ask.fm Open in urlscan Pro
193.138.77.145 Public Scan

URL:
https://ask.fm/budgetpaint63531
Submission: On July 08 via manual (July 8th 2021, 3:21:11 pm UTC) from US

Summary HTTP 94 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 30 IPs in 9 countries across 35 domains to perform 94 HTTP transactions. The main IP is 193.138.77.145, located in Latvia and belongs to ASK-FM, US. The main domain is ask.fm.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on July 30th 2020. Valid for: a year.

This is the only time ask.fm was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	193.138.77.145 193.138.77.145	395754 (ASK-FM) (ASK-FM)
9	2600:9000:21f... 2600:9000:21f3:8c00:11:3771:2e40:21	16509 (AMAZON-02) (AMAZON-02)
3 11	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:4000:6:b871:4f00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:21f... 2600:9000:21f3:fc00:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a04:4e42:1b:... 2a04:4e42:1b::485	54113 (FASTLY) (FASTLY)
6	78.140.185.32 78.140.185.32	35415 (WEBZILLA) (WEBZILLA)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2606:4700:10:... 2606:4700:10::6816:37ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.37.38.181 23.37.38.181	16625 (AKAMAI-AS) (AKAMAI-AS)
1 12	2606:4700:20:... 2606:4700:20::681a:34e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.157.4.25 37.157.4.25	198622 (ADFORM) (ADFORM)
4	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
4 8	37.252.172.45 37.252.172.45	29990 (ASN-APPNEX) (ASN-APPNEX)
6	136.144.59.88 136.144.59.88	54825 (PACKET) (PACKET)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
6 19	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
3 3	18.197.47.23 18.197.47.23	16509 (AMAZON-02) (AMAZON-02)
6 6	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2 2	35.170.124.134 35.170.124.134	14618 (AMAZON-AES) (AMAZON-AES)
2	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	208.100.17.178 208.100.17.178	32748 (STEADFAST) (STEADFAST)
1	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
6 6	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2 4	52.46.130.13 52.46.130.13	16509 (AMAZON-02) (AMAZON-02)
2	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
1 1	185.183.112.148 185.183.112.148	60350 (VP) (VP)
2	35.241.40.233 35.241.40.233	15169 (GOOGLE) (GOOGLE)
1 1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	54.78.251.22 54.78.251.22	16509 (AMAZON-02) (AMAZON-02)
1	173.231.181.122 173.231.181.122	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2 2	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
94	30

4 193.138.77.145 (Latvia)

ASN395754 (ASK-FM, US)

ask.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:21f3:8c00:11:3771:2e40:21 (United States)

ASN16509 (AMAZON-02, US)

d3r6ceqp4shltl.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:4000:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:fc00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 78.140.185.32 (Netherlands)

ASN35415 (WEBZILLA, NL)
PTR: ap8.adplayer.pro

serving.stat-rock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:37ce (United States)

ASN13335 (CLOUDFLARENET, US)

i.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-eu.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:34e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

useast.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ms.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.252.172.45 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 136.144.59.88 (Secaucus, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2.18.234.21 (Frankfurt am Main, Germany) 6 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.80 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 72.251.249.13 (Amsterdam, Netherlands) 4 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.197.47.23 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.156.0.31 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.170.124.134 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)

nep.advangelists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.178 (United States)

ASN32748 (STEADFAST, US)
PTR: ip178.208-100-17.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.162 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.46.130.13 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.183.112.148 (France) 1 redirects

ASN60350 (VP, FR)

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.40.233 (Kansas City, United States)

ASN15169 (GOOGLE, US)

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.251.22 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.231.181.122 (United States)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	casalemedia.com 6 redirects htlb.casalemedia.com ssum.casalemedia.com ssum-sec.casalemedia.com dsum-sec.casalemedia.com	19 KB
12	quantumdex.io 1 redirects useast.quantumdex.io sync.quantumdex.io ms.quantumdex.io	5 KB
9	adnxs.com 4 redirects ib.adnxs.com acdn.adnxs.com	24 KB
9	yandex.com 2 redirects mc.yandex.com	3 KB
9	cloudfront.net d3r6ceqp4shltl.cloudfront.net	233 KB
6	doubleclick.net 6 redirects cm.g.doubleclick.net	1 KB
6	yahoo.com 6 redirects ups.analytics.yahoo.com	5 KB
6	a-mo.net prebid.a-mo.net	1 KB
6	stat-rock.com serving.stat-rock.com	96 KB
4	amazon-adsystem.com 2 redirects s.amazon-adsystem.com	2 KB
4	lijit.com 4 redirects ap.lijit.com	2 KB
4	pubmatic.com 2 redirects image2.pubmatic.com ads.pubmatic.com image6.pubmatic.com	6 KB
4	onetag-sys.com onetag-sys.com	2 KB
4	criteo.com 1 redirects gum.criteo.com mug.criteo.com	1 KB
4	ask.fm ask.fm	22 KB
3	advertising.com 3 redirects pixel.advertising.com	1 KB
3	connectad.io i.connectad.io cdn.connectad.io sync-eu.connectad.io	1 KB
3	optad360.io cmp.optad360.io get.optad360.io	225 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	641 B
2	brand-display.com dmp.brand-display.com	404 B
2	adsrvr.org match.adsrvr.org	529 B
2	sonobi.com sync.go.sonobi.com	1 KB
2	advangelists.com 2 redirects nep.advangelists.com	457 B
2	indexww.com js-sec.indexww.com	2 KB
2	facebook.net connect.facebook.net	68 KB
2	yandex.ru 1 redirects mc.yandex.ru	71 KB
1	adgrx.com cm.adgrx.com	408 B
1	adroll.com 1 redirects d.adroll.com	112 B
1	sitescout.com 1 redirects pixel-sync.sitescout.com	299 B
1	adotmob.com 1 redirects sync.adotmob.com	689 B
1	33across.com ssc-cms.33across.com	3 KB
1	adform.net adx.adform.net	449 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	facebook.com www.facebook.com	147 B
1	googletagmanager.com www.googletagmanager.com	33 KB
94	35

	Domain	Requested by
10	dsum-sec.casalemedia.com	3 redirects ssum-sec.casalemedia.com
10	sync.quantumdex.io	get.optad360.io sync.quantumdex.io ssum-sec.casalemedia.com
9	mc.yandex.com	2 redirects ask.fm mc.yandex.ru
9	d3r6ceqp4shltl.cloudfront.net	ask.fm d3r6ceqp4shltl.cloudfront.net
8	ib.adnxs.com	4 redirects get.optad360.io acdn.adnxs.com
6	cm.g.doubleclick.net	6 redirects
6	ups.analytics.yahoo.com	6 redirects
6	prebid.a-mo.net	get.optad360.io
6	serving.stat-rock.com	get.optad360.io
5	ssum-sec.casalemedia.com	1 redirects sync.quantumdex.io js-sec.indexww.com ssum-sec.casalemedia.com
4	s.amazon-adsystem.com	2 redirects ssum-sec.casalemedia.com
4	ap.lijit.com	4 redirects
4	onetag-sys.com	get.optad360.io sync.quantumdex.io
4	ask.fm	d3r6ceqp4shltl.cloudfront.net serving.stat-rock.com
3	pixel.advertising.com	3 redirects
2	sync-tm.everesttech.net	2 redirects
2	dmp.brand-display.com	ssum-sec.casalemedia.com
2	match.adsrvr.org	ssum-sec.casalemedia.com
2	sync.go.sonobi.com	sync.quantumdex.io
2	nep.advangelists.com	2 redirects
2	ssum.casalemedia.com	2 redirects
2	image2.pubmatic.com	2 redirects
2	js-sec.indexww.com	get.optad360.io ssum-sec.casalemedia.com
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	get.optad360.io	d3r6ceqp4shltl.cloudfront.net get.optad360.io
2	connect.facebook.net	d3r6ceqp4shltl.cloudfront.net connect.facebook.net
2	mc.yandex.ru	1 redirects d3r6ceqp4shltl.cloudfront.net
1	cm.adgrx.com	ssum-sec.casalemedia.com
1	d.adroll.com	1 redirects
1	pixel-sync.sitescout.com	1 redirects
1	sync.adotmob.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	ssc-cms.33across.com	sync.quantumdex.io
1	ads.pubmatic.com	sync.quantumdex.io
1	ms.quantumdex.io	1 redirects
1	sync-eu.connectad.io	cdn.connectad.io
1	acdn.adnxs.com	get.optad360.io
1	cdn.connectad.io	get.optad360.io
1	adx.adform.net	get.optad360.io
1	useast.quantumdex.io	get.optad360.io
1	htlb.casalemedia.com	get.optad360.io
1	i.connectad.io	get.optad360.io
1	cdn.jsdelivr.net	get.optad360.io
1	www.facebook.com
1	cmp.optad360.io	d3r6ceqp4shltl.cloudfront.net
1	www.googletagmanager.com	d3r6ceqp4shltl.cloudfront.net
94	47

This site contains links to these domains. Also see Links.

Domain
about.ask.fm
lap78.ask.fm
safety.ask.fm
support.ask.fm
www.facebook.com
instagram.com
twitter.com
vk.com

Subject Issuer	Validity	Valid
*.ask.fm AlphaSSL CA - SHA256 - G2	`2020-07-30` - `2021-09-27`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.optad360.io Amazon	`2020-12-17` - `2022-01-15`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
serving.stat-rock.com R3	`2021-06-20` - `2021-09-18`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
connectad.io Cloudflare Inc ECC CA-3	`2021-05-16` - `2022-05-15`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
onetag-sys.com R3	`2021-05-02` - `2021-07-31`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.a-mo.net R3	`2021-05-11` - `2021-08-09`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.brand-display.com GeoTrust RSA CA 2018	`2020-06-24` - `2022-06-24`	2 years	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://ask.fm/budgetpaint63531
Frame ID: 52DF9C1C42875DB96C206060CD9EE5BE
Requests: 51 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1625757647063
Frame ID: 0030FCCC90EA74B9F2DA45CAA7CA86A5
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 3E34D4E6959AA030E15ADAA39FBDD6D7
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 60CB3AAE7C66A7FB5AD748C39775D958
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6D55BA75EAABF92858B04715006964D5
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: ECBB4C20D5EC9DEBFA6FE0220A431328
Requests: 10 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1
Frame ID: 319BE65F27F57F88052BB30F8B013FDE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: FB71EC7F2D94065B72F8BCC5892A4DC8
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 6FF1EC1881852F046138C27D7216AEF1
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: D19FB6FC2D88ABC82E2D254ECAF97720
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Frame ID: 36DC6C88ED195B903910876021E9944C
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 043D0BC87F20EA30B4007AA2D27BED3B
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: AED8D411283C305CC8E51466EBEEA6A4
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ruby (Programming Languages) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Page Statistics

94
Requests

100 %
HTTPS

28 %
IPv6

35
Domains

47
Subdomains

30
IPs

9
Countries

808 kB
Transfer

2268 kB
Size

8
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://about.ask.fm/cookie-policy/?lang=en
Title: Cookies

Search URL Search Domain Scan URL

URL: https://lap78.ask.fm/goto/50aiCfb4fe-IGjEoiG30_ps5vxWA9-udpFDpqv_01zDNMgp8D4tcM16y_FUcAClzDQWfMup2uWjgptwktBsWiFFPZiQj4xnQLST2mer_yX-WoJheENXWYJWJAIcZRW3kgGv4h8SVAtMp3J6Ga8wbaHjXxKkG
Title: https://wearmywardrobeout.com/products/1970s-style-vintage-pencil-dress-with-bright-floral-print-size-8

Search URL Search Domain Scan URL

URL: https://about.ask.fm/?lang=en
Title: About ASKfm

Search URL Search Domain Scan URL

URL: https://about.ask.fm/terms/?lang=en
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://safety.ask.fm/?lang=en
Title: Safety center

Search URL Search Domain Scan URL

URL: https://about.ask.fm/privacy-policy/?lang=en
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://about.ask.fm/transparency-report/?lang=en
Title: Transparency report

Search URL Search Domain Scan URL

URL: https://support.ask.fm/
Title: Help

Search URL Search Domain Scan URL

URL: https://www.facebook.com/askfmpage

Search URL Search Domain Scan URL

URL: https://instagram.com/askfm

Search URL Search Domain Scan URL

URL: https://twitter.com/askfm

Search URL Search Domain Scan URL

URL: https://vk.com/askfm

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9328.OuTOOK5KeLTmKVw9DhO8P5W0dpYul-FVYkQ0KEFcHl3S8HOjhDm6ullxwI2-Xrcx.cvCvPnz6eftXtwQ-jiov1nqHdYU%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9328.TVlZRUKmHMwBAgRgLK_EaVvxri9NX-20QOemeOfYVkWF2oXsq16RppjPA37NCK3diUvMdyn4Nx3Qf87EG5KcZA%2C%2C.Tsm5Qd1yaA2CNvK0F24bTCwuUY0%2C

Request Chain 10

https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fbudgetpaint63531&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2fhsb6k71ko6ila0b%3Afp%3A781%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A581%3Acn%3A1%3Adp%3A0%3Als%3A1324517641755%3Ahid%3A28277793%3Az%3A120%3Ai%3A20210708172043%3Aet%3A1625757643%3Ac%3A1%3Arn%3A848723086%3Au%3A1625757643160397814%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1625757642488%3Ads%3A1%2C389%2C212%2C0%2C0%2C0%2C%2C67%2C93%2C%2C%2C%2C675%3Adsn%3A1%2C389%2C211%2C1%2C%2C0%2C%2C70%2C93%2C%2C%2C%2C675%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1625757644%3At%3Aphillipszdxdillon%20(%40budgetpaint63531)%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm HTTP 302
https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fbudgetpaint63531&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2fhsb6k71ko6ila0b%3Afp%3A781%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A581%3Acn%3A1%3Adp%3A0%3Als%3A1324517641755%3Ahid%3A28277793%3Az%3A120%3Ai%3A20210708172043%3Aet%3A1625757643%3Ac%3A1%3Arn%3A848723086%3Au%3A1625757643160397814%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1625757642488%3Ads%3A1%2C389%2C212%2C0%2C0%2C0%2C%2C67%2C93%2C%2C%2C%2C675%3Adsn%3A1%2C389%2C211%2C1%2C%2C0%2C%2C70%2C93%2C%2C%2C%2C675%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1625757644%3At%3Aphillipszdxdillon%20%28%40budgetpaint63531%29%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm

Request Chain 25

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=KOFS1nx1U211QXdNQ2k1SW1GTWt4NEloaEM0aS80NjhpV00wYlp6SUw2bDJudDFrUnc2T3BnQ2hEMGw5WStLcHd1a0NIcVlBUy9JSjVVSVlKZlBrQ3BVRm5UdUpYOGV0VGlvMUZ5VWZOVFIwd00rK3NPcmloSWtOOWVOVXpITTV3bVMzZG9ubzM1U1VucGtyTXVVRXU0REN1VW1sSHVyZVBmWktEWXptZlpOSFBiM2xUQnZHUjJKeENEZ2JFVTU5bzVNeWNGTk1YMm12ZXF2ZjBCb1pwZVdHbzB3PT18&cppv=2

Request Chain 50

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da4b03d93-b068-4eda-a99d-a057a78be3b8%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da4b03d93-b068-4eda-a99d-a057a78be3b8%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
https://prebid.a-mo.net/setuid?A=a4b03d93-b068-4eda-a99d-a057a78be3b8&D=&bidder=pubmatic&uid=B50F4BA9-7550-4018-8E4C-8105FB69A7C6

Request Chain 51

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da4b03d93-b068-4eda-a99d-a057a78be3b8%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da4b03d93-b068-4eda-a99d-a057a78be3b8%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://prebid.a-mo.net/setuid?A=a4b03d93-b068-4eda-a99d-a057a78be3b8&D=&bidder=sovrn&uid=2936053175a429216f5371aa

Request Chain 53

https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da4b03d93-b068-4eda-a99d-a057a78be3b8%26D%3D%26bidder%3Dindex_rtb%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da4b03d93-b068-4eda-a99d-a057a78be3b8%26D%3D%26bidder%3Dindex_rtb%26uid%3D&C=1 HTTP 302
https://prebid.a-mo.net/setuid?A=a4b03d93-b068-4eda-a99d-a057a78be3b8&D=&bidder=index_rtb&uid=YOcX0p2Jkqug8qtnBVc2DAAA%261112

Request Chain 54

https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=a4b03d93-b068-4eda-a99d-a057a78be3b8 HTTP 302
https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=a4b03d93-b068-4eda-a99d-a057a78be3b8&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=a4b03d93-b068-4eda-a99d-a057a78be3b8&apid=UP13e5c84a-e000-11eb-8221-06468847cda4 HTTP 302
https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=a4b03d93-b068-4eda-a99d-a057a78be3b8&apid=UP13e5c84a-e000-11eb-8221-06468847cda4&verify=true HTTP 302
https://prebid.a-mo.net/setuid/verizon_video?uid=UP13e5c84a-e000-11eb-8221-06468847cda4&gdpr=0&gdpr_consent=

Request Chain 55

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da4b03d93-b068-4eda-a99d-a057a78be3b8%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://prebid.a-mo.net/setuid?A=a4b03d93-b068-4eda-a99d-a057a78be3b8&D=&bidder=appnexus&uid=5484831982970985659

Request Chain 57

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-be7076ae-37c2-4a49-82ce-4597a2f65a0e

Request Chain 58

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=c87e298d93ff43cb47b09e9d

Request Chain 59

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=5adec155-b864-47af-91ec-1f5308aecd45

Request Chain 61

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-4oXFgf5E2uHoZcQA40pOqrdjZEFTkviLruMuQqY-~A

Request Chain 62

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5484831982970985659

Request Chain 63

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP13e5c84a-e000-11eb-8221-06468847cda4 HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP13e5c84a-e000-11eb-8221-06468847cda4&verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP13e5c84a-e000-11eb-8221-06468847cda4

Request Chain 64

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=5484831982970985659

Request Chain 65

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5484831982970985659

Request Chain 69

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1

Request Chain 74

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YOcX0p2Jkqug8qtnBVc2DAAABFgAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YOcX0p2Jkqug8qtnBVc2DAAABFgAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFA4ZYsJ9NKhe-ccLb1-XPU&google_cver=1

Request Chain 75

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YOcX0p2Jkqug8qtnBVc2DAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIRfr-Jevfltj_00ljtU6NI&google_cver=1

Request Chain 76

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcX0p2Jkqug8qtnBVc2DAAABFgAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcX0p2Jkqug8qtnBVc2DAAABFgAAAIB&dcc=t

Request Chain 78

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06712204038176af753b94d1&expiration=[EXPIRATION]&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06712204038176af753b94d1&expiration=[EXPIRATION]&gdpr=1&C=1

Request Chain 80

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1628349650

Request Chain 81

https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0

Request Chain 83

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YOcX0tIDy6dIQBnsQLW4pgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIRfr-Jevfltj_00ljtU6NI&google_cver=1

Request Chain 84

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcX0tIDy6dIQBnsQLW4pgAABFgAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcX0tIDy6dIQBnsQLW4pgAABFgAAAAB&dcc=t

Request Chain 86

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YOcX0tIDy6dIQBnsQLW4pgAABFgAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YOcX0tIDy6dIQBnsQLW4pgAABFgAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPIb8_9TdBS-7DuCoKQCRZs&google_cver=1

Request Chain 87

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-5189e712-f76c-4d67-ad60-bf659a68044f

Request Chain 89

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YOcX0wACi2p5cgAC HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YOcX0wACi2p5cgAC&gdpr=1&_test=YOcX0wACi2p5cgAC

94 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set budgetpaint63531 Show response
ask.fm/ 15 KB
6 KB 603ms
212ms Document
text/html 193.138.77.145
ASK-FM

General

Check archive.org

Show headers Download Go to

Full URL

https://ask.fm/budgetpaint63531

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.138.77.145 , Latvia, ASN395754 (ASK-FM, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

74d3ce7c2a44131def32328cb5d46bded57b93ec0863b09d150a479b1670eab7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: ask.fm
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Status: 200 OK
Cache-Control: max-age=0, private, must-revalidate
ETag: W/"f1c1952fbe3e56124b02e64bd71a068e"
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Date: Thu, 08 Jul 2021 15:20:43 GMT
Set-Cookie: locale=en; path=/; expires=Fri, 08 Jul 2022 21:20:42 -0000 uuid=c6d9e1ac-7957-4ee2-84bb-5ffb8e7b6782; path=/; expires=Fri, 08 Jul 2022 21:20:42 -0000; secure; HttpOnly country=PL; path=/; expires=Fri, 08 Jul 2022 21:20:42 -0000 traffic_source=organic; path=/; expires=Sat, 10 Jul 2021 15:20:43 -0000 _m_ask_fm_session=T2hXWDdqVWRmcGYxdkkxWC9MTHBxU1RPUGIrWi9zblBBOFp6ZE9hSlVQSXhCa3V6eVNKUklJRXNqUnA1Z1JOK1Z6UUdxUnZkWk1Dc3VucWdpQkRiSWp6ZHBER1lCd0U0d1VpRHRTTDgxZWVHK0xMbzNlQlg3SmloTnlJcVB2RXVIMnNlOXUrUlc1S0R2b3RLTTdENUdGQ1VIZ0xjZDR2SUd2QnhxRnZKd0xkMFZsS0RmZ1FCeFFxMkkrbnFYbUptS0tHdEdVaytoZmNEV1JjUFRPUVZSR1F3alY2RHR2aDI5eExoU2lNN3FoNkdTblkvYlZUckRFSDBGaEFmNjZpcS0tc0tlN1JYbGtSbmxtczh5dWVOUUpNUT09--86e1831bc165e55200f78b0ea191784dbd651d7d; path=/; expires=Sun, 11 Jul 2021 15:20:43 -0000; secure; HttpOnly
Server: Ask.FM Web Service
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security: max-age=63072000

GET
H2 200 application_ltr-101b7771d35f5842c59d77a1be08c51527520841c0e9e5de508ef6c4ecd3900b.css
d3r6ceqp4shltl.cloudfront.net/assets/ 178 KB
38 KB 32ms
7ms Stylesheet
text/css 2600:9000:21f3:8c00:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-101b7771d35f5842c59d77a1be08c51527520841c0e9e5de508ef6c4ecd3900b.css

Requested by

Host: ask.fm
URL: https://ask.fm/budgetpaint63531

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8c00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

5898ef219589e811c6392866ec5b20a2184456f5ba0c2cfdbf9251f347efd879

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 12:12:37 GMT
content-encoding: gzip
age: 788886
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 38674
access-control-allow-origin: https://ask.fm
last-modified: Tue, 29 Jun 2021 11:44:55 GMT
server: Ask.FM Web Service
etag: "60db07b7-9712"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET
content-type: text/css
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: mEsvkH5BCOkHGlL0KK9R4oduZiiQ9iAQjj4TCKaeh_AB14lGLUtaTA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js Show response
d3r6ceqp4shltl.cloudfront.net/assets/ 215 KB
68 KB 32ms
8ms Script
application/javascript 2600:9000:21f3:8c00:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js

Requested by

Host: ask.fm
URL: https://ask.fm/budgetpaint63531

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8c00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 13:38:20 GMT
content-encoding: gzip
age: 3807743
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 68515
access-control-allow-origin: https://ask.fm
last-modified: Mon, 24 May 2021 13:24:40 GMT
server: Ask.FM Web Service
etag: "60aba918-10ba3"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: Jt8OPxDmp1g1aP7l6cK16hpItTYyg40C-J4eZw7PB9jfQMtkLZucJw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 profile-bg-853324ad1cb1a0bbc62244f1854403cfe21ddb5bd45fd2595d018734c80daac7.png
d3r6ceqp4shltl.cloudfront.net/assets/ 24 KB
24 KB 17ms
17ms Image
image/png 2600:9000:21f3:8c00:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/profile-bg-853324ad1cb1a0bbc62244f1854403cfe21ddb5bd45fd2595d018734c80daac7.png

Requested by

Host: ask.fm
URL: https://ask.fm/budgetpaint63531

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8c00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

853324ad1cb1a0bbc62244f1854403cfe21ddb5bd45fd2595d018734c80daac7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 11:14:48 GMT
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
age: 11505955
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 24239
last-modified: Wed, 27 Sep 2017 12:11:28 GMT
server: Ask.FM Web Service
etag: "59cb9570-5eaf"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: https://ask.fm
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: DqpQ_kreQOCyClwdeBgRQoKQjj1Tg_qWSjyj5mX8s0ScvbVQ96YtrQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 221 KB
71 KB 134ms
44ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

ac0ebb80cc23977a364955d1be04438b5ede083f1c0a02fc5832ee1d57bf637a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:20:43 GMT
content-encoding: br
last-modified: Wed, 07 Jul 2021 15:22:48 GMT
etag: "60dc796d-118bb"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 71867
expires: Thu, 08 Jul 2021 16:20:43 GMT

GET
H2 200 noAvatar-c233d6098087425dfeea8f690fd936de6b3cb2dc9fda991b0a5051169d334399.png
d3r6ceqp4shltl.cloudfront.net/assets/ 956 B
1 KB 7ms
7ms Image
image/png 2600:9000:21f3:8c00:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/noAvatar-c233d6098087425dfeea8f690fd936de6b3cb2dc9fda991b0a5051169d334399.png

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8c00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

c233d6098087425dfeea8f690fd936de6b3cb2dc9fda991b0a5051169d334399

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 11:15:13 GMT
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
age: 11505930
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 956
last-modified: Wed, 06 Sep 2017 12:36:34 GMT
server: Ask.FM Web Service
etag: "59afebd2-3bc"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: https://ask.fm
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: vsXm0m43eTx6yJDhuPJLQdmkAx8z4RpByUJcUefXuC7hhC7uZirRnQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fontello-4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316.woff2
d3r6ceqp4shltl.cloudfront.net/assets/ 17 KB
18 KB 24ms
9ms Font
application/font-woff2 2600:9000:21f3:8c00:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/fontello-4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316.woff2

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-101b7771d35f5842c59d77a1be08c51527520841c0e9e5de508ef6c4ecd3900b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8c00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Origin: https://ask.fm
Referer: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-101b7771d35f5842c59d77a1be08c51527520841c0e9e5de508ef6c4ecd3900b.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 07:03:25 GMT
via: 1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin
age: 6077838
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000
content-length: 17880
last-modified: Thu, 29 Apr 2021 05:41:49 GMT
server: Ask.FM Web Service
etag: "608a471d-45d8"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: https://ask.fm
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: 2jgPdBi-D7T_XpiAS9psQg6Ev2S_oQxXkjdK-CIlkswtLH054aHnyw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 proximanova-semibold-41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401.woff2
d3r6ceqp4shltl.cloudfront.net/assets/ 25 KB
25 KB 24ms
9ms Font
application/font-woff2 2600:9000:21f3:8c00:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/proximanova-semibold-41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401.woff2

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-101b7771d35f5842c59d77a1be08c51527520841c0e9e5de508ef6c4ecd3900b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8c00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Origin: https://ask.fm
Referer: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-101b7771d35f5842c59d77a1be08c51527520841c0e9e5de508ef6c4ecd3900b.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 11:14:43 GMT
via: 1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin
age: 11505960
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000
content-length: 25400
last-modified: Wed, 06 Sep 2017 12:36:34 GMT
server: Ask.FM Web Service
etag: "59afebd2-6338"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: https://ask.fm
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: -rYN1MyyJ30vFyhCvDaKp6aVsvIYcHmcl0x2B2XRJXmKXRs-tZIYsw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 proximanovareg-98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f.woff2
d3r6ceqp4shltl.cloudfront.net/assets/ 51 KB
52 KB 25ms
9ms Font
application/font-woff2 2600:9000:21f3:8c00:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/proximanovareg-98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f.woff2

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-101b7771d35f5842c59d77a1be08c51527520841c0e9e5de508ef6c4ecd3900b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8c00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Origin: https://ask.fm
Referer: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-101b7771d35f5842c59d77a1be08c51527520841c0e9e5de508ef6c4ecd3900b.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 07:55:47 GMT
via: 1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin
age: 7111496
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000
content-length: 52204
last-modified: Wed, 02 Aug 2017 08:00:22 GMT
server: Ask.FM Web Service
etag: "59818696-cbec"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: https://ask.fm
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: Cphwtfmfta7aWNrjFkmNq0uE2C9y5pQYD0BQH26mHGSvWA9f3xBt1g==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9328.OuTOOK5KeLTmKVw9DhO8P5W0dpYul-FVYkQ0KEFcHl3S8HOjhDm6ullxwI2-Xrcx.cvCvPnz6eftXtwQ-jiov1nqHdYU%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9328.TVlZRUKmHMwBAgRgLK_EaVvxri9NX-20QOemeOfYVkWF2oXsq16RppjPA37NCK3diUvMdyn4Nx3Qf87EG5KcZA%2C%2C.Tsm5Qd1yaA2CNvK0F24bTCwuUY0%2C

75 B
75 B

48ms
48ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9328.TVlZRUKmHMwBAgRgLK_EaVvxri9NX-20QOemeOfYVkWF2oXsq16RppjPA37NCK3diUvMdyn4Nx3Qf87EG5KcZA%2C%2C.Tsm5Qd1yaA2CNvK0F24bTCwuUY0%2C

Requested by

Host: ask.fm
URL: https://ask.fm/budgetpaint63531

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:20:43 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9328.TVlZRUKmHMwBAgRgLK_EaVvxri9NX-20QOemeOfYVkWF2oXsq16RppjPA37NCK3diUvMdyn4Nx3Qf87EG5KcZA%2C%2C.Tsm5Qd1yaA2CNvK0F24bTCwuUY0%2C
date: Thu, 08 Jul 2021 15:20:43 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 44ms
44ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: ask.fm
URL: https://ask.fm/budgetpaint63531

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:20:43 GMT
last-modified: Wed, 07 Jul 2021 15:22:48 GMT
etag: "60dc796d-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 08 Jul 2021 16:20:43 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/48953915/
Redirect Chain

https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fbudgetpaint63531&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2fhsb6k71ko6ila0b%3Afp%3A781%3Afu%3A0%3Aen%3Autf-8...
https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fbudgetpaint63531&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2fhsb6k71ko6ila0b%3Afp%3A781%3Afu%3A0%3Aen%3Autf...

368 B
450 B

45ms
45ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fbudgetpaint63531&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2fhsb6k71ko6ila0b%3Afp%3A781%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A581%3Acn%3A1%3Adp%3A0%3Als%3A1324517641755%3Ahid%3A28277793%3Az%3A120%3Ai%3A20210708172043%3Aet%3A1625757643%3Ac%3A1%3Arn%3A848723086%3Au%3A1625757643160397814%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1625757642488%3Ads%3A1%2C389%2C212%2C0%2C0%2C0%2C%2C67%2C93%2C%2C%2C%2C675%3Adsn%3A1%2C389%2C211%2C1%2C%2C0%2C%2C70%2C93%2C%2C%2C%2C675%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1625757644%3At%3Aphillipszdxdillon%20%28%40budgetpaint63531%29%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

edd77389762429404dc640cbcfae9f543004040489d920bfcf2903793d0eea59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:20:43 GMT
x-content-type-options: nosniff
last-modified: Thu, 08-Jul-2021 15:20:43 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 368
x-xss-protection: 1; mode=block
expires: Thu, 08-Jul-2021 15:20:43 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:20:43 GMT
last-modified: Thu, 08-Jul-2021 15:20:43 GMT
location: /watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fbudgetpaint63531&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2fhsb6k71ko6ila0b%3Afp%3A781%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A581%3Acn%3A1%3Adp%3A0%3Als%3A1324517641755%3Ahid%3A28277793%3Az%3A120%3Ai%3A20210708172043%3Aet%3A1625757643%3Ac%3A1%3Arn%3A848723086%3Au%3A1625757643160397814%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1625757642488%3Ads%3A1%2C389%2C212%2C0%2C0%2C0%2C%2C67%2C93%2C%2C%2C%2C675%3Adsn%3A1%2C389%2C211%2C1%2C%2C0%2C%2C70%2C93%2C%2C%2C%2C675%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1625757644%3At%3Aphillipszdxdillon%20%28%40budgetpaint63531%29%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm
strict-transport-security: max-age=31536000
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 08-Jul-2021 15:20:43 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a90519f2699ba6b3fcce154719527ef8da832763a3cfe8d66b8b78703c5b323e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 18kzFQL5H4X7hJReigElhg==
cross-origin-resource-policy: cross-origin
expires: Thu, 08 Jul 2021 15:31:07 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: 4RB+feAyVuktcAtMxmU7VRMH2iEw3l399n0zt5/msF7YHcrm7l0Nx7IRT5VllWzieUfppRr1YCDB7O2nBDZ1rw==
x-fb-trip-id: 686109401
x-fb-content-md5: 7ad90dd73f94aca455e80a5b011f2e82
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
date: Thu, 08 Jul 2021 15:20:43 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "a2f01c2998c11e64d91dfb5a40981e27"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 83 KB
33 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NDJVZHZ

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c6314e77f4d013e42a2359e22b119139e345e8d081fa10f96544e6361501b01c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:20:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33494
x-xss-protection: 0
last-modified: Thu, 08 Jul 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 08 Jul 2021 15:20:43 GMT

GET
H2 200 3eb3366e-65c3-4a24-90f5-0026136a4131.min.js Show response
cmp.optad360.io/items/ 2 B
351 B 33ms
10ms Script
application/javascript 2600:9000:21f3:4000:6:b871:4f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.optad360.io/items/3eb3366e-65c3-4a24-90f5-0026136a4131.min.js
Requested by: Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:4000:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 14:36:37 GMT
via: 1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
last-modified: Wed, 28 Apr 2021 09:49:58 GMT
server: AmazonS3
age: 2647
etag: "99914b932bd37a50b983c5e7c90ae93b"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 2
x-amz-cf-id: IDCtmgYYoRQJyrGNiuO6Mg6eOYdp-9yIdPczHv1_htPqc6P_c799Yg==

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/ 274 KB
72 KB 32ms
8ms Script
application/javascript 2600:9000:21f3:fc00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js
Requested by: Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:fc00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f56ad273e0204eb8d21346d7116686e717353c0864546a4e66a72b581e594a75

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:09:42 GMT
content-encoding: gzip
last-modified: Mon, 05 Jul 2021 07:03:23 GMT
server: AmazonS3
age: 662
etag: W/"5736885227fcd00664fbd8eea334a4cc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: f_qtI_iwXwgxMi466yFiD380_3YPh9Qb7gN1mj-qr8ZagT89AlBRSw==

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 228 KB
66 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=8da1fdca881df11f0e66789bce40bb56

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6f07ba8d9716a5b2bb065745a1236fb31e81778c3c2fbcdb00fed665a7e1ea22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://ask.fm
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Tu8i6Dr/43RhmECXLMIO+g==
cross-origin-resource-policy: cross-origin
expires: Fri, 08 Jul 2022 13:04:40 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 67910
x-fb-rlafr: 0
x-fb-debug: 5rNo6HLcYTF2idmelNC/FWS0xpqItUWunBRFF9bPFGpklz0y41WwJnTHNz9gKqc2lLZTAmtOSLHfQWSpmU4+Og==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
x-fb-content-md5: fcf283dca69948c3ea18e02d3a162246
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 08 Jul 2021 15:20:43 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "56bc88b8a8a674f9571f47b1bf2ab4e9"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=129215213762342&ev=fb_page_view&dl=https%3A%2F%2Fask.fm%2Fbudgetpaint63531&rl=&if=false&ts=1625757643619&sw=1600&sh=1200&at=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:20:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 08 Jul 2021 15:20:43 GMT

GET
H2 200 prebid4.39.0.js Show response
get.optad360.io/sf/ 492 KB
153 KB 8ms
8ms Script
application/javascript 2600:9000:21f3:fc00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid4.39.0.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:fc00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 86a90b183aecfa70018125329bdc860971b2f20123c0f40e68bac0a1dcb58645

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 13:58:24 GMT
content-encoding: gzip
last-modified: Thu, 13 May 2021 10:44:35 GMT
server: AmazonS3
age: 955340
etag: W/"e020700f5effdce1f4be56434553da72"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control: public, max-age=360000000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: sBNK0pGB6_pjVtS3ythea8AMCrQqQhpOpw-rUBzevvOKw1G5LyNpsw==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 6ms
5ms XHR
application/json 2a04:4e42:1b::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210708

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

55c26a6237909d2b6ea9ce62f59a02af51bd25af788fa940371341e6d9b9a92c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 937
x-jsd-version: 1.0.1032
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 946
etag: W/"69c-NvBjnUUHwAKAjdeeaL2dxU8ehFM"
x-served-by: cache-fra19144-FRA, cache-hhn4032-HHN
x-jsd-version-type: version
date: Thu, 08 Jul 2021 15:20:43 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK Cookie set conversion Show response
ask.fm/signup/ 10 KB
4 KB 152ms
152ms XHR
text/html 193.138.77.145
ASK-FM

General

Check archive.org

Show headers Download Go to

Full URL

https://ask.fm/signup/conversion

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.138.77.145 , Latvia, ASN395754 (ASK-FM, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

94091c7bcd549d51956d6fd4d1cd48130848dd2bcd124f3bb636295da1d43095

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: ask.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: locale=en; uuid=c6d9e1ac-7957-4ee2-84bb-5ffb8e7b6782; country=PL; traffic_source=organic; _m_ask_fm_session=T2hXWDdqVWRmcGYxdkkxWC9MTHBxU1RPUGIrWi9zblBBOFp6ZE9hSlVQSXhCa3V6eVNKUklJRXNqUnA1Z1JOK1Z6UUdxUnZkWk1Dc3VucWdpQkRiSWp6ZHBER1lCd0U0d1VpRHRTTDgxZWVHK0xMbzNlQlg3SmloTnlJcVB2RXVIMnNlOXUrUlc1S0R2b3RLTTdENUdGQ1VIZ0xjZDR2SUd2QnhxRnZKd0xkMFZsS0RmZ1FCeFFxMkkrbnFYbUptS0tHdEdVaytoZmNEV1JjUFRPUVZSR1F3alY2RHR2aDI5eExoU2lNN3FoNkdTblkvYlZUckRFSDBGaEFmNjZpcS0tc0tlN1JYbGtSbmxtczh5dWVOUUpNUT09--86e1831bc165e55200f78b0ea191784dbd651d7d; _ym_uid=1625757643160397814; _ym_d=1625757643; _ym_isad=2; _ym_visorc=w
Connection: keep-alive
Referer: https://ask.fm/budgetpaint63531
Accept: */*
Referer: https://ask.fm/budgetpaint63531
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:20:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Ask.FM Web Service
ETag: W/"4574c5cb01de3752683aedb6f832137e"
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Status: 200 OK
Set-Cookie: locale=en; path=/; expires=Fri, 08 Jul 2022 21:20:45 -0000 tutm=utm_medium%3Dconversion_desktop_default; path=/; expires=Sat, 10 Jul 2021 15:20:45 -0000 _m_ask_fm_session=dFRLN1Z2TzRnWUZIa1lOQmczdnVTdUNJblpZSXlXejh3L0RzbmE5ejl1VVp2Q0pSaUM4NUhuL2FBYTQ2dHphSmk3RklTcEl3KzdWMVhiM0pad0JPSzZDTW82SkFvRklpOUZxeThDdzhObUNueDZMUGtTRnFZODluMXduaWpFV0EvSW1xNGJjbXVYZ0JtSklRclZ6SC9uRDMzejVEQUlPRXhyWEZhZjVLTjdZNDdBaFVSMlNVYVJnM2hiTG03cUdYZ2RuT0dCYjJNNkNRSXV3TE9NUGxxYjA1c2dZbEFRNXFBM0FZNm04OEk0NUhRSTd5UEthNitZVE9CZEFHOHRhMUdnMDcxcGF2dU5mTlhONXpjaGNlNm56YlFsRHNESkJMdlZjalBtQ2JxdUE9LS1pd3hzZ3Boa3ppbWRHbnRZcS90UEJ3PT0%3D--41756ba7936c8c8c21ba0c16cdc18b6e7b9f1e77; path=/; expires=Sun, 11 Jul 2021 15:20:45 -0000; secure; HttpOnly
Cache-Control: max-age=0, private, must-revalidate
Transfer-Encoding: chunked
Content-Security-Policy: frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security: max-age=63072000
X-XSS-Protection: 1; mode=block

GET
H2 200 button_app_store-3929e571584ac404ba32c11166c577244729dbd1e4189320e124126366224f08.png
d3r6ceqp4shltl.cloudfront.net/assets/ 2 KB
3 KB 10ms
9ms Image
image/png 2600:9000:21f3:8c00:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/button_app_store-3929e571584ac404ba32c11166c577244729dbd1e4189320e124126366224f08.png

Requested by

Host: ask.fm
URL: https://ask.fm/budgetpaint63531

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8c00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

3929e571584ac404ba32c11166c577244729dbd1e4189320e124126366224f08

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 17:07:55 GMT
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
age: 6646370
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 2309
last-modified: Wed, 28 Oct 2020 11:38:17 GMT
server: Ask.FM Web Service
etag: "5f995829-905"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: https://ask.fm
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: FLVP_Ku8xYcPEo-AoYSyQR-NUp3oVZyLORzU-hhfgVVlaZP8rT9pnA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 button_google_play-467206f00105224e1a448a4ac9950cf1ad03988d92f95a03100b64c6feb17999.png
d3r6ceqp4shltl.cloudfront.net/assets/ 3 KB
4 KB 10ms
10ms Image
image/png 2600:9000:21f3:8c00:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/button_google_play-467206f00105224e1a448a4ac9950cf1ad03988d92f95a03100b64c6feb17999.png

Requested by

Host: ask.fm
URL: https://ask.fm/budgetpaint63531

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:8c00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

467206f00105224e1a448a4ac9950cf1ad03988d92f95a03100b64c6feb17999

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 11:14:52 GMT
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
age: 11505953
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 3404
last-modified: Wed, 28 Oct 2020 11:38:17 GMT
server: Ask.FM Web Service
etag: "5f995829-d4c"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: https://ask.fm
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: 1Eg_Dvw4PAQLLR86iPveQyEGz6I8bVVPHEoFwrrfDEC49R5wnShlAg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 48953915 Show response
mc.yandex.com/webvisor/ 43 B
145 B 135ms
135ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=28277793&page-url=https%3A%2F%2Fask.fm%2Fbudgetpaint63531&rn=408621779&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1625757646%3Aw%3A1600x1200%3Av%3A581%3Az%3A120%3Ai%3A20210708172046%3Au%3A1625757643160397814%3Avf%3A2fhsb6k71ko6ila0b%3Awe%3A1%3Ati%3A2%3Ast%3A1625757646

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:20:46 GMT
last-modified: Thu, 08-Jul-2021 15:20:46 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 08-Jul-2021 15:20:46 GMT

POST
H2 200 48953915 Show response
mc.yandex.com/webvisor/ 43 B
73 B 134ms
133ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=28277793&page-url=https%3A%2F%2Fask.fm%2Fbudgetpaint63531&rn=458158796&wv-type=5&browser-info=gdpr%3A14%3Aet%3A1625757646%3Aw%3A1600x1200%3Av%3A581%3Az%3A120%3Ai%3A20210708172046%3Au%3A1625757643160397814%3Avf%3A2fhsb6k71ko6ila0b%3Awe%3A1%3Ati%3A2%3Ast%3A1625757646

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:20:46 GMT
last-modified: Thu, 08-Jul-2021 15:20:46 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 08-Jul-2021 15:20:46 GMT

GET
H2 200 optad360.js Show response
serving.stat-rock.com/player/ 304 KB
95 KB 275ms
47ms Script
application/javascript 78.140.185.32
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://serving.stat-rock.com/player/optad360.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: ap8.adplayer.pro
Software: nginx /
Resource Hash: 3ffd3c012ea6753cd0373b0c79c43ab8a1915dd112e15c821ea654e8b01739ed

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:20:47 GMT
content-encoding: gzip
last-modified: Fri, 18 Jun 2021 08:28:33 GMT
server: nginx
etag: W/"60cc5931-4beb9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=600

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1
https://mug.criteo.com/sid?cpp=KOFS1nx1U211QXdNQ2k1SW1GTWt4NEloaEM0aS80NjhpV00wYlp6SUw2bDJudDFrUnc2T3BnQ2hEMGw5WStLcHd1a0NIcVlBUy9JSjVVSVlKZlBrQ3BVRm5UdUpYOGV0VGlvMUZ5VWZOVFIwd00rK3NPcmloSWtOOWVOVX...

329 B
592 B

192ms
68ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=KOFS1nx1U211QXdNQ2k1SW1GTWt4NEloaEM0aS80NjhpV00wYlp6SUw2bDJudDFrUnc2T3BnQ2hEMGw5WStLcHd1a0NIcVlBUy9JSjVVSVlKZlBrQ3BVRm5UdUpYOGV0VGlvMUZ5VWZOVFIwd00rK3NPcmloSWtOOWVOVXpITTV3bVMzZG9ubzM1U1VucGtyTXVVRXU0REN1VW1sSHVyZVBmWktEWXptZlpOSFBiM2xUQnZHUjJKeENEZ2JFVTU5bzVNeWNGTk1YMm12ZXF2ZjBCb1pwZVdHbzB3PT18&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

998003392b3da84e01fa969f409e6b75a052c741124c53650741ae4c7aeeeac0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 08 Jul 2021 15:20:46 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2579
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 08 Jul 2021 15:20:46 GMT
location: https://mug.criteo.com/sid?cpp=KOFS1nx1U211QXdNQ2k1SW1GTWt4NEloaEM0aS80NjhpV00wYlp6SUw2bDJudDFrUnc2T3BnQ2hEMGw5WStLcHd1a0NIcVlBUy9JSjVVSVlKZlBrQ3BVRm5UdUpYOGV0VGlvMUZ5VWZOVFIwd00rK3NPcmloSWtOOWVOVXpITTV3bVMzZG9ubzM1U1VucGtyTXVVRXU0REN1VW1sSHVyZVBmWktEWXptZlpOSFBiM2xUQnZHUjJKeENEZ2JFVTU5bzVNeWNGTk1YMm12ZXF2ZjBCb1pwZVdHbzB3PT18&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ask.fm
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2227
content-length: 455
expires: 0

POST
H2 204 v2 Show response
i.connectad.io/api/ 0
359 B 130ms
62ms XHR
text/plain 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Jul 2021 15:20:46 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://ask.fm
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 66ba4c6cdebc4e6e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 24 B
365 B 151ms
62ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=425272&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223a70df4a84813d%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fask.fm%2Fbudgetpaint63531%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.39.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224e32a1eb70a985%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224e32a1eb70a985%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22750x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A750%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224e32a1eb70a985%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a01a5454a2153f1e3c960cedcedb0c5577daaf0e3af2cd20113b488faac5fb7a

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:20:46 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[PL], RC:[], CN:[EU], CIP:[194.99.105.99], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ask.fm
x-cs-client-geo: 09
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 44
x-ak-client-geo: 09
expires: Thu, 08 Jul 2021 15:20:46 GMT

POST
H2 204 apacdex Show response
useast.quantumdex.io/auction/ 0
610 B 267ms
202ms XHR
text/plain 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/apacdex
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Jul 2021 15:20:47 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://ask.fm
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZpACoG%2BNiQNCyBcYR4YRjC6qfb%2F2sEK%2B9DwJb%2BD%2Fsh1zbDRcf6wjLjmHzMVs5Y7GDgtBjW8P3T0cF6juq%2BQ09bPu1C0C5W4fvgR9WDOkw%2FJUwsxAFWdfxDtUfxmsuqz4NnlzyC3sS6YYIt1I5g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 66ba4c6cd9642c01-FRA

GET
H2 200 / Show response
adx.adform.net/adx/ 10 B
449 B 220ms
125ms XHR
application/json 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTg2NTI1MyZ0cmFuc2FjdGlvbklkPTFmNjAyMzg2LWZkYTQtNDI2OS1iMzQ1LTU3MDBlOTQxYWY3ZiZyY3VyPVBMTg%3D%3D&bWlkPTgwMjYyMCZ0cmFuc2FjdGlvbklkPTQwMDdiMjJhLTQzMmQtNDlkOC05Y2Y2LTZlNTc4OTVjNjA2NCZyY3VyPVBMTg%3D%3D&pt=gross&stid=708abe50-ea92-4035-a37c-4ab1125d6338&gdpr=0&gdpr_consent=undefined&fd=1

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:20:46 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ask.fm
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 10
expires: -1

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
362 B 275ms
173ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://ask.fm
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 255 B
1 KB 190ms
91ms XHR
application/json 37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

3d60d8ecae59dd0091b33365e5ddf1bc4437452adc29c5b81e610c307282bce4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:20:46 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: e004fa22-18f5-4bf8-8132-e007597dcb9d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 255
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 247 B
917 B 144ms
48ms XHR
application/json 37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

3f1a3ad1dc70edc443c3b2ed82d7d863b2897565de5d5f4856f61bd6decb0e6b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:20:46 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 9464feb7-dff6-45ab-be6f-0d3c79c103fd
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 247
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 c Show response
prebid.a-mo.net/a/ 861 B
780 B 408ms
152ms XHR
application/json 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: 8d5a679ff64c26fa390c0ead9e9770c6973dea478af0dbd7c8b6db071f854ba0

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Jul 2021 15:20:46 GMT
content-encoding: gzip
server: envoy
vary: origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ask.fm
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 24
content-length: 355

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 94ms
17ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1

Protocol

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://ask.fm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://ask.fm
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1343
date: Thu, 08 Jul 2021 15:20:45 GMT
content-encoding: gzip
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 193ms
61ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1013
date: Thu, 08 Jul 2021 15:20:46 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 630 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK Cookie set budgetpaint63531 Show response
ask.fm/ 15 KB
6 KB 226ms
226ms XHR
text/html 193.138.77.145
ASK-FM

General

Check archive.org

Show headers Download Go to

Full URL

https://ask.fm/budgetpaint63531

Requested by

Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/optad360.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.138.77.145 , Latvia, ASN395754 (ASK-FM, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

464eb215a332ec0c5cd6a9fadde1761908f5cc7218bcde0783f90a9bbac23e69

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: ask.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://ask.fm/budgetpaint63531
Cookie: _pbjs_userid_consent_data=6683316680106290; cto_bidid=SZN7zV9UdjlzdGZuS0dRM0ZkYTU5RkRESHJ1Q1V3MVY2b2xwWUp1NGs4YzdZcTN6TlhQZHZEQlVEJTJGVmo1Z0ZmMjIzb2FXeVlxJTJGaVhTJTJCd1h5TzJvU3lyM2tqQSUzRCUzRA; cto_bundle=b3hX3V9CV1olMkZVZiUyQktIYlVwTnRxbW84bUN4VVZlQ2JZeHBrRGJwMyUyRmVJeTlUczMlMkZGWnZIZ2NDMVZidFpYTTlkb2VvSWF1c1JzcWZGSjY0cG9TSFQ4UkNNcWlCJTJCeTRKeU1Uekg2OGV2YUIzaFNPbXclM0Q
Connection: keep-alive
Referer: https://ask.fm/budgetpaint63531
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:20:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Ask.FM Web Service
ETag: W/"e79f0b5e2f337eb927b95854aef3aa50"
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Status: 200 OK
Set-Cookie: locale=en; path=/; expires=Fri, 08 Jul 2022 21:20:47 -0000 uuid=0dd23a84-c7f9-4b68-b496-c82d6e65e1ce; path=/; expires=Fri, 08 Jul 2022 21:20:47 -0000; secure; HttpOnly country=PL; path=/; expires=Fri, 08 Jul 2022 21:20:47 -0000 traffic_source=internal; path=/; expires=Sat, 10 Jul 2021 15:20:47 -0000 _m_ask_fm_session=QlJ0MldWMTBqcm5xc1BuTW91RGU2T1g3bFZuNWxmNS9xMXhFc21mM3Y5QTdmckdmOEVQMS9wUmkzdVo3MTN1VWkzOGY2amlJUG1MOEVPMERmd3J1NTlOZHI3UnFXbm9FTEZHZ2tIZzhVL2ZXTlJkcE5hL1psbEZXeHlnQUkwS05aN0FlNTV4cFhHdEF5TkVCbHE2MXZzTDVXSjZCcHkzZ2ZZTjRPVjZ3VU1xR0FrU3lLSjh6ZUJDTGk4SzZwMTFJREh2amdnU3JuV2JpZXkrT1N0VFM0RDUrc3lqQ2ZPOGVUS3o5NHBvQk9EcFJkSzBhenBSaGVKKzhGNDBmSk5vay0tNHZnSE9YRHpmY3dnNmR6YW1wOGdQUT09--408e7e184e3ad64b3e59712980ccd4987d36ec17; path=/; expires=Sun, 11 Jul 2021 15:20:47 -0000; secure; HttpOnly
Cache-Control: max-age=0, private, must-revalidate
Transfer-Encoding: chunked
Content-Security-Policy: frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security: max-age=63072000
X-XSS-Protection: 1; mode=block

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
162 B 147ms
48ms Image
image/gif 78.140.185.32
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?id=1625757647395.454&type=INIT&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fbudgetpaint63531&t=294&v=91&width=528&z=p%3Adf%3Bv%3AinView%3B&r=0.6784248035732996
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: ap8.adplayer.pro
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: https://ask.fm
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ask.fm
date: Thu, 08 Jul 2021 15:20:47 GMT
srvf: 78.140.185.32
server: nginx
srvb: 127.0.0.1:8082
content-length: 35
content-type: image/gif

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
163 B 146ms
48ms Image
image/gif 78.140.185.32
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?id=1625757647395.454&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fbudgetpaint63531&t=303&v=91&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.9396265859832562
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: ap8.adplayer.pro
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: https://ask.fm
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ask.fm
date: Thu, 08 Jul 2021 15:20:47 GMT
srvf: 78.140.185.32
server: nginx
srvb: 127.0.0.1:8082
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK Cookie set budgetpaint63531 Show response
ask.fm/ 15 KB
6 KB 206ms
206ms XHR
text/html 193.138.77.145
ASK-FM

General

Check archive.org

Show headers Download Go to

Full URL

https://ask.fm/budgetpaint63531

Requested by

Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/optad360.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.138.77.145 , Latvia, ASN395754 (ASK-FM, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

2022cd146606e4dbde81d8b02c65bd451415b57c1926b599e8ba860c7ef575fa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: ask.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://ask.fm/budgetpaint63531
Cookie: _pbjs_userid_consent_data=6683316680106290; cto_bidid=SZN7zV9UdjlzdGZuS0dRM0ZkYTU5RkRESHJ1Q1V3MVY2b2xwWUp1NGs4YzdZcTN6TlhQZHZEQlVEJTJGVmo1Z0ZmMjIzb2FXeVlxJTJGaVhTJTJCd1h5TzJvU3lyM2tqQSUzRCUzRA; cto_bundle=b3hX3V9CV1olMkZVZiUyQktIYlVwTnRxbW84bUN4VVZlQ2JZeHBrRGJwMyUyRmVJeTlUczMlMkZGWnZIZ2NDMVZidFpYTTlkb2VvSWF1c1JzcWZGSjY0cG9TSFQ4UkNNcWlCJTJCeTRKeU1Uekg2OGV2YUIzaFNPbXclM0Q; locale=en; uuid=0dd23a84-c7f9-4b68-b496-c82d6e65e1ce; country=PL; traffic_source=internal; _m_ask_fm_session=QlJ0MldWMTBqcm5xc1BuTW91RGU2T1g3bFZuNWxmNS9xMXhFc21mM3Y5QTdmckdmOEVQMS9wUmkzdVo3MTN1VWkzOGY2amlJUG1MOEVPMERmd3J1NTlOZHI3UnFXbm9FTEZHZ2tIZzhVL2ZXTlJkcE5hL1psbEZXeHlnQUkwS05aN0FlNTV4cFhHdEF5TkVCbHE2MXZzTDVXSjZCcHkzZ2ZZTjRPVjZ3VU1xR0FrU3lLSjh6ZUJDTGk4SzZwMTFJREh2amdnU3JuV2JpZXkrT1N0VFM0RDUrc3lqQ2ZPOGVUS3o5NHBvQk9EcFJkSzBhenBSaGVKKzhGNDBmSk5vay0tNHZnSE9YRHpmY3dnNmR6YW1wOGdQUT09--408e7e184e3ad64b3e59712980ccd4987d36ec17
Connection: keep-alive
Referer: https://ask.fm/budgetpaint63531
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:20:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Ask.FM Web Service
ETag: W/"a8c1b75c761e9a23253597dba4b7edbd"
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Status: 200 OK
Set-Cookie: locale=en; path=/; expires=Fri, 08 Jul 2022 21:20:47 -0000 _m_ask_fm_session=YVZkWW1lRTlaWXVxYTFkOVZWNnhSTnIrM082Vzh2UXRrSFpQQ09VcUtuTFV3Q245MERlQVpzV2NKYTMySDRzckZZYkdkUmk3Zjk1VEtjc3NEeWFnMnJkOGNDWVVNbTJsQ0YrMktXbXZUYnNmbnNZV3g1d3lQYllubGpOOHZIajRrVUdJbWs2alNVY0hXRG1EWDU2SzFIZEJvYVJBYzBvd0RhdkxKNWpsRWZJaFBUc2Q2Qkk4NCtaZG5Rd3ZHekVjZnpaMCs4MktUYjRuTlB3ai9QdVEzR2d1K1lYZDk5MktSUkxCR2QvUXhLUk9nSXd4RXl1Y1ZGWDNlSlpnczUzVS0tWER1WlcvZkRnKzE3MWdTMDJTd2RzZz09--8d9d60c56f42076406997c9554ecdbda0aa27892; path=/; expires=Sun, 11 Jul 2021 15:20:47 -0000; secure; HttpOnly
Cache-Control: max-age=0, private, must-revalidate
Transfer-Encoding: chunked
Content-Security-Policy: frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security: max-age=63072000
X-XSS-Protection: 1; mode=block

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
162 B 48ms
47ms Image
image/gif 78.140.185.32
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?d=1&id=1625757647395.454&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fbudgetpaint63531&t=533&v=91&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.07034253988636929
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: ap8.adplayer.pro
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: https://ask.fm
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ask.fm
date: Thu, 08 Jul 2021 15:20:47 GMT
srvf: 78.140.185.32
server: nginx
srvb: 127.0.0.1:8082
content-length: 35
content-type: image/gif

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
162 B 48ms
48ms Image
image/gif 78.140.185.32
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?id=1625757647395.454&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fbudgetpaint63531&t=745&v=91&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.3438982190624986
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: ap8.adplayer.pro
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: https://ask.fm
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ask.fm
date: Thu, 08 Jul 2021 15:20:47 GMT
srvf: 78.140.185.32
server: nginx
srvb: 127.0.0.1:8082
content-length: 35
content-type: image/gif

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
162 B 49ms
48ms Image
image/gif 78.140.185.32
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?d=1&id=1625757647395.454&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fbudgetpaint63531&t=746&v=91&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.4544103435989095
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: ap8.adplayer.pro
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: https://ask.fm
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ask.fm
date: Thu, 08 Jul 2021 15:20:47 GMT
srvf: 78.140.185.32
server: nginx
srvb: 127.0.0.1:8082
content-length: 35
content-type: image/gif

POST
H2 200 48953915 Show response
mc.yandex.com/webvisor/ 43 B
145 B 139ms
51ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=2&wv-hit=28277793&page-url=https%3A%2F%2Fask.fm%2Fbudgetpaint63531&rn=879065855&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1625757648%3Aw%3A1600x1200%3Av%3A581%3Az%3A120%3Ai%3A20210708172048%3Au%3A1625757643160397814%3Avf%3A2fhsb6k71ko6ila0b%3Awe%3A1%3Ati%3A2%3Ast%3A1625757648

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:20:48 GMT
last-modified: Thu, 08-Jul-2021 15:20:48 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 08-Jul-2021 15:20:48 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 0030 2 KB
823 B 49ms
48ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1625757647063

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?cb=1625757647063
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ask.fm/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ask.fm/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame 3E34 1 KB
749 B 40ms
37ms Document
text/html 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

:method: GET
:authority: cdn.connectad.io
:scheme: https
:path: /connectmyusers.php?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ask.fm/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ask.fm/

Response headers

date: Thu, 08 Jul 2021 15:20:50 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 66ba4c81ec654e6e-FRA
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 60CB 52 KB
17 KB 208ms
69ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ask.fm/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: icu=ChgIm7tdEAoYASABKAEwzq-chwY4AUABSAEQzq-chwYYAA..; uuid2=5484831982970985659
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ask.fm/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Fri, 09 Jul 2021 15:20:52 GMT
Date: Thu, 08 Jul 2021 15:20:50 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 6D55 2 KB
1 KB 163ms
54ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ask.fm/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ask.fm/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Thu, 08 Jul 2021 15:20:50 GMT
Connection: keep-alive

GET
H2 200 apacdex Show response
sync.quantumdex.io/usersync/ Frame ECBB 3 KB
1 KB 143ms
130ms Document
text/html 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/apacdex
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4174e530077efcb436dc4b47e8020d8286c17388080286dae41695a5f2a8c4a6

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/apacdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ask.fm/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=812dad77-fceb-4971-b3e5-ab934c002499
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ask.fm/

Response headers

date: Thu, 08 Jul 2021 15:20:50 GMT
content-type: text/html
set-cookie: uid=812dad77-fceb-4971-b3e5-ab934c002499; expires=Wed, 28 Jul 2021 15:20:50 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gmMN2FOihyonNG3FBnsSJSiwDjR5t%2BoocmCl%2B1zLKjfIrklsdOomx3%2FUTtkOW7l2gFeaZLS17yK7BZaxNN%2FHdIUHxOA61ld878%2FQ8dj6WMPkYsHwSY%2BS%2FMpbKMBXnyULAW7ukJfAwclV0xY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 66ba4c820a932c01-FRA
content-encoding: br

GET
H2

204

setuid
prebid.a-mo.net/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da4b03d93-b068-4eda-a99d-a057a78be3b8%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da4b03d93-b068-4eda-a99d-a057a78be3b8%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID
https://prebid.a-mo.net/setuid?A=a4b03d93-b068-4eda-a99d-a057a78be3b8&D=&bidder=pubmatic&uid=B50F4BA9-7550-4018-8E4C-8105FB69A7C6

0
123 B

132ms
132ms

Image
text/plain

136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=a4b03d93-b068-4eda-a99d-a057a78be3b8&D=&bidder=pubmatic&uid=B50F4BA9-7550-4018-8E4C-8105FB69A7C6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:20:50 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 5
server: envoy

Redirect headers

location: https://prebid.a-mo.net/setuid?A=a4b03d93-b068-4eda-a99d-a057a78be3b8&D=&bidder=pubmatic&uid=B50F4BA9-7550-4018-8E4C-8105FB69A7C6
date: Thu, 08 Jul 2021 15:20:50 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

204

setuid
prebid.a-mo.net/
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da4b03d93-b068-4eda-a99d-a057a78be3b8%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da4b03d93-b068-4eda-a99d-a057a78be3b8%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://prebid.a-mo.net/setuid?A=a4b03d93-b068-4eda-a99d-a057a78be3b8&D=&bidder=sovrn&uid=2936053175a429216f5371aa

0
138 B

129ms
128ms

Image
text/plain

136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=a4b03d93-b068-4eda-a99d-a057a78be3b8&D=&bidder=sovrn&uid=2936053175a429216f5371aa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:20:50 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy

Redirect headers

Date: Thu, 08 Jul 2021 15:20:50 GMT
Server: nginx
Location: https://prebid.a-mo.net/setuid?A=a4b03d93-b068-4eda-a99d-a057a78be3b8&D=&bidder=sovrn&uid=2936053175a429216f5371aa
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 204 /
onetag-sys.com/usync/ 0
52 B 51ms
48ms Image
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform

GET
H2

204

setuid
prebid.a-mo.net/
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da4b03d93-b068-4eda-a99d-a057a78be3b8%26D%3D%26bidder%3Dindex_rtb%26uid%3D
https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da4b03d93-b068-4eda-a99d-a057a78be3b8%26D%3D%26bidder%3Dindex_rtb%26uid%3D&C=1
https://prebid.a-mo.net/setuid?A=a4b03d93-b068-4eda-a99d-a057a78be3b8&D=&bidder=index_rtb&uid=YOcX0p2Jkqug8qtnBVc2DAAA%261112

0
115 B

131ms
130ms

Image
text/plain

136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=a4b03d93-b068-4eda-a99d-a057a78be3b8&D=&bidder=index_rtb&uid=YOcX0p2Jkqug8qtnBVc2DAAA%261112
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:20:49 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:20:50 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://prebid.a-mo.net/setuid?A=a4b03d93-b068-4eda-a99d-a057a78be3b8&D=&bidder=index_rtb&uid=YOcX0p2Jkqug8qtnBVc2DAAA%261112
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 321
Expires: Thu, 08 Jul 2021 15:20:50 GMT

GET
H2

204

verizon_video
prebid.a-mo.net/setuid/
Redirect Chain

https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=a4b03d93-b068-4eda-a99d-a057a78be3b8
https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=a4b03d93-b068-4eda-a99d-a057a78be3b8&verify=true
https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=a4b03d93-b068-4eda-a99d-a057a78be3b8&apid=UP13e5c84a-e000-11eb-8221-06468847cda4
https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=a4b03d93-b068-4eda-a99d-a057a78be3b8&apid=UP13e5c84a-e000-11eb-8221-06468847cda4&verify=true
https://prebid.a-mo.net/setuid/verizon_video?uid=UP13e5c84a-e000-11eb-8221-06468847cda4&gdpr=0&gdpr_consent=

0
126 B

131ms
131ms

Image
text/plain

136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid/verizon_video?uid=UP13e5c84a-e000-11eb-8221-06468847cda4&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:20:50 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 4
server: envoy

Redirect headers

Date: Thu, 08 Jul 2021 15:20:50 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://prebid.a-mo.net/setuid/verizon_video?uid=UP13e5c84a-e000-11eb-8221-06468847cda4&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H2

204

setuid
prebid.a-mo.net/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da4b03d93-b068-4eda-a99d-a057a78be3b8%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID
https://prebid.a-mo.net/setuid?A=a4b03d93-b068-4eda-a99d-a057a78be3b8&D=&bidder=appnexus&uid=5484831982970985659

0
141 B

129ms
128ms

Image
text/plain

136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=a4b03d93-b068-4eda-a99d-a057a78be3b8&D=&bidder=appnexus&uid=5484831982970985659
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:20:49 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:20:50 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 36e22102-e0bf-4a86-b383-0823a5e42ed1
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://prebid.a-mo.net/setuid?A=a4b03d93-b068-4eda-a99d-a057a78be3b8&D=&bidder=appnexus&uid=5484831982970985659
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 1
sync-eu.connectad.io/syncer/ Frame 319B 0
0 48ms
46ms Document
text/plain 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-eu.connectad.io/syncer/1
Requested by: Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: sync-eu.connectad.io
:scheme: https
:path: /syncer/1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.connectad.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: cadsync
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cdn.connectad.io/

Response headers

date: Thu, 08 Jul 2021 15:20:50 GMT
set-cookie: id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control: no-cache, private
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 66ba4c823d444e6e-FRA

GET
H2

200

setuid
sync.quantumdex.io/ Frame ECBB
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-be7076ae-37c2-4a49-82ce-4597a2f65a0e

43 B
315 B

136ms
136ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-be7076ae-37c2-4a49-82ce-4597a2f65a0e
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:20:50 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4QpbECzDDrjKujbA0u25eAAshAmGH9PwydyRlTnaYeAJ%2F2Egqr3sPw0LqzKRR3db0A0lADVuC%2B50OR4EzSuREHaMKa2hiQ55E7Lm36yUhhBBFGiqNEduoCfkYWnx2f5IH7Jm6pFrdVryJBM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba4c8559732c01-FRA
content-length: 43

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-be7076ae-37c2-4a49-82ce-4597a2f65a0e
date: Thu, 08 Jul 2021 15:20:50 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame ECBB
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=c87e298d93ff43cb47b09e9d

43 B
319 B

133ms
133ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=c87e298d93ff43cb47b09e9d
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:20:50 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tGHA5c67TJJHoexSv4wsk4FCxUTDg%2Bupi65E3KBY2bL2fWUx7vsHBW%2FOqXU4gjAzsG6GVmdJU9IN3o%2B%2BaO2GUYin3K0gI0ZtpqbcXcPmjJhWcg%2Fx5ITZAAUIKCcWm7Ka0VqmV5nmagGV1V0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba4c83ee5e2c01-FRA
content-length: 43

Redirect headers

Date: Thu, 08 Jul 2021 15:20:50 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=c87e298d93ff43cb47b09e9d
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame ECBB
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=5adec155-b864-47af-91ec-1f5308aecd45

43 B
320 B

131ms
131ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=5adec155-b864-47af-91ec-1f5308aecd45
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:20:50 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Qf4rCxz%2B%2F07Vpg1NbFSAYUHYtgoWYPl7AMUUjeUl4Ts5n8y%2FogJaR2ZPUrLDeQe%2F%2BIiHc7eJjWUaYdoon1YqMsJnMbjg35sdzv9hFZQuAOn7cYi%2Fe6n9maXzoNNYOuXZtMOm8D4oJ0VRNaw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba4c83adc62c01-FRA
content-length: 43

Redirect headers

date: Thu, 08 Jul 2021 15:20:50 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6GcFkHLfGNYtuDWHmvX8SO8k2v8vFeZsbyQmOypSMrqSRibx4jWsocOXMYCQ%2F%2Buki9DwuQ5XXqmrFVYWwpmOEwbb%2BdDZ7WMppgMIjUB0%2FOoWHp7u4jtB1Zge2b45Pp1rTw1nw4dCZMy3"}],"group":"cf-nel","max_age":604800}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=5adec155-b864-47af-91ec-1f5308aecd45
cf-ray: 66ba4c82ec612c01-FRA
content-length: 0

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame ECBB 0
478 B 216ms
53ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:20:50 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame ECBB
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-4oXFgf5E2uHoZcQA40pOqrdjZEFTkviLruMuQqY-~A

43 B
453 B

134ms
134ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-4oXFgf5E2uHoZcQA40pOqrdjZEFTkviLruMuQqY-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:20:50 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zBHfZVH6IBMYB6e42KzvkdqcFFFr16xNHQo1Xhxs4KCfH8fDuC4fsQPtVd298vOPPwOyxYF8AQ9qEUQYdxxqCzPy%2FiULZCYeOdIRlFDxPEJNN72NfMi17XgJFTXCQMV6uAV3XO9eiZorpw0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba4c846f732c01-FRA
content-length: 43

Redirect headers

Date: Thu, 08 Jul 2021 15:20:50 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-4oXFgf5E2uHoZcQA40pOqrdjZEFTkviLruMuQqY-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame ECBB
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5484831982970985659

43 B
319 B

131ms
131ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5484831982970985659
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:20:50 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HL8jwpRNv9woxVcAHl%2Bn%2BU%2BH4ATLPAj52cJ8qKmmQRtIFmqziBaWZfzNNbSn2B1NS1gWrhDEQDX0seHFk3zHUdsAmecj2O7HyS9BHt98UR9pNNDwIXYOHGTEMf7lVx%2BYD9d1mEDggrEgRCk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba4c83bdff2c01-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:20:50 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: dc3dac90-0922-4f36-ba84-4680ec61e581
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5484831982970985659
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame ECBB
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP13e5c84a-e000-11eb-8221-06468847cda4
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP13e5c84a-e000-11eb-8221-06468847cda4&verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP13e5c84a-e000-11eb-8221-06468847cda4

43 B
316 B

130ms
130ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP13e5c84a-e000-11eb-8221-06468847cda4
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:20:50 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yQtQSiiE4HfPeTWudRcGChBcdJ4y1edMK7oJKgiM3D1BEt%2F%2Fr2glSrblI0MqIz0aPL3oZDlhLSmQKjV8iDAgP1rIJ4yZ8jJw%2FYNx3K1UbL2DWRAo4rJO8KPrkYbYrkLXKfciucrP0AmGItM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba4c846f772c01-FRA
content-length: 43

Redirect headers

Date: Thu, 08 Jul 2021 15:20:50 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP13e5c84a-e000-11eb-8221-06468847cda4
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame ECBB
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=5484831982970985659

43 B
336 B

130ms
130ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=5484831982970985659
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:20:50 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zEnlh%2BcwG6TdaAqMCxQJ5%2BnYMOEIQ%2FNYmfjKTqndMpuUIVzLkY23bfJ4AvK6d8%2Buhq4F0QvJtIkneQgCFMdyQg0CH13iJAiOy%2FNtxtj%2FW2pcQu6QvnOnmdJRSGVloy%2FG%2Fdou3XTk4DRJDUE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba4c833cf72c01-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:20:50 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 0ac10e89-dbf8-4463-87dc-0d7f938b8cba
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=anx152media&uid=5484831982970985659
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame ECBB
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5484831982970985659

43 B
315 B

135ms
134ms

Image
image/gif

2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5484831982970985659
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:20:50 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bsvLy5jyZ5Bvjp534a1vUbK8sc0mCJkwER0z6DnHL%2FGci78MBrAxdV2OMKif8z5zE6%2BhREEz19bMSzv3JeBVS3nFv5Kb8BmiDaT1cF6BLSoCZiHTfOy6x7icHEYLYWuQJf21fTsmwBCJB4s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba4c839dc12c01-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:20:50 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 08d301e3-6734-47f0-8d7b-a6a6149b502c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5484831982970985659
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame FB71 14 KB
5 KB 174ms
55ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=19561
expires: Thu, 08 Jul 2021 20:46:51 GMT
date: Thu, 08 Jul 2021 15:20:50 GMT
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 6FF1 2 KB
823 B 51ms
49ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 400 / Show response
ssc-cms.33across.com/ps/ Frame D19F 3 KB
3 KB 442ms
148ms Document
text/html 208.100.17.178
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.178 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip178.208-100-17.static.steadfastdns.net
Software: /
Resource Hash: a250c006d6b747d0c6f489b530218db1547979de974f3c9b5ac51aef8c3ae735

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html;charset=utf-8
content-language: en
content-length: 2705
date: Thu, 08 Jul 2021 15:20:50 GMT

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 36DC
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1

2 KB
3 KB

78ms
78ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 942206f7e2173d461e541d924b9368dd15fcc9e2bd293d3fe9dbd0777a21858c

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMPS=1155; CMPRO=1112; CMST=YOcX0mDnF9IA; CMID=YOcX0tIDy6dIQBnsQLW4pgAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 45|241|39|230|195|41|88|191
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1909
Expires: Thu, 08 Jul 2021 15:20:50 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 08 Jul 2021 15:20:50 GMT
Connection: keep-alive
Set-Cookie: CMID=YOcX0tIDy6dIQBnsQLW4pgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 08 Jul 2022 15:20:50 GMT CMPS=1155;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 06 Oct 2021 15:20:50 GMT CMPRO=1112;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 06 Oct 2021 15:20:50 GMT CMRUM3=bf60e717d205a0&2960e717d205a0&c360e717d205a00&2760e717d20b40&2d60e717d205a0&f160e717d205a0&5860e717d205a0&e660e717d22760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 08 Jul 2022 15:20:50 GMT

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Thu, 08 Jul 2021 15:20:50 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 08 Jul 2021 15:20:50 GMT
Connection: keep-alive
Set-Cookie: CMID=YOcX0tIDy6dIQBnsQLW4pgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 08 Jul 2022 15:20:50 GMT CMPS=1155;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 06 Oct 2021 15:20:50 GMT

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame 043D 43 B
551 B 196ms
49ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Date: Thu, 08 Jul 2021 15:20:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s579|YOcX1; path=/; domain=.go.sonobi.com

GET
H/1.1 200
OK Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame AED8 2 KB
3 KB 178ms
66ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c81e71536ac80d49763debd1a00fc8ecf7cfdd86169ac1e5d6ff19185498db25

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YOcX0p2Jkqug8qtnBVc2DAAA; CMPS=1155
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 230|45|241|39|13|191|64|105
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1794
Expires: Thu, 08 Jul 2021 15:20:50 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 08 Jul 2021 15:20:50 GMT
Connection: keep-alive
Set-Cookie: CMID=YOcX0p2Jkqug8qtnBVc2DAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 08 Jul 2022 15:20:50 GMT CMPS=1155;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 06 Oct 2021 15:20:50 GMT CMPRO=1112;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 06 Oct 2021 15:20:50 GMT CMRUM3=6960e717d205a0&4060e717d205a0&e660e717d22760&f160e717d205a0&2d60e717d205a0&0d60e717d205a0&2760e717d20b40&bf60e717d205a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 08 Jul 2022 15:20:50 GMT CMST=YOcX0mDnF9IA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 09 Jul 2021 15:20:50 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 60CB 0
731 B 67ms
54ms Script
text/html 37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:20:50 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 668a5ffa-8ccf-4915-931f-32e9cae6b77e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame FB71 0
42 B 147ms
48ms Script
text/plain 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=10716892&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:20:48 GMT
content-length: 0

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame AED8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YOcX0p2Jkqug8qtnBVc2DAAABFgAAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YOcX0p2Jkqug8qtnBVc2DAAABFgAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFA4ZYsJ9NKhe-ccLb1-XPU&google_cver=1

43 B
315 B

62ms
61ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFA4ZYsJ9NKhe-ccLb1-XPU&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:20:50 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 08 Jul 2021 15:20:50 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:20:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFA4ZYsJ9NKhe-ccLb1-XPU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame AED8
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YOcX0p2Jkqug8qtnBVc2DAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIRfr-Jevfltj_00ljtU6NI&google_cver=1

43 B
999 B

129ms
62ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIRfr-Jevfltj_00ljtU6NI&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:20:50 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 08 Jul 2021 15:20:50 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:20:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIRfr-Jevfltj_00ljtU6NI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame AED8
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcX0p2Jkqug8qtnBVc2DAAABFgAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcX0p2Jkqug8qtnBVc2DAAABFgAAAIB&dcc=t

43 B
433 B

136ms
136ms

Image
image/gif

52.46.130.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcX0p2Jkqug8qtnBVc2DAAABFgAAAIB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:20:51 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:20:50 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcX0p2Jkqug8qtnBVc2DAAABFgAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame AED8 70 B
264 B 189ms
61ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YOcX0p2Jkqug8qtnBVc2DAAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:20:50 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame AED8
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06712204038176af753b94d1&expiration=[EXPIRATION]&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06712204038176af753b94d1&expiration=[EXPIRATION]&gdpr=1&C=1

43 B
1011 B

76ms
76ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06712204038176af753b94d1&expiration=[EXPIRATION]&gdpr=1&C=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:21:01 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 08 Jul 2021 15:21:01 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:21:01 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06712204038176af753b94d1&expiration=[EXPIRATION]&gdpr=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 327
Expires: Thu, 08 Jul 2021 15:21:01 GMT

GET
H2 200 index
dmp.brand-display.com/cm/api/ Frame AED8 43 B
151 B 6829ms
6733ms Image
image/gif 35.241.40.233
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.21.1 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:20:57 GMT
via: 1.1 google
last-modified: Thu, 08 Jul 2021 15:20:57 GMT
server: nginx/1.21.1
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: clear
content-length: 43
expires: Thu, 08 Jul 2021 15:20:58 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame AED8
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1628349650

43 B
982 B

61ms
61ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1628349650
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:20:50 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 08 Jul 2021 15:20:50 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:20:50 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1628349650
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame AED8
Redirect Chain

https://d.adroll.com/cm/index/ssp?gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0

43 B
973 B

121ms
61ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:20:50 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 08 Jul 2021 15:20:50 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date: Thu, 08 Jul 2021 15:20:50 GMT
server: nginx/1.20.0
content-length: 76

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame AED8 43 B
425 B 53ms
51ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YOcX0p2Jkqug8qtnBVc2DAAA%261112
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Jul 2021 15:20:50 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=2756
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 08 Jul 2021 16:06:46 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 36DC
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YOcX0tIDy6dIQBnsQLW4pgAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIRfr-Jevfltj_00ljtU6NI&google_cver=1

43 B
1009 B

73ms
61ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIRfr-Jevfltj_00ljtU6NI&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:20:50 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 08 Jul 2021 15:20:50 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:20:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIRfr-Jevfltj_00ljtU6NI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 36DC
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcX0tIDy6dIQBnsQLW4pgAABFgAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcX0tIDy6dIQBnsQLW4pgAABFgAAAAB&dcc=t

43 B
433 B

138ms
137ms

Image
image/gif

52.46.130.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcX0tIDy6dIQBnsQLW4pgAABFgAAAAB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:20:51 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:20:50 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOcX0tIDy6dIQBnsQLW4pgAABFgAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 36DC 70 B
265 B 130ms
61ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YOcX0tIDy6dIQBnsQLW4pgAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:20:50 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 36DC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YOcX0tIDy6dIQBnsQLW4pgAABFgAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YOcX0tIDy6dIQBnsQLW4pgAABFgAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPIb8_9TdBS-7DuCoKQCRZs&google_cver=1

43 B
315 B

62ms
61ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPIb8_9TdBS-7DuCoKQCRZs&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:20:50 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 08 Jul 2021 15:20:50 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:20:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPIb8_9TdBS-7DuCoKQCRZs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 36DC
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-5189e712-f76c-4d67-ad60-bf659a68044f

43 B
1 KB

103ms
60ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-5189e712-f76c-4d67-ad60-bf659a68044f
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:20:50 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 08 Jul 2021 15:20:50 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-5189e712-f76c-4d67-ad60-bf659a68044f
date: Thu, 08 Jul 2021 15:20:50 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame 36DC 43 B
408 B 178ms
57ms Image
image/gif 173.231.181.122
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.181.122 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:20:50 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-3
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 36DC
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YOcX0wACi2p5cgAC
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YOcX0wACi2p5cgAC&gdpr=1&_test=YOcX0wACi2p5cgAC

43 B
1 KB

62ms
62ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YOcX0wACi2p5cgAC&gdpr=1&_test=YOcX0wACi2p5cgAC
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:20:51 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 08 Jul 2021 15:20:51 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:20:51 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1625757651.135763,VS0,VE0
x-served-by: cache-hhn4031-HHN
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YOcX0wACi2p5cgAC&gdpr=1&_test=YOcX0wACi2p5cgAC
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 index
dmp.brand-display.com/cm/api/ Frame 36DC 43 B
253 B 190ms
154ms Image
image/gif 35.241.40.233
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.21.1 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:20:50 GMT
via: 1.1 google
last-modified: Thu, 08 Jul 2021 15:20:50 GMT
server: nginx/1.21.1
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: clear
content-length: 43
expires: Thu, 08 Jul 2021 15:20:51 GMT

GET
H2 200 setuid
sync.quantumdex.io/ Frame 36DC 43 B
347 B 130ms
129ms Image
image/gif 2606:4700:20::681a:34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YOcX0tIDy6dIQBnsQLW4pgAABFgAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:20:50 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tPQF%2F0kaKEIAl%2F9m%2F2n3%2Fiydcf4t4V7uQSzYz73urcMzhX%2BJm6xOO2qp6BtUygYyR61pc73yVuwQiLdB3%2BDOIqYrdg%2Fn1GbuEZKWhKVnTa5X%2FxxlQ4nlQ37RhU9wObQ4JpPIGpJSuf37XMs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 66ba4c848fb42c01-FRA
content-length: 43

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 60CB 0
731 B 49ms
49ms Script
text/html 37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jul 2021 15:20:51 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 0f31b194-e038-471a-b022-374682930f56
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 48953915 Show response
mc.yandex.com/webvisor/ 43 B
145 B 48ms
48ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=3&wv-hit=28277793&page-url=https%3A%2F%2Fask.fm%2Fbudgetpaint63531&rn=666026199&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1625757652%3Aw%3A1600x1200%3Av%3A581%3Az%3A120%3Ai%3A20210708172052%3Au%3A1625757643160397814%3Avf%3A2fhsb6k71ko6ila0b%3Awe%3A1%3Ati%3A2%3Ast%3A1625757652

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 15:20:52 GMT
last-modified: Thu, 08-Jul-2021 15:20:52 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 08-Jul-2021 15:20:52 GMT

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ask.fm/	1970-01-19 19:37:09	Name: _ym_isad Value: 2
.ask.fm/	1970-01-20 04:21:33	Name: _ym_d Value: 1625757643
.ask.fm/	1970-01-20 04:21:33	Name: _ym_uid Value: 1625757643160397814
ask.fm/	1970-01-19 19:40:16	Name: _m_ask_fm_session Value: T2hXWDdqVWRmcGYxdkkxWC9MTHBxU1RPUGIrWi9zblBBOFp6ZE9hSlVQSXhCa3V6eVNKUklJRXNqUnA1Z1JOK1Z6UUdxUnZkWk1Dc3VucWdpQkRiSWp6ZHBER1lCd0U0d1VpRHRTTDgxZWVHK0xMbzNlQlg3SmloTnlJcVB2RXVIMnNlOXUrUlc1S0R2b3RLTTdENUdGQ1VIZ0xjZDR2SUd2QnhxRnZKd0xkMFZsS0RmZ1FCeFFxMkkrbnFYbUptS0tHdEdVaytoZmNEV1JjUFRPUVZSR1F3alY2RHR2aDI5eExoU2lNN3FoNkdTblkvYlZUckRFSDBGaEFmNjZpcS0tc0tlN1JYbGtSbmxtczh5dWVOUUpNUT09--86e1831bc165e55200f78b0ea191784dbd651d7d
ask.fm/	1970-01-20 04:21:55	Name: country Value: PL
ask.fm/	1970-01-20 04:21:55	Name: uuid Value: c6d9e1ac-7957-4ee2-84bb-5ffb8e7b6782
ask.fm/	1970-01-19 19:38:50	Name: traffic_source Value: organic
ask.fm/	1970-01-20 04:21:55	Name: locale Value: en

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ads.pubmatic.com
adx.adform.net
ap.lijit.com
ask.fm
cdn.connectad.io
cdn.jsdelivr.net
cm.adgrx.com
cm.g.doubleclick.net
cmp.optad360.io
connect.facebook.net
d.adroll.com
d3r6ceqp4shltl.cloudfront.net
dmp.brand-display.com
dsum-sec.casalemedia.com
get.optad360.io
gum.criteo.com
htlb.casalemedia.com
i.connectad.io
ib.adnxs.com
image2.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
match.adsrvr.org
mc.yandex.com
mc.yandex.ru
ms.quantumdex.io
mug.criteo.com
nep.advangelists.com
onetag-sys.com
pixel-sync.sitescout.com
pixel.advertising.com
prebid.a-mo.net
s.amazon-adsystem.com
serving.stat-rock.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
sync-eu.connectad.io
sync-tm.everesttech.net
sync.adotmob.com
sync.go.sonobi.com
sync.quantumdex.io
ups.analytics.yahoo.com
useast.quantumdex.io
www.facebook.com
www.googletagmanager.com
13.248.242.197
136.144.59.88
142.250.185.162
151.101.114.49
173.231.181.122
178.162.133.149
178.250.0.157
18.156.0.31
18.197.47.23
185.183.112.148
185.64.189.115
185.64.190.80
193.138.77.145
2.18.232.130
2.18.233.180
2.18.234.21
208.100.17.178
23.37.38.181
2600:9000:21f3:4000:6:b871:4f00:93a1
2600:9000:21f3:8c00:11:3771:2e40:21
2600:9000:21f3:fc00:11:a4de:2580:93a1
2606:4700:10::6816:37ce
2606:4700:20::681a:34e
2a00:1450:4001:80f::2008
2a02:2638:1::13
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::485
35.170.124.134
35.241.40.233
37.157.4.25
37.252.172.45
51.89.9.252
52.46.130.13
54.78.251.22
66.155.71.25
72.251.249.13
78.140.185.32
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
2022cd146606e4dbde81d8b02c65bd451415b57c1926b599e8ba860c7ef575fa
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3929e571584ac404ba32c11166c577244729dbd1e4189320e124126366224f08
3d60d8ecae59dd0091b33365e5ddf1bc4437452adc29c5b81e610c307282bce4
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3f1a3ad1dc70edc443c3b2ed82d7d863b2897565de5d5f4856f61bd6decb0e6b
3ffd3c012ea6753cd0373b0c79c43ab8a1915dd112e15c821ea654e8b01739ed
4174e530077efcb436dc4b47e8020d8286c17388080286dae41695a5f2a8c4a6
41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
464eb215a332ec0c5cd6a9fadde1761908f5cc7218bcde0783f90a9bbac23e69
467206f00105224e1a448a4ac9950cf1ad03988d92f95a03100b64c6feb17999
4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55c26a6237909d2b6ea9ce62f59a02af51bd25af788fa940371341e6d9b9a92c
5898ef219589e811c6392866ec5b20a2184456f5ba0c2cfdbf9251f347efd879
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6f07ba8d9716a5b2bb065745a1236fb31e81778c3c2fbcdb00fed665a7e1ea22
74d3ce7c2a44131def32328cb5d46bded57b93ec0863b09d150a479b1670eab7
78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
853324ad1cb1a0bbc62244f1854403cfe21ddb5bd45fd2595d018734c80daac7
86a90b183aecfa70018125329bdc860971b2f20123c0f40e68bac0a1dcb58645
89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8
8d5a679ff64c26fa390c0ead9e9770c6973dea478af0dbd7c8b6db071f854ba0
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
94091c7bcd549d51956d6fd4d1cd48130848dd2bcd124f3bb636295da1d43095
942206f7e2173d461e541d924b9368dd15fcc9e2bd293d3fe9dbd0777a21858c
98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f
998003392b3da84e01fa969f409e6b75a052c741124c53650741ae4c7aeeeac0
a01a5454a2153f1e3c960cedcedb0c5577daaf0e3af2cd20113b488faac5fb7a
a250c006d6b747d0c6f489b530218db1547979de974f3c9b5ac51aef8c3ae735
a90519f2699ba6b3fcce154719527ef8da832763a3cfe8d66b8b78703c5b323e
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac0ebb80cc23977a364955d1be04438b5ede083f1c0a02fc5832ee1d57bf637a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c233d6098087425dfeea8f690fd936de6b3cb2dc9fda991b0a5051169d334399
c6314e77f4d013e42a2359e22b119139e345e8d081fa10f96544e6361501b01c
c81e71536ac80d49763debd1a00fc8ecf7cfdd86169ac1e5d6ff19185498db25
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edd77389762429404dc640cbcfae9f543004040489d920bfcf2903793d0eea59
f56ad273e0204eb8d21346d7116686e717353c0864546a4e66a72b581e594a75

ask.fm Open in urlscan Pro 193.138.77.145 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

94 Requests

100 %HTTPS

28 %IPv6

35 Domains

47 Subdomains

30 IPs

9 Countries

808 kBTransfer

2268 kBSize

8 Cookies

12 Outgoing links

Redirected requests

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

ask.fm Open in urlscan Pro
193.138.77.145 Public Scan

Screenshot
Live screenshot

Full Image

94
Requests

100 %
HTTPS

28 %
IPv6

35
Domains

47
Subdomains

30
IPs

9
Countries

808 kB
Transfer

2268 kB
Size

8
Cookies

94 HTTP transactions
1 data transactions