTNnTTJ6bz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 321409
content-length: 0
expires: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 5027 16 KB
6 KB 110ms
28ms Document
text/html 23.35.236.201

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161291
Requested by: Host: ds8tuylnjknkd.cloudfront.net
URL: https://ds8tuylnjknkd.cloudfront.net/script.js?ver=6.1.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://users.wefindfreedom.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=46286
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 06 Apr 2023 13:07:21 GMT
expires: Fri, 07 Apr 2023 01:58:47 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 usersync.html Show response
ad-cdn.technoratimedia.com/html/ Frame 1FA4 21 KB
7 KB 110ms
20ms Document
text/html 2606:2800:233:f76:14f7:d635:25c4:c8d7

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_7.31.0-PPI
Requested by: Host: ds8tuylnjknkd.cloudfront.net
URL: https://ds8tuylnjknkd.cloudfront.net/script.js?ver=6.1.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:f76:14f7:d635:25c4:c8d7 -, , ASN (),
Reverse DNS
Software: ECAcc (paa/6F46) /
Resource Hash: 0f4328dd583577482da89d8af94cd1146cec997553dd53bc2f9ee3d406cfa9ce

Request headers

Referer: https://users.wefindfreedom.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,date,etag,opc-client-info,opc-request-id,x-api-id
age: 312
cache-control: max-age=900
content-encoding: gzip
content-length: 6755
content-md5: HcWFhk+tXaF3NZt1fPMIOA==
content-type: text/html; charset=utf-8
date: Thu, 06 Apr 2023 13:07:21 GMT
etag: 9f484a91-0039-4789-8873-641b0861cba7
expires: Thu, 06 Apr 2023 13:22:21 GMT
last-modified: Thu, 02 Feb 2023 14:10:57 GMT
opc-request-id: iad-1:68qxJSFXvgE1ohbyZs49KflkVFzI97kc1sKWYLPbbLUXmWZaLjxRDP9Pzwcyujue
server: ECAcc (paa/6F46)
storage-tier: Standard
vary: Accept-Encoding
version-id: 68d8e56e-76a4-4241-8b88-07572b4580e7
x-api-id: native
x-cache: HIT

GET
H2 200 sync Show response
eb2.3lift.com/ Frame CEDE 37 B
140 B 105ms
31ms Document
image/gif 13.248.245.213

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: ds8tuylnjknkd.cloudfront.net
URL: https://ds8tuylnjknkd.cloudfront.net/script.js?ver=6.1.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://users.wefindfreedom.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Thu, 06 Apr 2023 13:07:21 GMT

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 20BC 0
91 B 37ms
30ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: ds8tuylnjknkd.cloudfront.net
URL: https://ds8tuylnjknkd.cloudfront.net/script.js?ver=6.1.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://users.wefindfreedom.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Thu, 06 Apr 2023 13:07:21 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame DC5A 281 B
554 B 102ms
31ms Document
text/html 104.126.125.209

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: ds8tuylnjknkd.cloudfront.net
URL: https://ds8tuylnjknkd.cloudfront.net/script.js?ver=6.1.1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.125.209 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://users.wefindfreedom.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 06 Apr 2023 13:07:21 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 0FAC 52 KB
17 KB 86ms
22ms Document
text/html 151.101.65.108

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ds8tuylnjknkd.cloudfront.net
URL: https://ds8tuylnjknkd.cloudfront.net/script.js?ver=6.1.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://users.wefindfreedom.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 21201
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 06 Apr 2023 13:07:21 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 29 Mar 2023 07:13:44 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 292, 105020
X-Served-By: cache-lga13626-LGA, cache-cdg20737-CDG
X-Timer: S1680786442.637546,VS0,VE0

GET
H2 200 visitormatch Show response
bh.contextweb.com/ Frame 16BD 27 B
650 B 338ms
89ms Document
text/html 198.148.27.139

General

Check archive.org

Show headers Download Go to

Full URL

https://bh.contextweb.com/visitormatch

Requested by

Host: ds8tuylnjknkd.cloudfront.net
URL: https://ds8tuylnjknkd.cloudfront.net/script.js?ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 -, , ASN (),

Reverse DNS

Software

Jetty(10.0.14) /

Resource Hash

ec2f44e7dbd2ebb1268ac7e7a0602ec2106bc7fd9da17b9012db81be55cbd485

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://users.wefindfreedom.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control: private, max-age=0, no-cache, no-store
content-language: fr-FR
content-type: text/html;charset=iso-8859-1
cw-server: bh-deployment-6d845559f5-sbxck
expires: -1
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server: Jetty(10.0.14)
strict-transport-security: max-age=15768000

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 1576 3 KB
2 KB 93ms
31ms Document
text/html 104.18.10.47

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: ds8tuylnjknkd.cloudfront.net
URL: https://ds8tuylnjknkd.cloudfront.net/script.js?ver=6.1.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.47 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://users.wefindfreedom.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 152
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7b3a40dc3fbc00a0-CDG
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 06 Apr 2023 13:07:21 GMT
expires: Thu, 06 Apr 2023 17:07:21 GMT
last-modified: Mon, 25 Jul 2022 19:18:30 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET

sync
x.bidswitch.net/
Redirect Chain

https://x.bidswitch.net/sync?ssp=themediagrid
https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dthemediagrid%26bsw_param%3D4242bcaa-d57b-4c04-9dd6-a217c5...
https://x.bidswitch.net/sync?dsp_id=80&user_id=7f8b642e-c40a-4f00-82ff-ba86bc1572c0&expires=30&ssp=themediagrid&bsw_param=4242bcaa-d57b-4c04-9dd6-a217c54dd656&gdpr=&gdpr_consent=

0
0

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 0FAC
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
930 B

25ms
24ms

Script
text/html

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Apr 2023 13:07:21 GMT
AN-X-Request-Uuid: ca5b5abb-7862-4cd9-8b6d-269c2b37316b
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 37.59.164.98; 37.59.164.98; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 06 Apr 2023 13:07:21 GMT
AN-X-Request-Uuid: 3a15f079-6cfb-4e6f-9a3c-2374538a6b7f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.59.164.98; 37.59.164.98; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame DC5A 34 KB
10 KB 21ms
21ms Script
text/html 104.126.125.209

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.125.209 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 247198729eb208f121bb2afb84209287356fca8b7c0f31ccad61caf36936ae92

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 06 Apr 2023 13:07:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Apr 2023 19:42:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=23643
Connection: keep-alive
Content-Length: 10015
Expires: Thu, 06 Apr 2023 19:41:24 GMT

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 6F43
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fusers.wefindfreedom.shop%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fusers.wefindfreedom.shop%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
2 KB

38ms
37ms

Document
text/html

185.80.39.216

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fusers.wefindfreedom.shop%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 69b8bde45d42a64e5e0c8d47895dcb09e1ec44fa5e104d885cfc757521a57053

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1766
Content-Type: text/html
Date: Thu, 06 Apr 2023 13:07:21 GMT
Expires: 0
Keep-Alive: timeout=1, max=499
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

Redirect headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 06 Apr 2023 13:07:21 GMT
Expires: 0
Keep-Alive: timeout=1, max=500
Location: /usermatch?d=https%3A%2F%2Fusers.wefindfreedom.shop%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 5027 2 KB
3 KB 73ms
20ms Script
text/html 198.47.127.19

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=32271868&p=161291&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161291
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 540e78b4b2df2393fd47e0963337c796a00dd742a05dd5052bec799fea679b7b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 06 Apr 2023 13:07:21 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET pubmatic
d5p.de17a.com/getuid/ Frame CCF4 0
0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame 7BD1
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:71d3642e-c40a-4100-9986-d7b713b1ca16&gdpr=0&gdpr_consent=

0
0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame 86B0
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

0
0

GET p-5aWVS_roA1dVM.gif
cms.quantserve.com/pixel/ Frame 577E 0
0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame F09B
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7058026853928816852&gdpr=0&gdpr_consent=

0
0

GET pixel
cm.g.doubleclick.net/ Frame 5027 0
0

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame 5027 0
0 115ms
33ms Image
image/gif 34.252.10.35

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0CB4DF77-0B83-41D0-9C20-DEF8DE035B47&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161291
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.10.35 -, , ASN (),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Apr 2023 13:07:21 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.3.82
content-length: 49
expires: 0

GET

cr
cr.frontend.weborama.fr/ Frame 5027
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3496521552

0
0

GET match
a.audrte.com/ Frame 5027 0
0

GET

Pug
image2.pubmatic.com/AdServer/ Frame 5027
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MENCNERGNzctMEI4My00MUQwLTlDMjAtREVGOERFMDM1QjQ3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

0
0

GET

Pug
image2.pubmatic.com/AdServer/ Frame 5027
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENP8YY5uV18b4cHryMAyL5M&google_cver=1

0
0

GET
H2 200 pubmatic
um.simpli.fi/ Frame 5027 43 B
612 B 109ms
29ms Image
image/gif 35.204.74.118

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161291

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 -, , ASN (),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:07:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 05 Apr 2023 13:07:21 GMT

GET match
c1.adform.net/serving/cookie/ Frame 5027 0
0

GET generic
match.adsrvr.org/track/cmf/ Frame 5027 0
0

GET token
token.rubiconproject.com/ Frame DC5A 0
0

GET dcm
s.amazon-adsystem.com/ Frame DC5A 0
0

GET token
token.rubiconproject.com/ Frame DC5A 0
0

GET rubicon
match.adsrvr.org/track/cmf/ Frame DC5A 0
0

GET token
token.rubiconproject.com/ Frame DC5A 0
0

GET dcm
aax-eu.amazon-adsystem.com/s/ Frame DC5A 0
0

GET

tap.php
pixel.rubiconproject.com/ Frame DC5A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEE9lZ7-bHZvsKBp7mEHOdbc&google_cver=1

0
0

GET rrum
dsum-sec.casalemedia.com/ Frame 6F43 0
0

GET casale
match.adsrvr.org/track/cmf/ Frame 6F43 0
0

GET dcm
s.amazon-adsystem.com/ Frame 6F43 0
0

GET pixel
cm.g.doubleclick.net/ Frame 6F43 0
0

GET sync
ups.analytics.yahoo.com/ups/55940/ Frame 6F43 0
0

GET current
casale-match.dotomi.com/match/bounce/ Frame 6F43 0
0

GET index
dmp.brand-display.com/cm/api/ Frame 6F43 0
0

GET cm
p.rfihub.com/ Frame 6F43 0
0

GET htw-pixel.gif
cdn.indexww.com/ht/ Frame 6F43 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.ask.com
URL: https://www.ask.com/wp-admin/admin-ajax.php

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/sync?dsp_id=80&user_id=7f8b642e-c40a-4f00-82ff-ba86bc1572c0&expires=30&ssp=themediagrid&bsw_param=4242bcaa-d57b-4c04-9dd6-a217c54dd656&gdpr=&gdpr_consent=

Domain: d5p.de17a.com
URL: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:71d3642e-c40a-4100-9986-d7b713b1ca16&gdpr=0&gdpr_consent=

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Domain: cms.quantserve.com
URL: https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7058026853928816852&gdpr=0&gdpr_consent=

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DLTfdwuDQdCcIN743gNbRw%3D%3D&gdpr=0&gdpr_consent=

Domain: cr.frontend.weborama.fr
URL: https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3496521552

Domain: a.audrte.com
URL: https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=0CB4DF77-0B83-41D0-9C20-DEF8DE035B47

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENP8YY5uV18b4cHryMAyL5M&google_cver=1

Domain: c1.adform.net
URL: https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent=

Domain: match.adsrvr.org
URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=

Domain: token.rubiconproject.com
URL: https://token.rubiconproject.com/token?pid=36584

Domain: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=

Domain: token.rubiconproject.com
URL: https://token.rubiconproject.com/token?pid=25470

Domain: token.rubiconproject.com
URL: https://token.rubiconproject.com/token?pid=2249&pt=n

Domain: match.adsrvr.org
URL: https://match.adsrvr.org/track/cmf/rubicon

Domain: token.rubiconproject.com
URL: https://token.rubiconproject.com/token?pid=2974&pt=n&a=1

Domain: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=

Domain: pixel.rubiconproject.com
URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEE9lZ7-bHZvsKBp7mEHOdbc&google_cver=1

Domain: dsum-sec.casalemedia.com
URL: https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D

Domain: match.adsrvr.org
URL: https://match.adsrvr.org/track/cmf/casale

Domain: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZC7ECaJq8kAVY8qchid9pAAAFLQAAAIB&gpp=&gpp_sid=

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZC7ECaJq8kAVY8qchid9pAAAFLQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZC7ECaJq8kAVY8qchid9pAAAFLQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Domain: casale-match.dotomi.com
URL: https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1

Domain: dmp.brand-display.com
URL: https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e

Domain: p.rfihub.com
URL: https://p.rfihub.com/cm?in=1&pub=2079

Domain: cdn.indexww.com
URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZC7ECaJq8kAVY8qchid9pAAA%265300

Verdicts & Comments Add Verdict or Comment

155 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
users.wefindfreedom.shop/	1970-01-20 19:38:42	Name: _pxhd Value: 1ee1b4d31dcaf119954372176d5af23467244293be6cd578eea3b933a70b7b5f:f34394a7-d47b-11ed-a22d-716566665550
users.wefindfreedom.shop/	1969-12-31 23:59:59	Name: iac_o Value: 0
users.wefindfreedom.shop/	1969-12-31 23:59:59	Name: rtb Value: 20000
.wefindfreedom.shop/	1970-01-20 20:29:06	Name: _ga Value: GA1.2.1598447398.1680786436
.wefindfreedom.shop/	1970-01-20 10:54:32	Name: _gid Value: GA1.2.2086104710.1680786436
.contextweb.com/	1970-01-20 19:31:30	Name: V Value: J8rzxisHObq0
.go.sonobi.com/	1970-01-20 11:36:18	Name: __uis Value: 59b97b59-2f79-4844-b333-67f171bb1061
.go.sonobi.com/	1970-01-20 10:54:32	Name: _usd_users.wefindfreedom.shop Value: 4d267b05-dd29-45f5-ab94-5ce6d775bcb4
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s85142\|ZC7EB
.wefindfreedom.shop/	1970-01-20 10:53:06	Name: _dc_gtm_UA-190343097-163 Value: 1
.rubiconproject.com/	1970-01-20 19:38:42	Name: khaos Value: LG54UIHB-1-2WWH
.rubiconproject.com/	1970-01-20 19:38:42	Name: audit Value: 1\|hLZGFuTafB3ZEdt8BsVyWRB7cS23Qz/c+yqNcA0fc/aL8Ay8O3JU85gAzgBIwY4ljh0kg4pbnTPGF3CnBWQAX0t3kPIl9SgeJhsHlJbldDe5llOuKLVB7g==
.technoratimedia.com/	1970-01-20 20:29:06	Name: tads_uid Value: GDPR
.doubleclick.net/	1970-01-20 10:53:07	Name: test_cookie Value: CheckForPermission
.wefindfreedom.shop/	1970-01-20 20:14:42	Name: __gads Value: ID=66f55ccf5fa0b5d0:T=1680786436:S=ALNI_MZGV7AT8Zdnw_ErOdvhRL-afzPXLA
.wefindfreedom.shop/	1970-01-20 20:14:42	Name: __gpi Value: UID=00000bfc2907048d:T=1680786436:RT=1680786436:S=ALNI_MbjfdK5cz4QtXUPi5b1w1dVmAEvcQ
.criteo.com/	1970-01-20 20:14:42	Name: uid Value: 3a95d465-98fb-4d8b-909a-eaa42d36ac84
.wefindfreedom.shop/	1970-01-20 20:14:42	Name: cto_bundle Value: gnniu18ybzlxak81YWdSTWFKNmVpQkNwbGp3WTFiUWFKV3cwYkZLOEtmYVBsJTJCeExCRDhXbk1VaUJkUGNDN0ZzS0t5dGxuZWl2OVkyRzd4M2g0M2hvNENsWCUyRmN3MWNPWDFYMXdraUNLamp6Ukx1MUYySTgyQVBLNVNYUDR0bzI0Q29PSDh2NjNqYmQ5blJJRXVLJTJCSjZnUXRYVk5VVFdSR1dMS3JNS1dVNDZBR2wzVFklM0Q

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://ds8tuylnjknkd.cloudfront.net/script.js?ver=6.1.1 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ds8tuylnjknkd.cloudfront.net/script.js?ver=6.1.1 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid-server.rubiconproject.com/cookie_sync Message: Failed to load resource: the server responded with a status of 400 ()
javascript	error	URL: https://users.wefindfreedom.shop/ Message: Access to XMLHttpRequest at 'https://www.ask.com/wp-admin/admin-ajax.php' from origin 'https://users.wefindfreedom.shop' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.ask.com/wp-admin/admin-ajax.php Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://askmedia.technoratimedia.com/openrtb/bids/askmedia?src=prebid_prebid_7.31.0-PPI Message: Failed to load resource: the server responded with a status of 458 ()
network	error	URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0CB4DF77-0B83-41D0-9C20-DEF8DE035B47&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.teads.tv
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-cdn.technoratimedia.com
ads.pubmatic.com
adservice.google.com
adservice.google.fr
apex.go.sonobi.com
ask-media-group-d.openx.net
askmedia.technoratimedia.com
bh.contextweb.com
bid.contextweb.com
bidder.criteo.com
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
casale-match.dotomi.com
cdn.indexww.com
cm.g.doubleclick.net
cms.quantserve.com
cr.frontend.weborama.fr
d5p.de17a.com
dmp.brand-display.com
ds8tuylnjknkd.cloudfront.net
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
f57eb95add9c67446aeb61da9559c3da.safeframe.googlesyndication.com
fastlane.rubiconproject.com
grid.bidswitch.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
image2.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
match.adsrvr.org
micro.rubiconproject.com
mug.criteo.com
p.rfihub.com
pagead2.googlesyndication.com
parallax.askmediagroup.com
pixel.rubiconproject.com
pixel.wp.com
prebid-a.rubiconproject.com
prebid-server.rubiconproject.com
prebid.ad.smaato.net
prg.smartadserver.com
s.amazon-adsystem.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
stats.wp.com
sync.crwdcntrl.net
targeting.unrulymedia.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
users.wefindfreedom.shop
web.hb.ad.cpe.dotomi.com
www.ask.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
a.audrte.com
aax-eu.amazon-adsystem.com
c1.adform.net
casale-match.dotomi.com
cdn.indexww.com
cm.g.doubleclick.net
cms.quantserve.com
cr.frontend.weborama.fr
d5p.de17a.com
dmp.brand-display.com
dsum-sec.casalemedia.com
image2.pubmatic.com
match.adsrvr.org
p.rfihub.com
pixel.rubiconproject.com
s.amazon-adsystem.com
simage2.pubmatic.com
token.rubiconproject.com
ups.analytics.yahoo.com
www.ask.com
x.bidswitch.net
104.126.125.209
104.18.10.47
104.18.25.185
108.138.1.25
13.248.245.213
151.101.2.114
151.101.65.108
178.250.7.13
178.32.225.161
18.185.81.93
185.64.189.112
185.80.39.216
192.0.76.3
198.148.27.134
198.148.27.139
198.47.127.19
2.18.232.7
213.19.147.43
23.2.211.147
23.35.236.201
2600:9000:223d:9c00:16:4f4c:d340:21
2602:803:c004:200::140
2603:c020:400d:3000:f50:982a:7877:65bd
2606:2800:233:f76:14f7:d635:25c4:c8d7
2620:100:a001::18
2620:100:a001::4
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:812::2001
2a00:1450:4001:813::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:400c:c00::9b
2a02:2638:d::d
2a02:fa8:8806:20::2100
3.121.0.176
3.126.10.14
3.64.122.52
3.66.151.117
34.252.10.35
34.95.69.49
34.98.64.218
35.204.74.118
37.252.171.85
52.222.247.205
52.51.163.12
69.166.1.9
81.17.55.113
01073f53cf528369f725936b73afd8786d3e6f6a4b15001f6c1800e0a1c66de1
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b3ea9b150cca3644176f60aff78a6f54b41a63a92e05efab7edf99d120fc9a7
0d66c9c18626a264294a03e880ab22ed8b172a9c4dc0513271f3540662672b4d
0f4328dd583577482da89d8af94cd1146cec997553dd53bc2f9ee3d406cfa9ce
0f4e4770d641985de524f7fa7889e2f84268d3d1407fe199d113668e76b53f53
108834498b7737aadfc5c1ef8cd6fc2201ec5b4796ba6927542c2fb13db67bd8
12f7bdfcf1b22ff2011197856a490397f310fda5dac7edb4cbdee9a968f2101d
21cccc8fea94a86c191cd41060d5b6d9302821b7c3dcb5bc14792288bac2b258
22482584aeaa7b1d74de072793246c65e38b402ac231f38bb0d9102802543230
23b645615a0ebe4470f6653f88ab141fe7dfc44f60647797da24673c529c92bd
247198729eb208f121bb2afb84209287356fca8b7c0f31ccad61caf36936ae92
26c0204bbecb256f71fa50a3f0facced7e6d4d76a8af54d2ea72c8617847c990
2f721af828ff1c2c8fda9cd2e8b1897fdd70775e023d1f06c6ed23e41639108d
345a17546f92b21289d0c70b850878314163e789e59a735ed878671eb6e4ee57
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3f96d9b1f23b1550c3c38e9f8d6022718a25971e3957ac304ac6bde6374ff238
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4c294eb370e855b72fc34c1c8a50001ffe93653542d4d87d47bd8328ceb00558
5056f93d2315caf4c9d3a9c6a47f7b7ecbb29d2544909b9b1f296f6ab17e6b29
50f8d2e207b2e0ab4f7b14e230601cb54e0695887cd79a5c299528f55df45b6f
521456997880d55855fed0fce6e1110f9b5f4c911bab32f33b559eb253cfb8ee
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
540e78b4b2df2393fd47e0963337c796a00dd742a05dd5052bec799fea679b7b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55f9ec1cd4ded7b18259e25423314056adaeab81c78fa6e102d3cd2d62c6c220
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5dfeec9ed4b15a00f1c737dca0d2f0169a17d8d15609646e67fa4ac26cac967e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
638ecb2ff7e389f441b39af208f02d3056b8ff03fd7d3c1de4636cd9d89c6ba6
63bc69ccb53e95975bbb50505e31f4fa460a8f9e4ca8457cefaf69293272beec
69b8bde45d42a64e5e0c8d47895dcb09e1ec44fa5e104d885cfc757521a57053
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7047a3ef25f4d832a4c950890460ef664dc0c170db2f8f0c487190294e05649c
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
748f5b480a2fb290f40033d36e98e336ffff8228968db609011eaec1f0dfe295
78ab5380bd7554e999492526feb98a3928f42de9b85e4c2f559ae8b3168a5f20
7b0b827e47592c243203328f1db86de6e25351f3c0bb2f2bfd2fe38d056aff52
7bfecb65b6afdd4ce98806c8d46caf08cc98a0151b85aa42981c85c7b6da4621
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86ba470b1c795a6d14cf48a7768395bcaf8e3ab8a2bc9ab4c25492b92852f453
873de681bf771d021402cd6b7d5aa616786b5c18ef53d0fd881d6999ff333884
89939cc6d812a358c0c8f29c0306e6ae0fb5567e4ccb61ca56e24a7065dd94ea
90f1daad53641ad4ea822b6bdebd1e7d21f9c29d1a4f1d76ad2f269554188b66
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
94cc1168087b7f6f44237ac46f936701ce89bcbf16ebfc02899ee4aeb6dc9e2b
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4
991fe33155584583fa75319093a543a4f074e91a7db90ab8b6fbb2f39aa1023d
9ef218450b346e2c5057382d12df51bb23d9501d28a59cc53b7228c419e01d71
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
ab380aa38b1c733a369cc7d12f8443ad80831cb683cc362a8dbc340700fd6f87
abe02e6ee7bd919db1e0a04a2433cb377386d6b17454f63b2bcc4925456afd44
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
b15ffa36bf69c1686dc556549e885542f1e6057537380cbc43ad51767c5cf3b6
b249948785a88546dfcec58f815c274126c8b2522b705f5aaf0b066c7ce681bd
b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbee96a59467983ed98adc79fbfbc72446a8debb315396444fe11f256c0b2144
bccab5ec95e922c4d7d877ff9547d42f8f36858c501608204ebdddaecab01a30
c0903487babee17c7bb06f6bc0911852dec1b0d2a1e22440d62ea0af976d310e
c096a407308f10208f1283bf386d16fa88753abe15d84e7bbd4e16e8e7a4ef3e
c1f676248bf63bd46503108e517f1151c7aa0653dafe65efd68d351b3c4d4750
c73517454446a5358ddf041e3a1d40338e416d1c121f895751019d9f1873fc38
cbfb8aee274b4fd8bf965693eb6a94de09b9b7af97aaffa18306535b4d5b8002
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d15eecb627e39f1e52a9a84582119234114fb09e3c7ae973567bd2df44aa17db
d40e1a7003036adfb1fbe67a86c3cbcbcae217c5f8ba5bb5e64e50331c880bcd
d428ed4d0176fd522f7e70ce795fb03b5e277e027e730dcba39f37be33c2b01e
d567651ab435a32cd8a15341024837915c6b6c6f9939a1a1945e0fc4efea0f61
d6a0ccee31f397086765dfacf790871ff937c6bc8db532880b8b3612ceed4a72
d92391651c0491a811ca6e8ce8d073ca50a58c2fbdeff42cac9375cc2d95f140
d95e5dda15f3aa037c751de4327ec7a0cd7c1b47e20f4cd8c4f72bb606d7d10a
def3ef41357c0137f5d9232f002b37d9e13f50c75fcd3ad10f9163ccc975fb89
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8eaae534598d47473449cbb5fd8d4a91f4c625081e5202da0e15db59b1cac7c
ec2f44e7dbd2ebb1268ac7e7a0602ec2106bc7fd9da17b9012db81be55cbd485
ecbff4ec6aff5ba6fce2f40b39d8805d7d9acff780f31614adcb29706d936f5d
f098489519769f020fe8faeb92a626ac3b18d99168bc7862fc4093983d0c32c5
f1a5e0d1575ac8268ebf75be867fde063948652a8c8bc6bbf4b3c49fdff25150
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4a2dfbe99a1577d48502b54a992d7d510029544d78fc37ad3ceb48c77f6506b
f6a414a28c79444c3503197f92a8bf24b9dcd73701d4da8b020b6dba2ca9c728
fdf3d3a1e1f97ab95fc14893922fe4f1b792501744f37d6dd6c14e40ebe3b99e

users.wefindfreedom.shop Open in urlscan Pro 178.32.225.161 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

150 Requests

78 %HTTPS

37 %IPv6

44 Domains

75 Subdomains

53 IPs

9 Countries

1595 kBTransfer

3651 kBSize

18 Cookies

53 Outgoing links

Redirected requests

150 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

users.wefindfreedom.shop Open in urlscan Pro
178.32.225.161 Public Scan

Screenshot
Live screenshot

Full Image

150
Requests

78 %
HTTPS

37 %
IPv6

44
Domains

75
Subdomains

53
IPs

9
Countries

1595 kB
Transfer

3651 kB
Size

18
Cookies

150 HTTP transactions
0 data transactions