ask.fm Open in urlscan Pro
193.138.77.141  Public Scan

14 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

• https://mc.yandex.com/sync_cookie_image_check HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9371.kfjLweBAIWekTxuoIbAUaYHMlSj2xWzwaJlQm_9JFEPN6EHKjfbDvnhTop3o99hy.h66PXz85Unhmn-2dh0E2iconzQw%2C HTTP 302
• https://mc.yandex.com/sync_cookie_image_decide?token=9371.Wl7_5xNY_h05JTIAXSQUyHYIoigNtXdGcD2-86cr7Me3nG1I9i3mL0UW8esZ1LLt-Auhp1M40_GfpD31a2jLkg%2C%2C.FQV30bxUhcMd-x1hHmWRYpLZmZ4%2C

Request Chain 34

• https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fgvlawyers34&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A678%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A622%3Acn%3A1%3Adp%3A0%3Als%3A427045734492%3Ahid%3A539812565%3Az%3A120%3Ai%3A20210821061716%3Aet%3A1629519437%3Ac%3A1%3Arn%3A826340483%3Au%3A1629519437350846475%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629519435863%3Ads%3A1%2C310%2C163%2C4%2C0%2C0%2C%2C100%2C5%2C%2C%2C%2C579%3Adsn%3A1%2C310%2C163%2C4%2C0%2C0%2C%2C100%2C5%2C%2C%2C%2C579%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629519437%3At%3AAccount%20Suspended%20-%20Ask.fm HTTP 302
• https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fgvlawyers34&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A678%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A622%3Acn%3A1%3Adp%3A0%3Als%3A427045734492%3Ahid%3A539812565%3Az%3A120%3Ai%3A20210821061716%3Aet%3A1629519437%3Ac%3A1%3Arn%3A826340483%3Au%3A1629519437350846475%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629519435863%3Ads%3A1%2C310%2C163%2C4%2C0%2C0%2C%2C100%2C5%2C%2C%2C%2C579%3Adsn%3A1%2C310%2C163%2C4%2C0%2C0%2C%2C100%2C5%2C%2C%2C%2C579%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629519437%3At%3AAccount%20Suspended%20-%20Ask.fm

Request Chain 46

• https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=NvnV1nw1SEtEN2NuODFHdzlJNmFTcklPNWh3UUJOamhZZkJJeUNCeGlRdW1FbjBDMzBwT3UxdFBKc0wzcVNaZ1BNclE1bEpqUE95aU5YcTZNNWVLQU1yeGtzM0VacW83NDhXdmpjTlZSRGR2a2lmVFRhY3FOcWVzdGhSQkZVYlJSSU9waUFobXJ4cjVBZXpxcHBSbnMyQTgwaTMydmllK3RlWTIxalVmSXNpL0xXeTBVb3VYaERZa1ZtM3l3OWxoV21xQjNHV0ozY0tDSTJQOGdZY3hsUG9jL3JBPT18&cppv=2

Request Chain 73

• https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=c9eeb24c-75a9-4f7b-ada4-7f1ec1675efc HTTP 302
• https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=c9eeb24c-75a9-4f7b-ada4-7f1ec1675efc&verify=true HTTP 302
• https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=c9eeb24c-75a9-4f7b-ada4-7f1ec1675efc&apid=UPada67780-0236-11ec-9adb-0611ef1d130e HTTP 302
• https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=c9eeb24c-75a9-4f7b-ada4-7f1ec1675efc&apid=UPada67780-0236-11ec-9adb-0611ef1d130e&verify=true HTTP 302
• https://prebid.a-mo.net/setuid/verizon_video?uid=UPada67780-0236-11ec-9adb-0611ef1d130e&gdpr=0&gdpr_consent=

Request Chain 74

• https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc9eeb24c-75a9-4f7b-ada4-7f1ec1675efc%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
• https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc9eeb24c-75a9-4f7b-ada4-7f1ec1675efc%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
• https://prebid.a-mo.net/setuid?A=c9eeb24c-75a9-4f7b-ada4-7f1ec1675efc&D=&bidder=pubmatic&uid=DC35D2C1-453B-4FF3-BCEB-3845AA24C63A

Request Chain 75

• https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc9eeb24c-75a9-4f7b-ada4-7f1ec1675efc%26D%3D%26bidder%3Dindex_rtb%26uid%3D HTTP 302
• https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc9eeb24c-75a9-4f7b-ada4-7f1ec1675efc%26D%3D%26bidder%3Dindex_rtb%26uid%3D&s=191503&C=1 HTTP 302
• https://prebid.a-mo.net/setuid?A=c9eeb24c-75a9-4f7b-ada4-7f1ec1675efc&D=&bidder=index_rtb&uid=YSB.UM2nK6CzyZrxVi9mxAAA%261179

Request Chain 77

• https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc9eeb24c-75a9-4f7b-ada4-7f1ec1675efc%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253Dc9eeb24c-75a9-4f7b-ada4-7f1ec1675efc%2526D%253D%2526bidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
• https://prebid.a-mo.net/setuid?A=c9eeb24c-75a9-4f7b-ada4-7f1ec1675efc&D=&bidder=appnexus&uid=4319340587136485608

Request Chain 78

• https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc9eeb24c-75a9-4f7b-ada4-7f1ec1675efc%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
• https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc9eeb24c-75a9-4f7b-ada4-7f1ec1675efc%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
• https://prebid.a-mo.net/setuid?A=c9eeb24c-75a9-4f7b-ada4-7f1ec1675efc&D=&bidder=sovrn&uid=312f2f83ef6eb18ee5c9dab4

Request Chain 84

• https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
• https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Request Chain 85

• https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
• https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4319340587136485608

Request Chain 87

• https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
• https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
• https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-O1SXLeBE2uHmM56OIyH2L5aEjUBCIcaougBKhKo-~A

Request Chain 88

• https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
• https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=d6228ff5-1d39-42ce-ac0b-cd8bd785ef71

Request Chain 89

• https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
• https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=ea88b72e-1dde-4d50-b0b6-3aca445e64d5

Request Chain 90

• https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
• https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPada67780-0236-11ec-9adb-0611ef1d130e HTTP 302
• https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPada67780-0236-11ec-9adb-0611ef1d130e&verify=true HTTP 302
• https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPada67780-0236-11ec-9adb-0611ef1d130e

Request Chain 91

• https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
• https://sync.quantumdex.io/setuid?bidder=sovrn&uid=312f2f83ef6eb18ee5c9dab4

Request Chain 92

• https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
• https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4319340587136485608

Request Chain 97

• https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YSB.UM2nK6CzyZrxVi9mxAAA HTTP 302
• https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YSB.UM2nK6CzyZrxVi9mxAAA&google_tc= HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJ7GU2X4_Kf6ujMOwLELtUU&google_cver=1&gdpr=1&google_hm=2

Request Chain 98

• https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YSB-UM2nK6CzyZrxVi9mxAAABJsAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YSB-UM2nK6CzyZrxVi9mxAAABJsAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEApqFekjWQlTJlSzpc2FdzA&google_cver=1

Request Chain 99

• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSB-UM2nK6CzyZrxVi9mxAAABJsAAAIB HTTP 302
• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSB-UM2nK6CzyZrxVi9mxAAABJsAAAIB&dcc=t

Request Chain 102

• https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
• https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6828058401850901653&uid=Q6828058401850901653&ref=%2Feucm%2Fp%2Fcc HTTP 302
• https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 103

• https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
• https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=gipapSsa1MhirC5&gdpr=1

Request Chain 104

• https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=95376120-7e50-4100-9513-1ef8967beb25&gdpr=1&gdpr_consent=

Request Chain 106

• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSB-UM2nK6CzyZrxVi9mxAAABJsAAAIB HTTP 302
• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSB-UM2nK6CzyZrxVi9mxAAABJsAAAIB&dcc=t

Request Chain 108

• https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YSB-UM2nK6CzyZrxVi9mxAAABJsAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YSB-UM2nK6CzyZrxVi9mxAAABJsAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEHB42i58Neode4RZ7LGwnFk&google_cver=1

Request Chain 109

• https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YSB.UM2nK6CzyZrxVi9mxAAA HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEqWoNxShxisX1pdcQOF99I&google_cver=1&gdpr=1&google_hm=2

Request Chain 111

• https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
• https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1 HTTP 303
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFQCE7CQP0AABvTwZ_rVg&expiration=1630729041&gdpr=1

Request Chain 112

• https://ums.acuityplatform.com/tum?umid=8 HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=601442354729

Request Chain 113

• https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
• https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YSB_UAADrKywTwBg HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YSB_UAADrKywTwBg&gdpr=1&_test=YSB_UAADrKywTwBg

Request Chain 119

• https://c1.adform.net/serving/cookie/match?party=14&cid=DC35D2C1-453B-4FF3-BCEB-3845AA24C63A HTTP 302
• https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=DC35D2C1-453B-4FF3-BCEB-3845AA24C63A

Request Chain 120

• https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
• https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4363020146205462268

Request Chain 123

• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3DXSwUU7T_O86zhFqiTGOg%3D%3D HTTP 302
• https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 124

• https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
• https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=95376120-7e50-4100-9513-1ef8967beb25

Request Chain 125

• https://pixel.onaudience.com/?partner=214&mapped=DC35D2C1-453B-4FF3-BCEB-3845AA24C63A HTTP 302
• https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
• https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
• https://pixel.onaudience.com/?partner=104&icm&cver&mapped=db21899d2015d968a41eab5c05c563a HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
• https://pixel.onaudience.com/?partner=147&mapped=2116c85d-b9af-4646-bdf3-e5c4d9fe19d4&icm HTTP 302
• https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
• https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
• https://pixel.onaudience.com/?partner=161&icm&cver&mapped=fb451debf82f665ce7cc37cb557591c2

Request Chain 126

• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=REMzNUQyQzEtNDUzQi00RkYzLUJDRUItMzg0NUFBMjRDNjNB&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 127

• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIIyOztBWbofYjNY0vt_8eE&google_cver=1

Request Chain 129

• https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
• https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3265149073714809487

Request Chain 130

• https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:95376120-7e50-4100-9513-1ef8967beb25&gdpr=0&gdpr_consent=

Request Chain 131

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2116c85d-b9af-4646-bdf3-e5c4d9fe19d4

Request Chain 132

• https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4319340587136485608&gdpr=0&gdpr_consent=

Request Chain 133

• https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DC35D2C1-453B-4FF3-BCEB-3845AA24C63A&redir=true&gdpr=0&gdpr_consent= HTTP 302
• https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-m_rlgwBE2uVcodBOdD1wIbwgor5HmQA-~A&gdpr=0&gdpr_consent=

136 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	410 Gone	Primary Request Cookie set gvlawyers34 Show response ask.fm/	12 KB 13 KB	475ms 163ms	Document text/html	193.138.77.141 ASK-FM
General Check archive.org Show headers Download Go to Full URL https://ask.fm/gvlawyers34 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.138.77.141 , Latvia, ASN395754 (ASK-FM, US), Reverse DNS Software Ask.FM Web Service / Resource Hash a1d592e31d547f74117e0014394ddee7826f44d42c58540071e7872bcbb179ef Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Host ask.fm Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Status 410 Gone Cache-Control no-cache X-Frame-Options SAMEORIGIN X-XSS-Protection 1; mode=block X-Content-Type-Options nosniff Date Sat, 21 Aug 2021 04:17:16 GMT Set-Cookie locale=en; path=/; expires=Sun, 21 Aug 2022 10:17:16 -0000 uuid=583f5df7-74d1-4194-8cf9-9520cfe0de92; path=/; expires=Sun, 21 Aug 2022 10:17:16 -0000; secure; HttpOnly country=NL; path=/; expires=Sun, 21 Aug 2022 10:17:16 -0000 _m_ask_fm_session=ajBMVC9Heks3cmV1aUtPWlRLSHA5UVBabENxb1lOTTZURk9FcVNNM3Rmc1hTZ1dNekFuK2FONm1sUGp2bTBjbnlHeVlkQW4wcVdhQmM3a21GWXhHSnJhVG5nTVhsNjFGL2JILzdLUlpoeVpZSGt6ZzRmQkV6SkI0ODJFNU5pMVc0bzVubTJTRzlXVFEvNm1ndFVGMWJxR05DUVFKOVBseXNBenVNcUdjd2VYYmI1TEJONnNINUUrMDdtK0NlL0U4UE5Oc0RUeE9PakpVSndIZHh5OU1waWVKNll5d1MySnRJcjFwdE9tSExheXRET2Y2NFJ4UHFVZzhRVnhhWFVHWC0tcXR6eXFqWkJkM1FKQnJOWWZzeVZtUT09--a49875be21b1ddf621952ce44cd9cac04c2513f6; path=/; expires=Tue, 24 Aug 2021 04:17:16 -0000; secure; HttpOnly Server Ask.FM Web Service Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000
GET H2	200	application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css d3r6ceqp4shltl.cloudfront.net/assets/	184 KB 39 KB	54ms 13ms	Stylesheet text/css	2600:9000:21f3:fc00:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css Requested by Host: ask.fm URL: https://ask.fm/gvlawyers34 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:fc00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 6bf4d1a5ab84231d4d77a7aa49811be50601ad46f93002a7dfc4b29403980787 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 12:23:34 GMT content-encoding gzip age 230022 x-cache Hit from cloudfront access-control-max-age 3000 content-length 39692 access-control-allow-origin https://ask.fm last-modified Wed, 18 Aug 2021 12:19:47 GMT server Ask.FM Web Service etag "611cfae3-9b0c" strict-transport-security max-age=63072000 access-control-allow-methods GET content-type text/css via 1.1 ec9e3bc729d9c6d55ed32446408ad62f.cloudfront.net (CloudFront) cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA2-C2 x-amz-cf-id hvODP_uGVyE2LBEkZgorAmh7tyEqVxixuHaF63uwfM9iP1DN8I839A== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js Show response d3r6ceqp4shltl.cloudfront.net/assets/	217 KB 68 KB	54ms 13ms	Script application/javascript	2600:9000:21f3:fc00:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js Requested by Host: ask.fm URL: https://ask.fm/gvlawyers34 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:fc00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 12:06:37 GMT content-encoding gzip age 231039 x-cache Hit from cloudfront access-control-max-age 3000 content-length 69074 access-control-allow-origin https://ask.fm last-modified Wed, 18 Aug 2021 07:22:53 GMT server Ask.FM Web Service etag "611cb54d-10dd2" strict-transport-security max-age=63072000 access-control-allow-methods GET content-type application/javascript via 1.1 ec9e3bc729d9c6d55ed32446408ad62f.cloudfront.net (CloudFront) cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA2-C2 x-amz-cf-id E0YSG-Veb5pCgBLX0vMTQ-lx825IRktL7rRfXa-zOCRexMIj2pRwkQ== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	account-suspended.gif d3r6ceqp4shltl.cloudfront.net/images/errors/	380 KB 380 KB	18ms 18ms	Image image/gif	2600:9000:21f3:fc00:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3r6ceqp4shltl.cloudfront.net/images/errors/account-suspended.gif Requested by Host: ask.fm URL: https://ask.fm/gvlawyers34 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:fc00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash b570d38ee9fb9d3c62cdd3395021b23cf0c1b8d6e55aa0f4c31496723a30c202 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 15:38:28 GMT via 1.1 ec9e3bc729d9c6d55ed32446408ad62f.cloudfront.net (CloudFront) age 218328 x-cache Hit from cloudfront content-length 388641 last-modified Wed, 18 Aug 2021 12:19:47 GMT server Ask.FM Web Service etag "611cfae3-5ee21" strict-transport-security max-age=63072000 content-type image/gif cache-control max-age=315360000, public content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA2-C2 accept-ranges bytes x-amz-cf-id Iw-7jyZyKOAG8zRXYTQYS5mMdqL19gpIufUvx3UMQLLoJ6lGk8qvtA== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200	scripts Show response esputnik.com/scripts/v1/public/	36 KB 11 KB	89ms 30ms	Script application/javascript	2a05:d018:ac8:b900:9ae8:4daf:81f1:1980 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://esputnik.com/scripts/v1/public/scripts?apiKey=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI0NTI0ZWZhYTJkYzI2MGRmYTM4YTE1NDBlMWFlYmU1M2QxYjUyMDE3MzM0OWZhOTIxZGExMGU3OWRmYzEwMDRmMjJhOGU1MzE1ZmJlYTIyZTBhMDMzY2FhODU3ZDgzNTY1MGFhYTM0NjEwNjUzNGMxZTcyMjRhOTU2ODVlYmQ0N2JkZDhlYjZkNmIyMDc0NWFhNDY3YjIyMWI0ODI0NTE2MGY4ZmU1OTY5MDU3In0.G6LVcfCiI7Js2CYtqG0BsrNJdgaviLhvqlodAVkkBkzVwQmSlSOsrIkTvP_QNoXGzaogwOdqcjtaXPMKvwWD0A&domain=1152F29B-9126-4F22-869C-ECC03B33FB2B Requested by Host: ask.fm URL: https://ask.fm/gvlawyers34 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:d018:ac8:b900:9ae8:4daf:81f1:1980 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 9524651138ff275f239f46f2bae2ea963f99669434e5fa39b5a3b3f92680b8ff Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sat, 21 Aug 2021 04:17:16 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server nginx X-Frame-Options SAMEORIGIN Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type application/javascript; charset=utf-8 Cache-Control max-age=300 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding X-XSS-Protection 1; mode=block Expires Sat, 21 Aug 2021 04:22:16 GMT
GET H2	200	tag.js Show response mc.yandex.ru/metrika/	224 KB 71 KB	44ms 44ms	Script application/javascript	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/tag.js Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash c0ecf1302c42850f5a665b0f6e1ff0853816a966dbf2b7b8ce545e89d16dd4c2 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 Aug 2021 04:17:16 GMT content-encoding br last-modified Fri, 20 Aug 2021 14:26:38 GMT etag "611fb217-11d3b" strict-transport-security max-age=31536000 content-type application/javascript access-control-allow-origin * cache-control max-age=3600 content-length 73019 expires Sat, 21 Aug 2021 05:17:16 GMT
GET H2	200	3592935.jpg d16vsmxl4d5tw1.cloudfront.net/269/17d48/556d/4ea7/b114/da99f7e8849f/thumb/	3 KB 3 KB	89ms 43ms	Image image/jpeg	2600:9000:2190:c600:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/269/17d48/556d/4ea7/b114/da99f7e8849f/thumb/3592935.jpg Requested by Host: ask.fm URL: https://ask.fm/gvlawyers34 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:c600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f4931baedbd687ad1e514edb5b80dda93e675772302698d2b8c9283da7f1c4af Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 20:00:56 GMT via 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront) last-modified Thu, 06 Apr 2017 22:42:32 GMT server AmazonS3 age 29781 etag "bd93a1b0b0a2f9e43a5b580e3d7d12d5" x-cache Hit from cloudfront x-amz-version-id M7tj6qmKDeO0ZPqXD7L3DGhv8.L0kHjy x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-type image/jpeg content-length 2710 x-amz-cf-id b0UcFaU9qVw4ZKzzI24sgtPVbRQ42kWY2gNn4THc6aqvGtC9WyI6Yg==
GET H2	200	149662.jpg dbq8hrmshvuto.cloudfront.net/e88/62910/1f7f/47c4/93b6/065cb30182bc/thumb/	7 KB 7 KB	60ms 13ms	Image image/jpeg	2600:9000:20eb:6200:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/e88/62910/1f7f/47c4/93b6/065cb30182bc/thumb/149662.jpg Requested by Host: ask.fm URL: https://ask.fm/gvlawyers34 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:6200:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f1c3a808cd7b010198ccc6726dcf88f49ad5c3737542ea794956f5381bfaf7e5 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 14:15:17 GMT via 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront) last-modified Wed, 22 Jul 2020 23:26:34 GMT server AmazonS3 age 50520 etag "1283a32905a0053db30c83e78e437b2d" x-cache Hit from cloudfront x-amz-version-id 1EZF7gMmKSH0ZdXK6MXz1YSI0PrxX.__ x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 7007 x-amz-cf-id syw0M-YMRUfvqn4_HbtzKjJyS5-fknV5yCfJVGyDKI2A_hkksCTwDw==
GET H2	200	2320.jpg d16vsmxl4d5tw1.cloudfront.net/9b4/2e32c/3eed/40ed/a1ff/fd81fa561aaa/thumb/	8 KB 8 KB	58ms 14ms	Image image/jpeg	2600:9000:2190:c600:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/9b4/2e32c/3eed/40ed/a1ff/fd81fa561aaa/thumb/2320.jpg Requested by Host: ask.fm URL: https://ask.fm/gvlawyers34 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:c600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bf903f02a0b4c5b0cef6b0c472c599ace09d36412372f6f719fb56a581945aa0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id jPA9E3BI9cVS46cSyQzWrCanOTX19iMT via 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront) last-modified Mon, 15 Apr 2019 09:48:16 GMT server AmazonS3 age 31405 etag "5f6dbbc5f88af4e30053222b8f7b3df2" x-cache Hit from cloudfront content-type image/jpeg x-amz-storage-class REDUCED_REDUNDANCY date Fri, 20 Aug 2021 19:33:52 GMT x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 8112 x-amz-cf-id tQ7h3qBRTXXM0UutowF7-uFOxq34E6uKJ3HFgNiJyuArJ-GX9sVQMA==
GET H2	200	425070.jpg dbq8hrmshvuto.cloudfront.net/6d7/a1d1d/e1b7/48de/b882/8584fd755797/thumb/	10 KB 10 KB	465ms 419ms	Image image/jpeg	2600:9000:20eb:6200:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/6d7/a1d1d/e1b7/48de/b882/8584fd755797/thumb/425070.jpg Requested by Host: ask.fm URL: https://ask.fm/gvlawyers34 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:6200:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 18ffaa95ae4950eb9050e85794620af165250fbe742a51fe4a8b2def302b939b Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 Aug 2021 04:17:17 GMT via 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront) last-modified Wed, 26 Aug 2020 21:54:05 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 etag "23a8ccbd64c30a236742ecf55dd2ec44" x-cache Miss from cloudfront x-amz-version-id gbTkq3i9Hz5n6xist3yxPvkZHuK4c3hm x-amz-storage-class REDUCED_REDUNDANCY accept-ranges bytes content-type image/jpeg content-length 10009 x-amz-cf-id t8rTq0SZRH2DMRVoqsPSsLm2V3riwQr_ljJro2hI7_sRFDCPquJvGQ==
GET H2	200	1020899.jpg dbq8hrmshvuto.cloudfront.net/02d/5df1c/8aad/4db8/a4a7/1413a29376b2/normal/	78 KB 79 KB	87ms 41ms	Image image/jpeg	2600:9000:20eb:6200:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/02d/5df1c/8aad/4db8/a4a7/1413a29376b2/normal/1020899.jpg Requested by Host: ask.fm URL: https://ask.fm/gvlawyers34 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:6200:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 18683227d3d61c561964da3fd54f124d9abc5082594c024ed9aa37fc34b5fb6e Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 20:00:20 GMT via 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront) last-modified Fri, 26 Aug 2016 20:19:04 GMT server AmazonS3 age 29816 etag "cb66820d4b3b92edaaacc0299211498a" x-cache Hit from cloudfront x-amz-version-id vHcFqW4zBTbQfRfsQpwfvWFJM_epUMQH x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 80090 x-amz-cf-id qeZLrIZWpcpM-Gom0SThEiEajFqlJ187HOUdhqWbeQFXNyM5eEWt5A==
GET H2	200	256865.jpg d16vsmxl4d5tw1.cloudfront.net/b1c/5f9ab/35a6/40c8/807d/2bf866391663/thumb/	5 KB 5 KB	66ms 22ms	Image image/jpeg	2600:9000:2190:c600:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/b1c/5f9ab/35a6/40c8/807d/2bf866391663/thumb/256865.jpg Requested by Host: ask.fm URL: https://ask.fm/gvlawyers34 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:c600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a76108af0e6bad345f7192dfe48b1e4ec63573dd873ef2ac8353a7f1894025ee Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 20:00:56 GMT via 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront) last-modified Sat, 23 Jun 2018 22:35:56 GMT server AmazonS3 age 29781 etag "5cbb6d6c6ab75b96629090eb170eae8a" x-cache Hit from cloudfront x-amz-version-id f8IFJbMPpvayB7XFGWJt48yBLeP_PCT1 x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-type image/jpeg content-length 4618 x-amz-cf-id B3oFTeVtHVe7vJrQxEYevciYYWeERorNQet_G_jZRYYL7QVoDs_xiQ==
GET H2	200	78395.jpg d16vsmxl4d5tw1.cloudfront.net/93f/028ac/e4cd/4949/af89/70d4ccd3c2bd/thumb/	3 KB 4 KB	65ms 21ms	Image image/jpeg	2600:9000:2190:c600:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/93f/028ac/e4cd/4949/af89/70d4ccd3c2bd/thumb/78395.jpg Requested by Host: ask.fm URL: https://ask.fm/gvlawyers34 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:c600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 47b9ab852cf2c5d8311c994957b1e14c277e4dcde0bad979ec19e0b8068ff92b Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 20:00:56 GMT via 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront) last-modified Thu, 09 Nov 2017 21:04:43 GMT server AmazonS3 age 29781 etag "3594126d9c9f1e1ac1b816c2eb0ed64c" x-cache Hit from cloudfront x-amz-version-id SSk8f_NC8odgb1I1yUw_kjuZXjBhoOmU x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-type image/jpeg content-length 3330 x-amz-cf-id jG0gmHJFLe1dcAjM37aBaiX8IaX7ITXORJ7Fqi_xt06vs5BVOEhApg==
GET H2	200	25101.jpg d16vsmxl4d5tw1.cloudfront.net/0fe/89712/bb37/4580/a0e5/a38f52676cbc/thumb/	3 KB 4 KB	66ms 22ms	Image image/jpeg	2600:9000:2190:c600:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/0fe/89712/bb37/4580/a0e5/a38f52676cbc/thumb/25101.jpg Requested by Host: ask.fm URL: https://ask.fm/gvlawyers34 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:c600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b7fd3113828a12e5f10b0cba35f79e2c31e103ed4156c4c49d7b58416de6d41c Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 20:00:20 GMT via 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront) last-modified Tue, 21 Jan 2020 14:07:45 GMT server AmazonS3 age 29817 etag "3b09295748bca7ae55e3596d3434e5b7" x-cache Hit from cloudfront x-amz-version-id _fsP_7tatqgnIuVD6TInj0DPz3v6guZc x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-type image/jpeg content-length 3356 x-amz-cf-id -NWtm1Qv4pP7cfQBUFTE7AfO-mf6VNwS5l65kgJYKkNyVgGu8DTFQA==
GET H2	200	IMG_20160302_170653.jpg dbq8hrmshvuto.cloudfront.net/assets2/150/231/050/496/normal/	129 KB 130 KB	17ms 15ms	Image image/jpeg	2600:9000:20eb:6200:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/assets2/150/231/050/496/normal/IMG_20160302_170653.jpg Requested by Host: ask.fm URL: https://ask.fm/gvlawyers34 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:6200:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 527accd4cae81e550c647b0ecfe93fd9387f6d0633203a8875eaf86d87703944 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 20:00:20 GMT via 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront) last-modified Sat, 12 Mar 2016 10:52:23 GMT server AmazonS3 age 29816 etag "853ceef70e37539e3ff5793db21587a7" x-cache Hit from cloudfront x-amz-version-id 6qj8NOd79mwC8BCDzqWCZVBmoQBdVqJj x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 132571 x-amz-cf-id CXALvK0-M1t0ty3xGZuf66Mlh4W532nBRHp_Zk7xWe9djVdqqxNScQ== expires Mon, 01 Jan 2024 00:00:00 GMT
GET H2	200	122640.jpg d16vsmxl4d5tw1.cloudfront.net/6e2/d8b4e/0a2e/4580/81b6/9c602f070f29/thumb/	3 KB 3 KB	22ms 21ms	Image image/jpeg	2600:9000:2190:c600:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/6e2/d8b4e/0a2e/4580/81b6/9c602f070f29/thumb/122640.jpg Requested by Host: ask.fm URL: https://ask.fm/gvlawyers34 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:c600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0b65d1d8cb24a735f7549c7d3aae647921f8793aa6a785a9f44024173b68e658 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 20:00:56 GMT via 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront) last-modified Sat, 02 Feb 2019 04:17:43 GMT server AmazonS3 age 29781 etag "7b7f9826610c6bc7f5141cd043d163e4" x-cache Hit from cloudfront x-amz-version-id ryeokSU9JG6bmfuVZY0KiitghU1KFisX x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-type image/jpeg content-length 2585 x-amz-cf-id -hhMseCRv_eXlFCOFFEobso_FCVY9Kx3jorG3Pb5XT134njbKGjRuw==
GET H2	200	1244299.jpg d16vsmxl4d5tw1.cloudfront.net/b73/c05b2/4199/42de/8fb5/84acd36227fb/thumb/	3 KB 4 KB	45ms 43ms	Image image/jpeg	2600:9000:2190:c600:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/b73/c05b2/4199/42de/8fb5/84acd36227fb/thumb/1244299.jpg Requested by Host: ask.fm URL: https://ask.fm/gvlawyers34 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:c600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4e66061bab58788c331a73abf7f66cd76851d47c1d9d132dc291c463428e8e62 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 20:00:20 GMT via 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront) last-modified Sat, 10 Feb 2018 07:46:14 GMT server AmazonS3 age 29817 etag "9b4414d219f337141c41bbd9eb65bc38" x-cache Hit from cloudfront x-amz-version-id Wb4JocyTw2o_lv8AVhWbQIrLzgtjMViQ x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-type image/jpeg content-length 3530 x-amz-cf-id hKUYgasCOhtVuur9TQC4ST-x5n3_AV8UQg2cuSHu0RPc-iBQao5CDA==
GET H2	200	45539.jpg d16vsmxl4d5tw1.cloudfront.net/363/1bb8e/608c/4b05/8cd6/72dc44de9128/thumb/	4 KB 5 KB	31ms 29ms	Image image/jpeg	2600:9000:2190:c600:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/363/1bb8e/608c/4b05/8cd6/72dc44de9128/thumb/45539.jpg Requested by Host: ask.fm URL: https://ask.fm/gvlawyers34 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:c600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0dcbff9cab4d6a62094fc682707aaaeeb9f3eb65e87f46e788ea4198f0250743 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 20:00:25 GMT via 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront) last-modified Wed, 26 Sep 2018 00:44:29 GMT server AmazonS3 age 29812 etag "dbffea93eb55a98b606b8386cec21ad4" x-cache Hit from cloudfront x-amz-version-id cdcI6gxckYNZmn3GWHpB0f.meGEESVFx x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-type image/jpeg content-length 4430 x-amz-cf-id SVaTLQ2DTgZetxAQog2AtoCIZEq8tiN5mPvLjvmp132MFkD0d-1ozg==
GET H2	200	71728.jpg dbq8hrmshvuto.cloudfront.net/4a2/ec3e5/77b2/4339/963c/88af3d4721cc/thumb/	2 KB 2 KB	16ms 14ms	Image image/jpeg	2600:9000:20eb:6200:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/4a2/ec3e5/77b2/4339/963c/88af3d4721cc/thumb/71728.jpg Requested by Host: ask.fm URL: https://ask.fm/gvlawyers34 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:6200:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6416be48d9f73a67312bdeb9a7023f285c1d9fd3b13b4051193aee1f00e10561 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 20:00:56 GMT via 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront) last-modified Tue, 07 Jul 2020 18:44:17 GMT server AmazonS3 age 29781 etag "de35035c91eebe0d0e1a9a8fc41dcd12" x-cache Hit from cloudfront x-amz-version-id pqYdX5AIILSZhcqr21JOFmL30BnCfqBP x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 2088 x-amz-cf-id GvebtBE02eWRslOdSXQ5ip8dZG4mfxdNzBiKTk-uFIJnK9OzlUPW6A==
GET H2	200	34283.jpg dbq8hrmshvuto.cloudfront.net/28e/50d09/90f2/4450/b5ef/3c2790d41062/thumb/	2 KB 2 KB	15ms 13ms	Image image/jpeg	2600:9000:20eb:6200:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/28e/50d09/90f2/4450/b5ef/3c2790d41062/thumb/34283.jpg Requested by Host: ask.fm URL: https://ask.fm/gvlawyers34 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:6200:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4230e32fc12768666a7246e5f4e1611fe83a3cd8b3fc6cf8f5d860b1de6e03a1 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id 32WRUr6QIJDgONHfBZVw5osWNAt2xUpQ via 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront) last-modified Sat, 04 Apr 2020 00:25:21 GMT server AmazonS3 age 85884 etag "f3331ff8c8cb6b1d1c653b4d6322aaa1" x-cache Hit from cloudfront content-type image/jpeg x-amz-storage-class REDUCED_REDUNDANCY date Fri, 20 Aug 2021 04:25:53 GMT x-amz-cf-pop FRA2-C1 accept-ranges bytes content-length 1891 x-amz-cf-id nX6K5y1ktfCZX_yaFFIXB5Ye2w1J8lcXj-YmVqFS58lEyf1gdOEvZQ==
GET H2	200	794240.jpg d16vsmxl4d5tw1.cloudfront.net/d95/556f8/9cfc/4677/9766/0aafb06311b7/thumb/	2 KB 3 KB	31ms 30ms	Image image/jpeg	2600:9000:2190:c600:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/d95/556f8/9cfc/4677/9766/0aafb06311b7/thumb/794240.jpg Requested by Host: ask.fm URL: https://ask.fm/gvlawyers34 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:c600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash cec0eaebcc1ae263d4aee85e070e5a37befe6b543b8f15cadc8f5b31f398fd29 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 16:46:58 GMT via 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront) last-modified Wed, 10 Oct 2018 21:02:30 GMT server AmazonS3 age 41418 etag "e3a0d45d1e2c28a0eae2a9e148535628" x-cache Hit from cloudfront x-amz-version-id QuqL4CMmK9HGDTwdWkCfiVTST061HjFY x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-type image/jpeg content-length 2251 x-amz-cf-id L6HNNkz7rhKHTbu15Okpn43ieCjB0qlMOXrebk39jabtE4HpPckr1w==
GET H2	200	65524.jpg dbq8hrmshvuto.cloudfront.net/55f/1c4f3/c532/4541/9c47/140ba4624e74/thumb/	2 KB 2 KB	36ms 35ms	Image image/jpeg	2600:9000:20eb:6200:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/55f/1c4f3/c532/4541/9c47/140ba4624e74/thumb/65524.jpg Requested by Host: ask.fm URL: https://ask.fm/gvlawyers34 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:6200:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash eabbc5eec1300e6bdd5dae2a6325c1b7b91cc2a38c9632712ba4818d9301da41 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 20:00:20 GMT via 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront) last-modified Sat, 14 Aug 2021 16:33:43 GMT server AmazonS3 age 29817 etag "6e254e4d5c318243915fb81f9f26e1c2" x-cache Hit from cloudfront x-amz-version-id aV7mNzqMYcKBmcgwC4gptxK98rWnnAZV x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 1841 x-amz-cf-id Rzj5du1DDdmvV9Fd-jAMNcwCzacvfDGHEsRgb9BaPmYG6yA4lzBbnQ==
GET H2	200	25761.jpg d16vsmxl4d5tw1.cloudfront.net/0bf/e4b49/cf2f/4c25/bd51/2e0b16017645/thumb/	3 KB 3 KB	23ms 22ms	Image image/jpeg	2600:9000:2190:c600:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/0bf/e4b49/cf2f/4c25/bd51/2e0b16017645/thumb/25761.jpg Requested by Host: ask.fm URL: https://ask.fm/gvlawyers34 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:c600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 82115bfafa2b3b3333eba52f7ad65eb9081b75ec6bfefb70f2b337ba69dc5b98 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 20:00:20 GMT via 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront) last-modified Sun, 16 Feb 2020 05:55:37 GMT server AmazonS3 age 29817 etag "d2692451d150dccaee1a0667db4c5a45" x-cache Hit from cloudfront x-amz-version-id 0vUamp6F2EWxejyIdlAfsjSbqgVV.qu0 x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-type image/jpeg content-length 3067 x-amz-cf-id wr_bVLUB-zIgg8HFN63j_HjaEdDC4imy_nXuDb8bPDetAMRg-WVuag==
GET H2	200	1420222.jpg d16vsmxl4d5tw1.cloudfront.net/378/e6001/911b/4b77/ad47/9bb743d2f037/thumb/	5 KB 5 KB	32ms 30ms	Image image/jpeg	2600:9000:2190:c600:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/378/e6001/911b/4b77/ad47/9bb743d2f037/thumb/1420222.jpg Requested by Host: ask.fm URL: https://ask.fm/gvlawyers34 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:c600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e3231e39e68d777c28ea85f185df31516720a1783574f596133956a0734113c3 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 05:23:03 GMT via 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront) last-modified Wed, 05 Jul 2017 20:20:37 GMT server AmazonS3 age 82454 etag "e5ab26f5ff87055a15f7e73043f2a391" x-cache Hit from cloudfront x-amz-version-id LVTA2YYvyaTfs2jlgFfSKO66rWo4vBlK x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-type image/jpeg content-length 4799 x-amz-cf-id IZs9zvxTD4ki6R1lOyIg9joI9EIjhub6C8SJ5a9Jyk1F6i1dfyGmJg==
GET H2	200	88186.jpg dbq8hrmshvuto.cloudfront.net/2a9/f0252/a4b1/4d14/a0e3/cf59f7b3d67c/thumb/	4 KB 5 KB	36ms 34ms	Image image/jpeg	2600:9000:20eb:6200:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/2a9/f0252/a4b1/4d14/a0e3/cf59f7b3d67c/thumb/88186.jpg Requested by Host: ask.fm URL: https://ask.fm/gvlawyers34 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:6200:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8a0cc7ef92e050b82f17cfdebe5a1594d1d5dcfee0fd15456bab56272b9a19b0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id TmcVaS2EpSiaViF51ylbUVaL_FqymKbv via 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront) last-modified Mon, 19 Jul 2021 21:29:43 GMT server AmazonS3 age 48931 etag "ea1a3f4d8d554ba21c842bd0724a6b23" x-cache Hit from cloudfront content-type image/jpeg x-amz-storage-class REDUCED_REDUNDANCY date Fri, 20 Aug 2021 14:41:46 GMT x-amz-cf-pop FRA2-C1 accept-ranges bytes content-length 4287 x-amz-cf-id S0a87fHvHaLil0BRdMf79a-c-VvSnuzVVvXoMnWGDSFwXLIBakkVTw==
GET H2	200	66923.png dbq8hrmshvuto.cloudfront.net/617/b9f84/7c6b/4f11/84f6/a31ee53a1c84/thumb/	13 KB 13 KB	423ms 422ms	Image image/png	2600:9000:20eb:6200:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/617/b9f84/7c6b/4f11/84f6/a31ee53a1c84/thumb/66923.png Requested by Host: ask.fm URL: https://ask.fm/gvlawyers34 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:6200:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 33fa4bb15b52d21334cbaa006b82c6c280fa1e827e6d4a192fdda0c9c960f664 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 Aug 2021 04:17:17 GMT via 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront) last-modified Fri, 09 Jul 2021 12:04:12 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 etag "00f7318ab593d4bf19d85c573b2f27d8" x-cache Miss from cloudfront x-amz-version-id OSrUuIhn8yGROCFlxJr5vgCnDGXzkS.M x-amz-storage-class REDUCED_REDUNDANCY accept-ranges bytes content-type image/png content-length 13324 x-amz-cf-id vU56WMYQybk9hTEI6TMPI5gBnbcw-22TxbAKjROwf8T5j9z-k5Vi4A==
GET H2	200	148276.jpg d16vsmxl4d5tw1.cloudfront.net/cf6/b381c/0753/4b36/a8b1/3b6a14e9032b/thumb/	3 KB 4 KB	25ms 24ms	Image image/jpeg	2600:9000:2190:c600:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/cf6/b381c/0753/4b36/a8b1/3b6a14e9032b/thumb/148276.jpg Requested by Host: ask.fm URL: https://ask.fm/gvlawyers34 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:c600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7ef3c2b5082994eee3df4b79d229c6fb9a7d1dfc0541711efc9b207c7965a67f Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id hLfT4GXnLF0JRiG4RohR3BY.LF8u.O_C via 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront) last-modified Sat, 16 Feb 2019 13:53:30 GMT server AmazonS3 age 28327 etag "30b4eda66dcb0064d009bd55e07274c5" x-cache Hit from cloudfront content-type image/jpeg x-amz-storage-class REDUCED_REDUNDANCY date Fri, 20 Aug 2021 20:25:10 GMT x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 3264 x-amz-cf-id BOn3dM5kU0lA8Nyryu2Mf2vFJ-z0KM870klD9apWhcacD6eZFbC6sg==
GET H2	200	305604.png d16vsmxl4d5tw1.cloudfront.net/3fa/dffed/544c/4ffb/9ba7/b2c19ccfbd82/thumb/	12 KB 13 KB	25ms 24ms	Image image/png	2600:9000:2190:c600:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/3fa/dffed/544c/4ffb/9ba7/b2c19ccfbd82/thumb/305604.png Requested by Host: ask.fm URL: https://ask.fm/gvlawyers34 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:c600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 333744540a41255d79aa85c1623ca9a614a2ee5e6a906c538ee29964307f3c9f Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id rP44TD1BgthoNoPFZPpLBfzzPr.QF5YG via 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront) last-modified Fri, 17 Nov 2017 16:41:17 GMT server AmazonS3 age 23893 etag "783a215d95204e938317e90b64ff40fd" x-cache Hit from cloudfront content-type image/png x-amz-storage-class REDUCED_REDUNDANCY date Fri, 20 Aug 2021 21:39:04 GMT x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 12723 x-amz-cf-id ANVOke_V7I0TJ_r4xTF8DfI8Ue0N3EzfvRWpj_5cmWro--piAGUmTQ==
GET H2	200	815766.jpg d16vsmxl4d5tw1.cloudfront.net/42f/6b3fe/2f4b/423f/a71a/d7f28b8ca1f3/thumb/	3 KB 3 KB	30ms 28ms	Image image/jpeg	2600:9000:2190:c600:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/42f/6b3fe/2f4b/423f/a71a/d7f28b8ca1f3/thumb/815766.jpg Requested by Host: ask.fm URL: https://ask.fm/gvlawyers34 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:c600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a7df9db884e15037efbeff0e0d3cbde5d6bbdc7bb242ce59f64853b657600e05 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 05:55:19 GMT via 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront) last-modified Tue, 05 Dec 2017 19:49:48 GMT server AmazonS3 age 80518 etag "0a842b8abc53b153a567550372a1b34f" x-cache Hit from cloudfront x-amz-version-id tE8naBQ3JtZ57SpqxvxQRuCnUO7RaoV1 x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-type image/jpeg content-length 2710 x-amz-cf-id 9h-T64lKSsSefj3k5NKJkgB-FNJf5x8e-YGwwK7IC3SX0w2baBf0og==
GET H2	200	88210.jpg d16vsmxl4d5tw1.cloudfront.net/782/e50ca/80ce/4ad4/99af/3493191bb891/thumb/	5 KB 5 KB	32ms 30ms	Image image/jpeg	2600:9000:2190:c600:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/782/e50ca/80ce/4ad4/99af/3493191bb891/thumb/88210.jpg Requested by Host: ask.fm URL: https://ask.fm/gvlawyers34 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:c600:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 93d76eea30926acda7659d35effd98ef5df1cca3cc910911d02dc87dbc61b230 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 20:00:56 GMT via 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront) last-modified Tue, 26 Mar 2019 20:52:06 GMT server AmazonS3 age 29781 etag "ab0d9f5b6bf1a78e282d6e2200a3fdf2" x-cache Hit from cloudfront x-amz-version-id 7ngrFddbO2DuIIy9gRWwW7z.C3UjIoGq x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-type image/jpeg content-length 5116 x-amz-cf-id Cgig-9ht-lijbB8nWst2PMcy409OUAkHcFI-0Uzadc6XvACiX3WDNA==
GET H2	200	fontello-4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316.woff2 d3r6ceqp4shltl.cloudfront.net/assets/	17 KB 18 KB	40ms 13ms	Font application/font-woff2	2600:9000:21f3:fc00:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/fontello-4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316.woff2 Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:fc00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Origin https://ask.fm Referer https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 29 Apr 2021 07:03:25 GMT via 1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront) vary Accept-Encoding,Origin age 9839631 x-cache Hit from cloudfront strict-transport-security max-age=63072000 content-length 17880 last-modified Thu, 29 Apr 2021 05:41:49 GMT server Ask.FM Web Service etag "608a471d-45d8" access-control-max-age 3000 access-control-allow-methods GET content-type application/font-woff2 access-control-allow-origin https://ask.fm cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA2-C2 accept-ranges bytes x-amz-cf-id d9LG7plpXhrQRzVioqTIpDG9byW_JNQIy85hhnDBYKJxaTX0IZ4goA== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	proximanova-semibold-41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401.woff2 d3r6ceqp4shltl.cloudfront.net/assets/	25 KB 25 KB	40ms 13ms	Font application/font-woff2	2600:9000:21f3:fc00:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/proximanova-semibold-41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401.woff2 Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:fc00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Origin https://ask.fm Referer https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 25 Feb 2021 11:14:43 GMT via 1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront) vary Accept-Encoding,Origin age 15267753 x-cache Hit from cloudfront strict-transport-security max-age=63072000 content-length 25400 last-modified Wed, 06 Sep 2017 12:36:34 GMT server Ask.FM Web Service etag "59afebd2-6338" access-control-max-age 3000 access-control-allow-methods GET content-type application/font-woff2 access-control-allow-origin https://ask.fm cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA2-C2 accept-ranges bytes x-amz-cf-id r7xdks7OsGeqks5Zl3ZlygdgNb0-o29VV6Gh-xyUpkoKaDIuuDdseA== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	proximanovareg-98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f.woff2 d3r6ceqp4shltl.cloudfront.net/assets/	51 KB 52 KB	40ms 13ms	Font application/font-woff2	2600:9000:21f3:fc00:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/proximanovareg-98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f.woff2 Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:fc00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Origin https://ask.fm Referer https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 17 Apr 2021 07:55:47 GMT via 1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront) vary Accept-Encoding,Origin age 10873289 x-cache Hit from cloudfront strict-transport-security max-age=63072000 content-length 52204 last-modified Wed, 02 Aug 2017 08:00:22 GMT server Ask.FM Web Service etag "59818696-cbec" access-control-max-age 3000 access-control-allow-methods GET content-type application/font-woff2 access-control-allow-origin https://ask.fm cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA2-C2 accept-ranges bytes x-amz-cf-id JRR1W623TfmnIu9Nba-ODfsxRu4EnbGNXULngnonFanletrNxTeWwA== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	400	sync_cookie_image_decide mc.yandex.com/ Redirect Chain https://mc.yandex.com/sync_cookie_image_check https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9371.kfjLweBAIWekTxuoIbAUaYHMlSj2xWzwaJlQm_9JFEPN6EHKjfbDvnhTop3o99hy.h66PXz85Unhmn-2dh0E2iconzQw%2C https://mc.yandex.com/sync_cookie_image_decide?token=9371.Wl7_5xNY_h05JTIAXSQUyHYIoigNtXdGcD2-86cr7Me3nG1I9i3mL0UW8esZ1LLt-Auhp1M40_GfpD31a2jLkg%2C%2C.FQV30bxUhcMd-x1hHmWRYpLZmZ4%2C	75 B 75 B	57ms 57ms	Image text/html	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/sync_cookie_image_decide?token=9371.Wl7_5xNY_h05JTIAXSQUyHYIoigNtXdGcD2-86cr7Me3nG1I9i3mL0UW8esZ1LLt-Auhp1M40_GfpD31a2jLkg%2C%2C.FQV30bxUhcMd-x1hHmWRYpLZmZ4%2C Requested by Host: ask.fm URL: https://ask.fm/gvlawyers34 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 Aug 2021 04:17:16 GMT strict-transport-security max-age=31536000 content-length 75 x-xss-protection 1; mode=block content-type text/html; charset=utf-8 Redirect headers location https://mc.yandex.com/sync_cookie_image_decide?token=9371.Wl7_5xNY_h05JTIAXSQUyHYIoigNtXdGcD2-86cr7Me3nG1I9i3mL0UW8esZ1LLt-Auhp1M40_GfpD31a2jLkg%2C%2C.FQV30bxUhcMd-x1hHmWRYpLZmZ4%2C date Sat, 21 Aug 2021 04:17:16 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
GET H2	200	advert.gif mc.yandex.com/metrika/	43 B 141 B	43ms 43ms	Image image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/metrika/advert.gif Requested by Host: ask.fm URL: https://ask.fm/gvlawyers34 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 Aug 2021 04:17:16 GMT last-modified Fri, 20 Aug 2021 14:26:38 GMT etag "611fb217-2b" strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes content-length 43 expires Sat, 21 Aug 2021 05:17:16 GMT
GET H2	200	1 Show response mc.yandex.com/watch/48953915/ Redirect Chain https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fgvlawyers34&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A678%3Afu%3A0%3Aen%3Autf-8%3Al... https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fgvlawyers34&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A678%3Afu%3A0%3Aen%3Autf-8%3...	368 B 403 B	51ms 51ms	XHR application/json	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fgvlawyers34&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A678%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A622%3Acn%3A1%3Adp%3A0%3Als%3A427045734492%3Ahid%3A539812565%3Az%3A120%3Ai%3A20210821061716%3Aet%3A1629519437%3Ac%3A1%3Arn%3A826340483%3Au%3A1629519437350846475%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629519435863%3Ads%3A1%2C310%2C163%2C4%2C0%2C0%2C%2C100%2C5%2C%2C%2C%2C579%3Adsn%3A1%2C310%2C163%2C4%2C0%2C0%2C%2C100%2C5%2C%2C%2C%2C579%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629519437%3At%3AAccount%20Suspended%20-%20Ask.fm Requested by Host: ask.fm URL: https://ask.fm/gvlawyers34 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 174ab799ce3fb85492efbc2d9a642f144b50bcfdc2a4cf11e6f4964d4ec3bb56 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sat, 21 Aug 2021 04:17:16 GMT x-content-type-options nosniff last-modified Sat, 21-Aug-2021 04:17:16 GMT strict-transport-security max-age=31536000 content-type application/json; charset=utf-8 access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 368 x-xss-protection 1; mode=block expires Sat, 21-Aug-2021 04:17:16 GMT Redirect headers pragma no-cache date Sat, 21 Aug 2021 04:17:16 GMT last-modified Sat, 21-Aug-2021 04:17:16 GMT location /watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fgvlawyers34&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A678%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A622%3Acn%3A1%3Adp%3A0%3Als%3A427045734492%3Ahid%3A539812565%3Az%3A120%3Ai%3A20210821061716%3Aet%3A1629519437%3Ac%3A1%3Arn%3A826340483%3Au%3A1629519437350846475%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629519435863%3Ads%3A1%2C310%2C163%2C4%2C0%2C0%2C%2C100%2C5%2C%2C%2C%2C579%3Adsn%3A1%2C310%2C163%2C4%2C0%2C0%2C%2C100%2C5%2C%2C%2C%2C579%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629519437%3At%3AAccount%20Suspended%20-%20Ask.fm strict-transport-security max-age=31536000 access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Sat, 21-Aug-2021 04:17:16 GMT
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	3 KB 2 KB	18ms 6ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 2b8c1efcd45ff51f4464f9c260cff72b9050bf9679479666f245f211b023a8c8 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 BVveF5/jQlEMsoJjRNdVxg== cross-origin-resource-policy cross-origin expires Sat, 21 Aug 2021 04:29:17 GMT alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 1687 x-fb-rlafr 0 x-fb-debug MQ+6MkyXXRtiwyB+W7E102Ov1roECfObI89gDDSJu76W87EJVZmwcwgVNRTYKVkmEQUXk2f0LVXsAVdABoklQQ== x-fb-trip-id 686109401 x-fb-content-md5 df0d005c4a91390e94c5141f5e741fe9 cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Sat, 21 Aug 2021 04:17:17 GMT x-frame-options DENY report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=1200,stale-while-revalidate=3600 etag "c01f573400d86a1b5d3355029d1d0b6a" timing-allow-origin * priority u=3,i access-control-expose-headers X-FB-Content-MD5
GET H2	200	gtm.js Show response www.googletagmanager.com/	90 KB 36 KB	15ms 15ms	Script application/javascript	2a00:1450:4001:828::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NDJVZHZ Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 11f7ef787edc79b550d5f62e41f581e395f5faafa5bbc1611a9ceb4238ee702c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 Aug 2021 04:17:17 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36434 x-xss-protection 0 last-modified Sat, 21 Aug 2021 03:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 21 Aug 2021 04:17:17 GMT
GET H2	200	3eb3366e-65c3-4a24-90f5-0026136a4131.min.js Show response cmp.optad360.io/items/	2 B 359 B	56ms 14ms	Script application/javascript	2600:9000:21f3:d600:6:b871:4f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.optad360.io/items/3eb3366e-65c3-4a24-90f5-0026136a4131.min.js Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:d600:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 Aug 2021 03:48:00 GMT via 1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront) last-modified Wed, 28 Apr 2021 09:49:58 GMT server AmazonS3 age 1758 etag "99914b932bd37a50b983c5e7c90ae93b" x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=3600 x-amz-cf-pop FRA2-C2 accept-ranges bytes content-length 2 x-amz-cf-id yQNf2g1Up6ux0f1gDao0JrNy088oIIWFtq8o5A62vysCK6BP5vEfPA==
GET H2	200	plugin.min.js Show response get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/	222 KB 50 KB	59ms 15ms	Script application/javascript	2600:9000:21f3:1a00:11:a4de:2580:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:1a00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 523f7c911bad399274fd6b5344f416d976335ea365a709e7400335a1b8a29d59 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 Aug 2021 04:13:47 GMT content-encoding gzip last-modified Tue, 17 Aug 2021 15:08:20 GMT server AmazonS3 age 211 etag W/"4f6443b257506669739f71e2a9030d1b" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront) cache-control public, max-age=3600 x-amz-cf-pop FRA2-C2 x-amz-cf-id iNXi5h1Uu97D72TL2JQ2LcIcDalaKEYZyZT2RXmKrEzgDyDmCEWnvA==
GET H/1.1	204 No Content	Cookie set jsperf Show response ask.fm/track/	0 945 B	108ms 108ms	XHR text/plain	193.138.77.141 ASK-FM
General Check archive.org Show headers Download Go to Full URL https://ask.fm/track/jsperf?dns=1&tcp=310&tfb=475&req=167&dom=665&all=1147&pid=profile%2Fanswers Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.138.77.141 , Latvia, ASN395754 (ASK-FM, US), Reverse DNS Software Ask.FM Web Service / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host ask.fm Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Accept */* Cache-Control no-cache Sec-Fetch-Dest empty X-Requested-With XMLHttpRequest Cookie locale=en; uuid=583f5df7-74d1-4194-8cf9-9520cfe0de92; country=NL; _m_ask_fm_session=ajBMVC9Heks3cmV1aUtPWlRLSHA5UVBabENxb1lOTTZURk9FcVNNM3Rmc1hTZ1dNekFuK2FONm1sUGp2bTBjbnlHeVlkQW4wcVdhQmM3a21GWXhHSnJhVG5nTVhsNjFGL2JILzdLUlpoeVpZSGt6ZzRmQkV6SkI0ODJFNU5pMVc0bzVubTJTRzlXVFEvNm1ndFVGMWJxR05DUVFKOVBseXNBenVNcUdjd2VYYmI1TEJONnNINUUrMDdtK0NlL0U4UE5Oc0RUeE9PakpVSndIZHh5OU1waWVKNll5d1MySnRJcjFwdE9tSExheXRET2Y2NFJ4UHFVZzhRVnhhWFVHWC0tcXR6eXFqWkJkM1FKQnJOWWZzeVZtUT09--a49875be21b1ddf621952ce44cd9cac04c2513f6; _ym_uid=1629519437350846475; _ym_d=1629519437; _ym_isad=2; _ym_visorc=w Connection keep-alive Referer https://ask.fm/gvlawyers34 Accept */* Referer https://ask.fm/gvlawyers34 X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sat, 21 Aug 2021 04:17:17 GMT X-Content-Type-Options nosniff Server Ask.FM Web Service X-Frame-Options SAMEORIGIN Strict-Transport-Security max-age=63072000 Status 204 No Content Cache-Control no-cache Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Set-Cookie locale=en; path=/; expires=Sun, 21 Aug 2022 10:17:17 -0000 _m_ask_fm_session=bFc4NjBzZjQ2QWRXNzE1dlhhS3FuKzZ6Z0NkcE93Ni9RVk16RGsxK1BLazI4cHFmOXBTbi9SRjhGVGd6YTJhT0txNHMrZWQyOW82eENiWmdoZVlBQUs0bE9KYk1SdUhPYXNyWE5sOVdoSEhESnQxWGxnK2VVM2ZvM0xtdUFraHZYc21RSXpNZU5IeDlXSWpIZ3RrODVLS3RxNW1vYVdmcW0zdzl2dGxYRVZCVFZPNjRrcThSWThxdDNadE1BOFlqZGgzd0NHeXVNelZUMnJRRUVNTkF4WXVvZkdMUkxVeDcwY1ExQTU4eGQ3SDhxcm1kS2FDY0NHQklLU3UrVlMzZy0tbk1IdnFnOHRvd0FEdTJ2MmRPdnZUZz09--7c9a7d19184c0ce0fe6872732b04ae2162f82a5c; path=/; expires=Tue, 24 Aug 2021 04:17:17 -0000; secure; HttpOnly X-XSS-Protection 1; mode=block
GET H3-29	200	sdk.js Show response connect.facebook.net/en_US/	230 KB 67 KB	7ms 7ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js?hash=fb8f561cba86d94c47db4978de6a72d0 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 7ec2ed4cb53a35fd722eb61b40bb276ae2bbbd8b92fe454d32676d7298acfd81 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 seAGva3z74PafvSUBdXdxQ== cross-origin-resource-policy cross-origin expires Sun, 21 Aug 2022 02:31:23 GMT alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 68284 x-fb-rlafr 0 x-fb-debug 0Rkj9/dkA9R9ZeEY05r07dQUnFsSbzSPH43SdBOqUgN6Wvphu2fhWfo+Fs+AVAEw6/hkCfXhNmk00K6I2kKNsg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-content-md5 e9f663eb44a4cdc6470bba20cbeaf665 cross-origin-opener-policy same-origin-allow-popups date Sat, 21 Aug 2021 04:17:17 GMT x-frame-options DENY report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable etag "2fd03553bba34d5597c57e80b4c9770d" timing-allow-origin * priority u=3,i access-control-expose-headers X-FB-Content-MD5
GET H2	200	/ www.facebook.com/tr/	44 B 297 B	20ms 6ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=129215213762342&ev=fb_page_view&dl=https%3A%2F%2Fask.fm%2Fgvlawyers34&rl=&if=false&ts=1629519437066&sw=1600&sh=1200&at= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 Aug 2021 04:17:17 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Sat, 21 Aug 2021 04:17:17 GMT
GET H2	200	prebid5.2.0.js Show response get.optad360.io/sf/	437 KB 135 KB	13ms 12ms	Script application/javascript	2600:9000:21f3:1a00:11:a4de:2580:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://get.optad360.io/sf/prebid5.2.0.js Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:1a00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a923230515fe265da1f93fcd02d41e37ef4e6bc157358768313d7cb9e5efb7a6 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 00:45:24 GMT content-encoding gzip last-modified Fri, 25 Jun 2021 12:08:33 GMT server AmazonS3 age 963114 etag W/"3f120fb160292782175c18b2de386caf" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront) cache-control public, max-age=360000000 x-amz-cf-pop FRA2-C2 x-amz-cf-id SBFKhxGDRVK7EZSvDUIO8kKCdEs6rSayHCnEWCxhxTtPuPmeW6m-9w==
OPTIONS H2	200	json gum.criteo.com/sid/ Frame	0 0	38ms 13ms	Preflight application/json	2a02:2638:1::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1 Protocol H2 Server 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin https://ask.fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache content-type application/json; charset=utf-8 expires 0 strict-transport-security max-age=31536000 access-control-allow-origin https://ask.fm access-control-allow-headers content-type access-control-allow-credentials true access-control-allow-methods GET server-processing-duration-in-ticks 1858 date Sat, 21 Aug 2021 04:17:17 GMT content-encoding gzip vary Accept-Encoding
OPTIONS H2	200	openrtb adx.adform.net/adx/ Frame	0 0	95ms 31ms	Preflight	37.157.6.246 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/openrtb Protocol H2 Server 37.157.6.246 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://ask.fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers server nginx date Sat, 21 Aug 2021 04:17:17 GMT content-length 0 cache-control private access-control-allow-origin https://ask.fm access-control-allow-credentials true access-control-allow-methods GET, POST access-control-allow-headers Content-Type, Cache-Control, Accept-Encoding, X-Requested-With access-control-max-age 86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" strict-transport-security max-age=31536000; includeSubDomains
GET H2	200	latest.json Show response cdn.jsdelivr.net/gh/prebid/currency-file@1/	2 KB 1 KB	6ms 6ms	XHR application/json	2a04:4e42:3::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210821 Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c9534b411fb92a6a5dc9bd12ab86452a3963dd778a5732f75d053bf10d8f0628 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 3854 x-jsd-version 1.0.1075 x-cache HIT cross-origin-resource-policy cross-origin content-length 905 etag W/"69e-6n7Cf0Lzxr9QMQdjSegn3B4c/F4" x-served-by cache-fra19156-FRA x-jsd-version-type version date Sat, 21 Aug 2021 04:17:17 GMT vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H2	200	sid Show response mug.criteo.com/ Redirect Chain https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1 https://mug.criteo.com/sid?cpp=NvnV1nw1SEtEN2NuODFHdzlJNmFTcklPNWh3UUJOamhZZkJJeUNCeGlRdW1FbjBDMzBwT3UxdFBKc0wzcVNaZ1BNclE1bEpqUE95aU5YcTZNNWVLQU1yeGtzM0VacW83NDhXdmpjTlZSRGR2a2lmVFRhY3FOcWVzdGhSQk...	323 B 589 B	106ms 36ms	XHR application/json	178.250.0.157 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=NvnV1nw1SEtEN2NuODFHdzlJNmFTcklPNWh3UUJOamhZZkJJeUNCeGlRdW1FbjBDMzBwT3UxdFBKc0wzcVNaZ1BNclE1bEpqUE95aU5YcTZNNWVLQU1yeGtzM0VacW83NDhXdmpjTlZSRGR2a2lmVFRhY3FOcWVzdGhSQkZVYlJSSU9waUFobXJ4cjVBZXpxcHBSbnMyQTgwaTMydmllK3RlWTIxalVmSXNpL0xXeTBVb3VYaERZa1ZtM3l3OWxoV21xQjNHV0ozY0tDSTJQOGdZY3hsUG9jL3JBPT18&cppv=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash aad7a22a811f6c58c4dfcbfd39cfa579e19901ed6bcf027bda2db74dcefd739a Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 content-encoding gzip date Sat, 21 Aug 2021 04:17:17 GMT vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin null cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 2128 expires 0 Redirect headers pragma no-cache strict-transport-security max-age=31536000 date Sat, 21 Aug 2021 04:17:16 GMT location https://mug.criteo.com/sid?cpp=NvnV1nw1SEtEN2NuODFHdzlJNmFTcklPNWh3UUJOamhZZkJJeUNCeGlRdW1FbjBDMzBwT3UxdFBKc0wzcVNaZ1BNclE1bEpqUE95aU5YcTZNNWVLQU1yeGtzM0VacW83NDhXdmpjTlZSRGR2a2lmVFRhY3FOcWVzdGhSQkZVYlJSSU9waUFobXJ4cjVBZXpxcHBSbnMyQTgwaTMydmllK3RlWTIxalVmSXNpL0xXeTBVb3VYaERZa1ZtM3l3OWxoV21xQjNHV0ozY0tDSTJQOGdZY3hsUG9jL3JBPT18&cppv=2 access-control-allow-methods GET content-type text/html; charset=utf-8 access-control-allow-origin https://ask.fm cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 1576 content-length 455 expires 0
POST H2	200	c Show response prebid.a-mo.net/a/	861 B 778 B	314ms 108ms	XHR application/json	147.75.38.124 PACKET
General Check archive.org Show headers Download Go to Full URL https://prebid.a-mo.net/a/c Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash 8b52a6d14255c6e67435d5c6ef6e17243e284c9f342611da727f4038a2ce31aa Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Sat, 21 Aug 2021 04:17:17 GMT content-encoding gzip server envoy vary origin, accept-encoding content-type application/json; charset=utf-8 access-control-allow-origin https://ask.fm cache-control max-age=0, private, must-revalidate access-control-allow-credentials true x-envoy-upstream-service-time 6 content-length 355
GET H2	200	cygnus Show response htlb.casalemedia.com/	24 B 363 B	88ms 32ms	XHR application/json	184.31.84.150 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://htlb.casalemedia.com/cygnus?s=425272&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223e62c2dfbe5492%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fask.fm%2Fgvlawyers34%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.2.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224368294300c09b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224368294300c09b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22750x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A750%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224368294300c09b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-31-84-150.deploy.static.akamaitechnologies.com Software Apache / Resource Hash fe302efa15a16ba7bf3f1e70ecd7ea9b6d726ef61344255d6cb5275082aa5c32 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 21 Aug 2021 04:17:17 GMT content-encoding gzip x-ak-initial-geo CC:[NL], RC:[], CN:[EU], CIP:[159.48.55.6], XFF:[] server Apache vary Is-Traffic-Invalid,Accept-Encoding content-type application/json access-control-allow-origin https://ask.fm x-cs-client-geo 12 cache-control max-age=0, no-cache, no-store access-control-allow-credentials true content-length 44 x-ak-client-geo 12 expires Sat, 21 Aug 2021 04:17:17 GMT
POST H2	204	openrtb Show response adx.adform.net/adx/	0 402 B	152ms 88ms	XHR text/plain	37.157.6.246 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/openrtb Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.246 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json Response headers pragma no-cache date Sat, 21 Aug 2021 04:17:17 GMT server nginx access-control-max-age 86400 access-control-allow-methods GET, POST p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin https://ask.fm cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers Content-Type, Cache-Control, Accept-Encoding, X-Requested-With expires -1
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	19 B 684 B	85ms 28ms	XHR application/json	37.252.173.62 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Sat, 21 Aug 2021 04:17:17 GMT X-Proxy-Origin 159.48.55.6; 159.48.55.6; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid bb99eeb7-a1e3-4b9d-8f47-842b398103bf Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://ask.fm Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	19 B 684 B	83ms 27ms	XHR application/json	37.252.173.62 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Sat, 21 Aug 2021 04:17:17 GMT X-Proxy-Origin 159.48.55.6; 159.48.55.6; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 56f70a1d-9af6-437c-b73d-fa211e083b8c Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://ask.fm Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	204	apacdex Show response useast.quantumdex.io/auction/	0 616 B	206ms 191ms	XHR text/plain	2606:4700:20::681a:24e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://useast.quantumdex.io/auction/apacdex Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Sat, 21 Aug 2021 04:17:17 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-allow-methods POST, GET access-control-allow-origin https://ask.fm report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l2u5C1VicFikrpsv75Lnb9EgdX4GNTw5OiNAYgS7VNx3dGK2M0gBqgOZ6qXQan%2Bdq2acpvrle1sVmN3PNuUB86H0RL5oNNHgwhuu3hV6J5gynqiO%2FmwC3ghGgTjDpvYsB0aX8FatTrNEdOYy4aTcrXL1"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 68210d02fd602c19-FRA
POST H2	200	prebid-request Show response onetag-sys.com/	15 B 362 B	150ms 87ms	XHR application/json	51.89.9.251 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/prebid-request Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip251.ip-51-89-9.eu Software / Resource Hash 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=15552000 content-encoding gzip p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' access-control-allow-origin https://ask.fm cache-control no-transform, no-cache access-control-allow-credentials true content-type application/json access-control-allow-headers content-type, origin, referer, user-agent content-length 41
OPTIONS H2	200	sid mug.criteo.com/ Frame	0 0	93ms 31ms	Preflight application/json	178.250.0.157 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=NvnV1nw1SEtEN2NuODFHdzlJNmFTcklPNWh3UUJOamhZZkJJeUNCeGlRdW1FbjBDMzBwT3UxdFBKc0wzcVNaZ1BNclE1bEpqUE95aU5YcTZNNWVLQU1yeGtzM0VacW83NDhXdmpjTlZSRGR2a2lmVFRhY3FOcWVzdGhSQkZVYlJSSU9waUFobXJ4cjVBZXpxcHBSbnMyQTgwaTMydmllK3RlWTIxalVmSXNpL0xXeTBVb3VYaERZa1ZtM3l3OWxoV21xQjNHV0ozY0tDSTJQOGdZY3hsUG9jL3JBPT18&cppv=2 Protocol H2 Server 178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin null User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache content-type application/json; charset=utf-8 expires 0 strict-transport-security max-age=31536000 access-control-allow-origin null access-control-allow-headers content-type access-control-allow-credentials true access-control-allow-methods GET server-processing-duration-in-ticks 1019 date Sat, 21 Aug 2021 04:17:16 GMT content-encoding gzip vary Accept-Encoding
POST H2	200	48953915 Show response mc.yandex.com/webvisor/	43 B 157 B	87ms 87ms	XHR image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=539812565&page-url=https%3A%2F%2Fask.fm%2Fgvlawyers34&rn=376295563&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1629519439%3Aw%3A1600x1200%3Av%3A622%3Az%3A120%3Ai%3A20210821061719%3Au%3A1629519437350846475%3Avf%3A25rt5xty9edhsiwwad%3Awe%3A1%3Ati%3A2%3Ast%3A1629519439 Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 21 Aug 2021 04:17:19 GMT last-modified Sat, 21-Aug-2021 04:17:19 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Sat, 21-Aug-2021 04:17:19 GMT
POST H2	200	48953915 Show response mc.yandex.com/webvisor/	43 B 73 B	87ms 86ms	XHR image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=539812565&page-url=https%3A%2F%2Fask.fm%2Fgvlawyers34&rn=494735922&wv-type=5&browser-info=gdpr%3A14%3Aet%3A1629519439%3Aw%3A1600x1200%3Av%3A622%3Az%3A120%3Ai%3A20210821061719%3Au%3A1629519437350846475%3Avf%3A25rt5xty9edhsiwwad%3Awe%3A1%3Ati%3A2%3Ast%3A1629519439 Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 21 Aug 2021 04:17:19 GMT last-modified Sat, 21-Aug-2021 04:17:19 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Sat, 21-Aug-2021 04:17:19 GMT
OPTIONS H2	200	openrtb adx.adform.net/adx/ Frame	0 0	31ms 31ms	Preflight	37.157.6.246 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/openrtb Protocol H2 Server 37.157.6.246 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://ask.fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers server nginx date Sat, 21 Aug 2021 04:17:20 GMT content-length 0 cache-control private access-control-allow-origin https://ask.fm access-control-allow-credentials true access-control-allow-methods GET, POST access-control-allow-headers Content-Type, Cache-Control, Accept-Encoding, X-Requested-With access-control-max-age 86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" strict-transport-security max-age=31536000; includeSubDomains
GET H2	200	optad360.js Show response serving.stat-rock.com/player/	304 KB 95 KB	99ms 24ms	Script application/javascript	78.140.185.32 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://serving.stat-rock.com/player/optad360.js Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS ap8.adplayer.pro Software nginx / Resource Hash 3ffd3c012ea6753cd0373b0c79c43ab8a1915dd112e15c821ea654e8b01739ed Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 Aug 2021 04:17:20 GMT content-encoding gzip last-modified Fri, 18 Jun 2021 08:28:33 GMT server nginx etag W/"60cc5931-4beb9" vary Accept-Encoding content-type application/javascript cache-control public, max-age=600
POST H2	204	openrtb Show response adx.adform.net/adx/	0 401 B	101ms 101ms	XHR text/plain	37.157.6.246 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/openrtb Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.246 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json Response headers pragma no-cache date Sat, 21 Aug 2021 04:17:20 GMT server nginx access-control-max-age 86400 access-control-allow-methods GET, POST p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin https://ask.fm cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers Content-Type, Cache-Control, Accept-Encoding, X-Requested-With expires -1
POST H2	200	prebid-request Show response onetag-sys.com/	15 B 362 B	32ms 32ms	XHR application/json	51.89.9.251 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/prebid-request Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip251.ip-51-89-9.eu Software / Resource Hash 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=15552000 content-encoding gzip p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' access-control-allow-origin https://ask.fm cache-control no-transform, no-cache access-control-allow-credentials true content-type application/json access-control-allow-headers content-type, origin, referer, user-agent content-length 41
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	19 B 684 B	28ms 27ms	XHR application/json	37.252.173.62 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Sat, 21 Aug 2021 04:17:20 GMT X-Proxy-Origin 159.48.55.6; 159.48.55.6; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid c162ff23-d358-41ea-a32f-d2d2d0d69caf Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://ask.fm Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	19 B 684 B	39ms 39ms	XHR application/json	37.252.173.62 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Sat, 21 Aug 2021 04:17:20 GMT X-Proxy-Origin 159.48.55.6; 159.48.55.6; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid c49a89e8-6936-4030-bc29-b481671c83e6 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://ask.fm Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET DATA	200 OK	truncated /	630 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	410 Gone	Cookie set gvlawyers34 Show response ask.fm/	12 KB 13 KB	153ms 153ms	XHR text/html	193.138.77.141 ASK-FM
General Check archive.org Show headers Download Go to Full URL https://ask.fm/gvlawyers34 Requested by Host: serving.stat-rock.com URL: https://serving.stat-rock.com/player/optad360.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.138.77.141 , Latvia, ASN395754 (ASK-FM, US), Reverse DNS Software Ask.FM Web Service / Resource Hash d64513ed6e4806d04e4f22b8b7807c8f580c029b3f004d36028232d2f2c8c2f1 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host ask.fm Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Accept */* Cache-Control no-cache Sec-Fetch-Dest empty Referer https://ask.fm/gvlawyers34 Connection keep-alive Referer https://ask.fm/gvlawyers34 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sat, 21 Aug 2021 04:17:20 GMT X-Content-Type-Options nosniff Server Ask.FM Web Service X-Frame-Options SAMEORIGIN Strict-Transport-Security max-age=63072000 Content-Type text/html; charset=utf-8 Status 410 Gone Cache-Control no-cache Transfer-Encoding chunked Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Set-Cookie locale=en; path=/; expires=Sun, 21 Aug 2022 10:17:20 -0000 uuid=947e1ed1-4eea-4c75-a2e6-29cb67972991; path=/; expires=Sun, 21 Aug 2022 10:17:20 -0000; secure; HttpOnly country=NL; path=/; expires=Sun, 21 Aug 2022 10:17:20 -0000 _m_ask_fm_session=d0w5R0MvdmFCR0tkWVh6a2hta2NnUjRoeDhwNld4bkF6YXRyNEtha3o3K1FVMUZYRmpSeEZKaHA0RnVLa1k3cXdNUnNCY0czU0tHRzhGbVcyM1FCVUNOV1p2cFFEb1hyTEZxSmpDQlVDOHpvUFA5eVV3YURzQmpiVG50RkFueFBjQzlRS08xbzNpQktLeWNQYWtrajQzNmJaeE1xLy9JOVN1UGdROGRPMWR2aXRCUUR6OVc4OTdpT0QvSURHd01sblFOZ1VKeUZmRmpYTjMxWi8vT3ZWYUVHTG52YkpaODhONUdHVnUzdkFCWDRSQ1o3MWk2TWNBVkczMHd6V0FMMy0tWGtxTURZTjZoQzFuRVl0MUV3NzFUUT09--a3a783e8ae851c11cdee222bc09b35a4ae31539b; path=/; expires=Tue, 24 Aug 2021 04:17:20 -0000; secure; HttpOnly X-XSS-Protection 1; mode=block
GET H2	200	1 serving.stat-rock.com/v1/log/js/	35 B 163 B	61ms 19ms	Image image/gif	78.140.185.32 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://serving.stat-rock.com/v1/log/js/1?id=1629519440505.1367&type=INIT&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fgvlawyers34&t=167&v=91&width=400&z=p%3Adf%3Bv%3AinView%3B&r=0.4896098008216545 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS ap8.adplayer.pro Software nginx / Resource Hash 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540 Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://ask.fm date Sat, 21 Aug 2021 04:17:20 GMT srvf 78.140.185.32 server nginx srvb 127.0.0.1:8082 content-length 35 content-type image/gif
GET H2	200	1 serving.stat-rock.com/v1/log/js/	35 B 162 B	61ms 20ms	Image image/gif	78.140.185.32 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://serving.stat-rock.com/v1/log/js/1?id=1629519440505.1367&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fgvlawyers34&t=172&v=91&width=400&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.8775040219497625 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS ap8.adplayer.pro Software nginx / Resource Hash 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540 Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://ask.fm date Sat, 21 Aug 2021 04:17:20 GMT srvf 78.140.185.32 server nginx srvb 127.0.0.1:8082 content-length 35 content-type image/gif
GET H2	200	apacdex Show response sync.quantumdex.io/usersync/ Frame DF2C	3 KB 1 KB	135ms 126ms	Document text/html	2606:4700:20::681a:24e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sync.quantumdex.io/usersync/apacdex Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 536098e541e81e821fc6e8a754f13688a142033db50a2c7e03f8a930899422ab Request headers :method GET :authority sync.quantumdex.io :scheme https :path /usersync/apacdex pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ask.fm/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers date Sat, 21 Aug 2021 04:17:20 GMT content-type text/html set-cookie uid=ce40878d-ae34-47c7-a645-72dfa5d82d3b; expires=Fri, 10 Sep 2021 04:17:20 GMT; domain=quantumdex.io; path=/; secure; SameSite=None cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ch14iyZb6oq1loMSU6%2FMuYgeiVOLmo%2FsiKioLR1OnmyeOwv9wzNwCuovn1E9bF1nk8vUG32YiohX%2Bg%2Fw1bzWAcZq0rPuJ0Qdx4s%2Fuy7Tr1XZllo2A07511mtEpP8hhAGZUt%2Fr%2B0rFSqwvfOf92TYfw%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 68210d17acc12c19-FRA content-encoding br
GET H2	200	/ Show response onetag-sys.com/usync/ Frame FE5A	2 KB 823 B	28ms 28ms	Document text/html	51.89.9.251 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/usync/?cb=1629519437412 Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip251.ip-51-89-9.eu Software / Resource Hash 37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers :method GET :authority onetag-sys.com :scheme https :path /usync/?cb=1629519437412 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ask.fm/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers content-type text/html cache-control no-transform, no-cache content-encoding gzip content-length 731 strict-transport-security max-age=15552000
GET H2	200	/ Show response onetag-sys.com/usync/ Frame 19A0	2 KB 823 B	28ms 28ms	Document text/html	51.89.9.251 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/usync/?cb=1629519440234 Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip251.ip-51-89-9.eu Software / Resource Hash 37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers :method GET :authority onetag-sys.com :scheme https :path /usync/?cb=1629519440234 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ask.fm/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers content-type text/html cache-control no-transform, no-cache content-encoding gzip content-length 731 strict-transport-security max-age=15552000
GET H/1.1	200 OK	ixmatch.html Show response js-sec.indexww.com/um/ Frame D341	2 KB 1 KB	86ms 27ms	Document text/html	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://js-sec.indexww.com/um/ixmatch.html Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c Request headers Host js-sec.indexww.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://ask.fm/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers Server Apache Last-Modified Thu, 11 Feb 2021 16:12:45 GMT ETag "e20015-90b-5bb11ca420f07" Accept-Ranges bytes P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type text/html; charset=UTF-8 Vary Accept-Encoding Content-Encoding gzip Content-Length 1151 Date Sat, 21 Aug 2021 04:17:20 GMT Connection keep-alive
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/dmp/ Frame B9BC	52 KB 17 KB	101ms 43ms	Document text/html	2.18.232.130 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-232-130.deploy.static.akamaitechnologies.com Software nginx/1.13.10 / Resource Hash 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://ask.fm/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers Last-Modified Wed, 02 Dec 2020 20:56:47 GMT ETag "5fc7ff8f-cf34" Server nginx/1.13.10 Access-Control-Allow-Origin * Content-Type text/html Content-Encoding gzip Content-Length 17053 Cache-Control max-age=86402 Expires Sun, 22 Aug 2021 04:17:22 GMT Date Sat, 21 Aug 2021 04:17:20 GMT Connection keep-alive Vary Accept-Encoding
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/dmp/ Frame B470	52 KB 17 KB	87ms 30ms	Document text/html	2.18.232.130 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-232-130.deploy.static.akamaitechnologies.com Software nginx/1.13.10 / Resource Hash 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://ask.fm/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers Last-Modified Wed, 02 Dec 2020 20:56:47 GMT ETag "5fc7ff8f-cf34" Server nginx/1.13.10 Access-Control-Allow-Origin * Content-Type text/html Content-Encoding gzip Content-Length 17053 Cache-Control max-age=86402 Expires Sun, 22 Aug 2021 04:17:22 GMT Date Sat, 21 Aug 2021 04:17:20 GMT Connection keep-alive Vary Accept-Encoding
GET H2	204	verizon_video prebid.a-mo.net/setuid/ Redirect Chain https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=c9eeb24c-75a9-4f7b-ada4-7f1ec1675efc https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=c9eeb24c-75a9-4f7b-ada4-7f1ec1675efc&verify=true https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=c9eeb24c-75a9-4f7b-ada4-7f1ec1675efc&apid=UPada67780-0236-11ec-9adb-0611ef1d130e https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=c9eeb24c-75a9-4f7b-ada4-7f1ec1675efc&apid=UPada67780-0236-11ec-9adb-0611ef1d130e&verify=true https://prebid.a-mo.net/setuid/verizon_video?uid=UPada67780-0236-11ec-9adb-0611ef1d130e&gdpr=0&gdpr_consent=	0 124 B	102ms 102ms	Image text/plain	147.75.38.124 PACKET
General Check archive.org Show headers Download Go to Show image Full URL https://prebid.a-mo.net/setuid/verizon_video?uid=UPada67780-0236-11ec-9adb-0611ef1d130e&gdpr=0&gdpr_consent= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 Aug 2021 04:17:20 GMT cache-control max-age=0, private, must-revalidate x-envoy-upstream-service-time 1 server envoy vary Accept-Encoding Redirect headers Date Sat, 21 Aug 2021 04:17:20 GMT Server ATS/7.1.2.138 Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Location https://prebid.a-mo.net/setuid/verizon_video?uid=UPada67780-0236-11ec-9adb-0611ef1d130e&gdpr=0&gdpr_consent= Connection keep-alive Content-Length 0
GET H2	204	setuid prebid.a-mo.net/ Redirect Chain https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc9eeb24c-75a9-4f7b-ada4-7f1ec1675efc%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc9eeb24c-75a9-4f7b-ada4-7f1ec1675efc%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID https://prebid.a-mo.net/setuid?A=c9eeb24c-75a9-4f7b-ada4-7f1ec1675efc&D=&bidder=pubmatic&uid=DC35D2C1-453B-4FF3-BCEB-3845AA24C63A	0 143 B	103ms 102ms	Image text/plain	147.75.38.124 PACKET
General Check archive.org Show headers Download Go to Show image Full URL https://prebid.a-mo.net/setuid?A=c9eeb24c-75a9-4f7b-ada4-7f1ec1675efc&D=&bidder=pubmatic&uid=DC35D2C1-453B-4FF3-BCEB-3845AA24C63A Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 Aug 2021 04:17:19 GMT cache-control max-age=0, private, must-revalidate x-envoy-upstream-service-time 1 server envoy vary Accept-Encoding Redirect headers location https://prebid.a-mo.net/setuid?A=c9eeb24c-75a9-4f7b-ada4-7f1ec1675efc&D=&bidder=pubmatic&uid=DC35D2C1-453B-4FF3-BCEB-3845AA24C63A date Sat, 21 Aug 2021 04:17:19 GMT cache-control no-store, no-cache, private server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H2	204	setuid prebid.a-mo.net/ Redirect Chain https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc9eeb24c-75a9-4f7b-ada4-7f1ec1675efc%26D%3D%26bidder%3Dindex_rtb%26uid%3D https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc9eeb24c-75a9-4f7b-ada4-7f1ec1675efc%26D%3D%26bidder%3Dindex_rtb%26uid%3D&s=191503&C=1 https://prebid.a-mo.net/setuid?A=c9eeb24c-75a9-4f7b-ada4-7f1ec1675efc&D=&bidder=index_rtb&uid=YSB.UM2nK6CzyZrxVi9mxAAA%261179	0 118 B	103ms 103ms	Image text/plain	147.75.38.124 PACKET
General Check archive.org Show headers Download Go to Show image Full URL https://prebid.a-mo.net/setuid?A=c9eeb24c-75a9-4f7b-ada4-7f1ec1675efc&D=&bidder=index_rtb&uid=YSB.UM2nK6CzyZrxVi9mxAAA%261179 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 Aug 2021 04:17:20 GMT cache-control max-age=0, private, must-revalidate x-envoy-upstream-service-time 2 server envoy vary Accept-Encoding Redirect headers Pragma no-cache Date Sat, 21 Aug 2021 04:17:20 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://prebid.a-mo.net/setuid?A=c9eeb24c-75a9-4f7b-ada4-7f1ec1675efc&D=&bidder=index_rtb&uid=YSB.UM2nK6CzyZrxVi9mxAAA%261179 Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 321 Expires Sat, 21 Aug 2021 04:17:20 GMT
GET H2	204	/ onetag-sys.com/usync/	0 52 B	29ms 28ms	Image text/plain	51.89.9.251 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/usync/?tag=img Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip251.ip-51-89-9.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000 cache-control no-cache, no-transform
GET H2	204	setuid prebid.a-mo.net/ Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc9eeb24c-75a9-4f7b-ada4-7f1ec1675efc%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253Dc9eeb24c-75a9-4f7b-ada4-7f1ec1675efc%2526D%253D%2526bidder%253Dappnexus%2526uid%253D%2524UID https://prebid.a-mo.net/setuid?A=c9eeb24c-75a9-4f7b-ada4-7f1ec1675efc&D=&bidder=appnexus&uid=4319340587136485608	0 153 B	103ms 103ms	Image text/plain	147.75.38.124 PACKET
General Check archive.org Show headers Download Go to Show image Full URL https://prebid.a-mo.net/setuid?A=c9eeb24c-75a9-4f7b-ada4-7f1ec1675efc&D=&bidder=appnexus&uid=4319340587136485608 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 Aug 2021 04:17:20 GMT cache-control max-age=0, private, must-revalidate x-envoy-upstream-service-time 1 server envoy vary Accept-Encoding Redirect headers Pragma no-cache Date Sat, 21 Aug 2021 04:17:20 GMT X-Proxy-Origin 159.48.55.6; 159.48.55.6; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid e023f089-c78d-4455-bf6d-d7c8f7a9edf4 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://prebid.a-mo.net/setuid?A=c9eeb24c-75a9-4f7b-ada4-7f1ec1675efc&D=&bidder=appnexus&uid=4319340587136485608 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	204	setuid prebid.a-mo.net/ Redirect Chain https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc9eeb24c-75a9-4f7b-ada4-7f1ec1675efc%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc9eeb24c-75a9-4f7b-ada4-7f1ec1675efc%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true https://prebid.a-mo.net/setuid?A=c9eeb24c-75a9-4f7b-ada4-7f1ec1675efc&D=&bidder=sovrn&uid=312f2f83ef6eb18ee5c9dab4	0 115 B	103ms 103ms	Image text/plain	147.75.38.124 PACKET
General Check archive.org Show headers Download Go to Show image Full URL https://prebid.a-mo.net/setuid?A=c9eeb24c-75a9-4f7b-ada4-7f1ec1675efc&D=&bidder=sovrn&uid=312f2f83ef6eb18ee5c9dab4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 Aug 2021 04:17:20 GMT cache-control max-age=0, private, must-revalidate x-envoy-upstream-service-time 1 server envoy vary Accept-Encoding Redirect headers Date Sat, 21 Aug 2021 04:17:20 GMT Server nginx Location https://prebid.a-mo.net/setuid?A=c9eeb24c-75a9-4f7b-ada4-7f1ec1675efc&D=&bidder=sovrn&uid=312f2f83ef6eb18ee5c9dab4 Access-Control-Allow-Methods GET, POST, DELETE, PUT Access-Control-Allow-Origin * Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap4ams1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 0
GET H/1.1	200 OK	Cookie set usermatch Show response ssum-sec.casalemedia.com/ Frame 7FB4	2 KB 3 KB	89ms 35ms	Document text/html	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/um/ixmatch.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 2d85d5ae0f5ec353b4579a2269706c1d61ba017373ac13c37186026547a58c53 Request headers Host ssum-sec.casalemedia.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://js-sec.indexww.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie CMID=YSB.UM2nK6CzyZrxVi9mxAAA; CMPS=5190 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://js-sec.indexww.com/ Response headers Server Apache Content-Type text/html Dropped-Udsids 45|230|241|39|191|31|47|3 P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Vary Is-Traffic-Usersync Content-Length 1929 Expires Sat, 21 Aug 2021 04:17:20 GMT Cache-Control max-age=0, no-cache, no-store Pragma no-cache Date Sat, 21 Aug 2021 04:17:20 GMT Connection keep-alive Set-Cookie CMID=YSB.UM2nK6CzyZrxVi9mxAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 21 Aug 2022 04:17:20 GMT CMPS=5190;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 19 Nov 2021 04:17:20 GMT CMPRO=1179;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 19 Nov 2021 04:17:20 GMT CMST=YSB+UGEgflAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 22 Aug 2021 04:17:20 GMT CMRUM3=f161207e5005a0&1f61207e5005a00&2f61207e5005a0&2d61207e5005a0&bf61207e5005a0&2761207e500b40&e661207e502760&0361207e5005a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 21 Aug 2022 04:17:20 GMT
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame B470	0 727 B	26ms 26ms	Script text/html	37.252.173.62 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sat, 21 Aug 2021 04:17:20 GMT X-Proxy-Origin 159.48.55.6; 159.48.55.6; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 7db2f08a-7f71-4116-abe3-4736fcf75079 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	410 Gone	Cookie set gvlawyers34 Show response ask.fm/	12 KB 13 KB	145ms 144ms	XHR text/html	193.138.77.141 ASK-FM
General Check archive.org Show headers Download Go to Full URL https://ask.fm/gvlawyers34 Requested by Host: serving.stat-rock.com URL: https://serving.stat-rock.com/player/optad360.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.138.77.141 , Latvia, ASN395754 (ASK-FM, US), Reverse DNS Software Ask.FM Web Service / Resource Hash bac87a1429559309908e1614b55b51a0a35269606243dfbcc56dc8beec34a0aa Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host ask.fm Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Accept */* Cache-Control no-cache Sec-Fetch-Dest empty Referer https://ask.fm/gvlawyers34 Cookie locale=en; uuid=947e1ed1-4eea-4c75-a2e6-29cb67972991; country=NL; _m_ask_fm_session=d0w5R0MvdmFCR0tkWVh6a2hta2NnUjRoeDhwNld4bkF6YXRyNEtha3o3K1FVMUZYRmpSeEZKaHA0RnVLa1k3cXdNUnNCY0czU0tHRzhGbVcyM1FCVUNOV1p2cFFEb1hyTEZxSmpDQlVDOHpvUFA5eVV3YURzQmpiVG50RkFueFBjQzlRS08xbzNpQktLeWNQYWtrajQzNmJaeE1xLy9JOVN1UGdROGRPMWR2aXRCUUR6OVc4OTdpT0QvSURHd01sblFOZ1VKeUZmRmpYTjMxWi8vT3ZWYUVHTG52YkpaODhONUdHVnUzdkFCWDRSQ1o3MWk2TWNBVkczMHd6V0FMMy0tWGtxTURZTjZoQzFuRVl0MUV3NzFUUT09--a3a783e8ae851c11cdee222bc09b35a4ae31539b Connection keep-alive Referer https://ask.fm/gvlawyers34 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sat, 21 Aug 2021 04:17:20 GMT X-Content-Type-Options nosniff Server Ask.FM Web Service X-Frame-Options SAMEORIGIN Strict-Transport-Security max-age=63072000 Content-Type text/html; charset=utf-8 Status 410 Gone Cache-Control no-cache Transfer-Encoding chunked Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Set-Cookie locale=en; path=/; expires=Sun, 21 Aug 2022 10:17:20 -0000 _m_ask_fm_session=VFNLck50cmFRbmt4YW5rdWNCaGovRUFGTGpVQUJjeWE0L0dMR01hckRpclJXNVpRTEw4N2M2b1daUmVaK285MlordTIvcnlZbFFVUXlVY3F4cnZWeDFiYnI5V3Y3b2REejkrR0pJYTlaYWdkWEFGWmcwZXFhTi9LMlhVVGExY2xaNVkwL3EyUXl6N1dmYXlFWTArRDF3NDV6R3VhVUlEWE1BaG1DUWtMUmhDWFRSU21hYXN3YXJFc2ZGcUV0UHhNSzczV2EzR0x4bHc3K1RTTFZXMzhMS2N1K0svT0lEWkZzd05BVjJmMVJJbkVEaVZJMGlreTR3VHNJRUVOcFZTUy0tNk9tVUtoR0dDdEg2THNZbXA5VG5kUT09--78da10b36e9bc86eb48860540fedae36553469d8; path=/; expires=Tue, 24 Aug 2021 04:17:20 -0000; secure; HttpOnly X-XSS-Protection 1; mode=block
GET H2	200	1 serving.stat-rock.com/v1/log/js/	35 B 162 B	25ms 25ms	Image image/gif	78.140.185.32 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://serving.stat-rock.com/v1/log/js/1?d=1&id=1629519440505.1367&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fgvlawyers34&t=334&v=91&width=400&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.501792687964369 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS ap8.adplayer.pro Software nginx / Resource Hash 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540 Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://ask.fm date Sat, 21 Aug 2021 04:17:20 GMT srvf 78.140.185.32 server nginx srvb 127.0.0.1:8082 content-length 35 content-type image/gif
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame B9BC	0 727 B	26ms 26ms	Script text/html	37.252.173.62 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sat, 21 Aug 2021 04:17:20 GMT X-Proxy-Origin 159.48.55.6; 159.48.55.6; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 1ed6f8e0-8124-44b8-94eb-cb7c0aa4801b Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200	1.gif id5-sync.com/c/495/0/0/ Frame DF2C Redirect Chain https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=	43 B 1 KB	30ms 29ms	Image image/gif	51.89.7.198 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent= Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.89.7.198 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS p20.id5-sync.com Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sat, 21 Aug 2021 04:17:08 GMT Transfer-Encoding chunked Content-Type image/gif;charset=UTF-8 Strict-Transport-Security max-age=63072000; includeSubDomains; preload P3P CP="CAO PSA OUR" Redirect headers Location https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent= Date Sat, 21 Aug 2021 04:17:08 GMT Transfer-Encoding chunked Strict-Transport-Security max-age=63072000; includeSubDomains; preload P3P CP="CAO PSA OUR"
GET H2	200	setuid sync.quantumdex.io/ Frame DF2C Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4319340587136485608	43 B 335 B	125ms 125ms	Image image/gif	2606:4700:20::681a:24e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4319340587136485608 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 Aug 2021 04:17:20 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NBBouNG5pAqnza8Ft4lXzUh47B9i5y6pNEb717jhD3goUOu%2BAssWFsQa4tkPKoc6vGTDduJWI8dMd7ujAggGaGChYW94sCYf%2FyVeq7xFyG%2FEKU2kOjkWVzpnDmVAuMNH5wpq84c0KhXAweUr47UHYA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 68210d18ade42c19-FRA content-length 43 Redirect headers Pragma no-cache Date Sat, 21 Aug 2021 04:17:20 GMT X-Proxy-Origin 159.48.55.6; 159.48.55.6; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid d7ad7753-c6fa-4c90-a25a-66d98d1bbd9f Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://sync.quantumdex.io/setuid?bidder=appnexus&uid=4319340587136485608 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	us sync.go.sonobi.com/ Frame DF2C	0 474 B	85ms 19ms	Image text/plain	178.162.133.149 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-sync.go.sonobi.com Software sonobi-go / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sat, 21 Aug 2021 04:17:20 GMT Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-9 P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache, no-store, private Tcn Choice Content-Type text/plain; charset=utf8 Content-Length 0 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT
GET H2	200	setuid sync.quantumdex.io/ Frame DF2C Redirect Chain https://ups.analytics.yahoo.com/ups/58424/occ https://ups.analytics.yahoo.com/ups/58424/occ?verify=true https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-O1SXLeBE2uHmM56OIyH2L5aEjUBCIcaougBKhKo-~A	43 B 507 B	137ms 137ms	Image image/gif	2606:4700:20::681a:24e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-O1SXLeBE2uHmM56OIyH2L5aEjUBCIcaougBKhKo-~A Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 Aug 2021 04:17:21 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MGJerlMtd7dVKVxvcVXp73B%2FNHLlliDZdntaho54Isg5TDlfsYPsWqqjHvjiNYJg9E%2FQsds%2B5sI53y3Wooq7y9mhyJ162CL%2B%2Byr1CoY5dbqE%2BBR23GlgN%2Bq7SUC5IAK6VIn1%2Ftoj1faZn0%2FiwnDSwA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 68210d199f222c19-FRA content-length 43 Redirect headers Date Sat, 21 Aug 2021 04:17:20 GMT Server ATS/7.1.2.138 Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Location https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-O1SXLeBE2uHmM56OIyH2L5aEjUBCIcaougBKhKo-~A Connection keep-alive Content-Length 0
GET H2	200	setuid sync.quantumdex.io/ Frame DF2C Redirect Chain https://ms.quantumdex.io/user/sync/quantumdex https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=d6228ff5-1d39-42ce-ac0b-cd8bd785ef71	43 B 325 B	133ms 133ms	Image image/gif	2606:4700:20::681a:24e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=d6228ff5-1d39-42ce-ac0b-cd8bd785ef71 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 Aug 2021 04:17:21 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PCcJEjFT4DtsKtbhchmPyZ5La0jxs0VYVzTDqXUEv8leRl30x2BhsaSkbBPfSjc2QA3VVKy1t5DLz0fi5qrk6Hs%2FB5%2BuS%2F%2FQGI27sNl79Ijf4W0hJvriB2qhoH7xVwnbdTNpHOjTGmFEb7Bs6F2RkQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 68210d19bf352c19-FRA content-length 43 Redirect headers date Sat, 21 Aug 2021 04:17:20 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=umZS5KKuA%2BvfJB0vaPt29h9LBXwH7wq6P3o97fpZVLNei3fyY%2BoINkapJ36HGHC60DowbgPp0GfnsvV732kG9rEtGPwLwryEiR05Zugrq%2BYcfeGtoWZZuFaScXaDATN753X78PunablazofRDeo%3D"}],"group":"cf-nel","max_age":604800} location https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=d6228ff5-1d39-42ce-ac0b-cd8bd785ef71 cf-ray 68210d188dc72c19-FRA content-length 0
GET H2	200	setuid sync.quantumdex.io/ Frame DF2C Redirect Chain https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=ea88b72e-1dde-4d50-b0b6-3aca445e64d5	43 B 323 B	143ms 143ms	Image image/gif	2606:4700:20::681a:24e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=ea88b72e-1dde-4d50-b0b6-3aca445e64d5 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 Aug 2021 04:17:20 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0W1PLP8w%2FJNgTN1bngdjQiorDgt427oVbUdHWzn8pn6L3I1osyN3gcpmf%2BsyEKGY7WDCE0wXEXVr3ekzKdrUY%2FREAqPLgaLZvdyUAlcDtFt2eMHWC8hw00%2F5cywKg5i3g6UNTusidt51Wfhiz0T2rg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 68210d191e7c2c19-FRA content-length 43 Redirect headers location https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=ea88b72e-1dde-4d50-b0b6-3aca445e64d5 date Sat, 21 Aug 2021 04:17:20 GMT content-length 0
GET H2	200	setuid sync.quantumdex.io/ Frame DF2C Redirect Chain https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPada67780-0236-11ec-9adb-0611ef1d130e https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPada67780-0236-11ec-9adb-0611ef1d130e&verify=true https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPada67780-0236-11ec-9adb-0611ef1d130e	43 B 331 B	127ms 127ms	Image image/gif	2606:4700:20::681a:24e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPada67780-0236-11ec-9adb-0611ef1d130e Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 Aug 2021 04:17:20 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eYB9uyHruscrg3ma847dwmzUSFMaK1GLE%2FzahvnTI40G%2BWl9jgD%2FJlSNBuvxT%2BhVxWlgF1LXdRi7lL2NkA5kACM6wLOq9WOrU8qFZDJMlsqZH7%2BROGQnO1a%2BhGL9XsXjBLM2DYELkVFRyoNQyPFizw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 68210d196edc2c19-FRA content-length 43 Redirect headers Date Sat, 21 Aug 2021 04:17:20 GMT Server ATS/7.1.2.138 Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Location https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPada67780-0236-11ec-9adb-0611ef1d130e Connection keep-alive Content-Length 0
GET H2	200	setuid sync.quantumdex.io/ Frame DF2C Redirect Chain https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID https://sync.quantumdex.io/setuid?bidder=sovrn&uid=312f2f83ef6eb18ee5c9dab4	43 B 329 B	128ms 128ms	Image image/gif	2606:4700:20::681a:24e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=sovrn&uid=312f2f83ef6eb18ee5c9dab4 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 Aug 2021 04:17:20 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XgujHWh8lihzrT0x1jXEjyBMlTX%2Fnu3iMNXc5tl%2FdETru1HIBmzo3Z66biarKMpJEQbLbtJW%2F%2FE85d5oHoO3%2FTpt3svs%2BTxAmerELs0NkOOcS0nohIJVN2fmt6XyzLp7vEZ81kNlO%2FivtX2QegiG0A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 68210d189de32c19-FRA content-length 43 Redirect headers Date Sat, 21 Aug 2021 04:17:20 GMT Server nginx Location https://sync.quantumdex.io/setuid?bidder=sovrn&uid=312f2f83ef6eb18ee5c9dab4 Access-Control-Allow-Methods GET, POST, DELETE, PUT Access-Control-Allow-Origin * Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap4ams1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 0
GET H2	200	setuid sync.quantumdex.io/ Frame DF2C Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4319340587136485608	43 B 329 B	129ms 129ms	Image image/gif	2606:4700:20::681a:24e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4319340587136485608 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 Aug 2021 04:17:20 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GDgOUFN3KkxDGXr8HAXETCrdUkjo3ffGkS2%2FCtTkRFF14ELcJxB2ugFKxfwdvB2b%2FmSCm3ZW8N4lJrQ6eM24JX5PFyWZm1o8N%2B3ZKBquIMFr2k4E85uzVXvOsrOaVPJElcsnxE2ESarPbX%2BBxxXMyQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 68210d18ade92c19-FRA content-length 43 Redirect headers Pragma no-cache Date Sat, 21 Aug 2021 04:17:20 GMT X-Proxy-Origin 159.48.55.6; 159.48.55.6; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 52c2e0fd-eb2c-440a-a76a-0bcc321e47f4 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4319340587136485608 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	Cookie set usermatch Show response ssum-sec.casalemedia.com/ Frame 8465	2 KB 3 KB	81ms 35ms	Document text/html	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 059c06b1c9550fde8e4c6998b8a509b0323dcbd836046d2ecd768fc9734eeb5b Request headers Host ssum-sec.casalemedia.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://sync.quantumdex.io/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie CMID=YSB.UM2nK6CzyZrxVi9mxAAA; CMPS=5190; CMPRO=1179; CMST=YSB+UGEgflAA Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://sync.quantumdex.io/ Response headers Server Apache Content-Type text/html Dropped-Udsids 241|39|230|45|190|130|10|88 P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Vary Is-Traffic-Usersync Content-Length 1777 Expires Sat, 21 Aug 2021 04:17:20 GMT Cache-Control max-age=0, no-cache, no-store Pragma no-cache Date Sat, 21 Aug 2021 04:17:20 GMT Connection keep-alive Set-Cookie CMID=YSB.UM2nK6CzyZrxVi9mxAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 21 Aug 2022 04:17:20 GMT CMPS=5190;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 19 Nov 2021 04:17:20 GMT CMPRO=1179;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 19 Nov 2021 04:17:20 GMT CMRUM3=0a61207e5027600&8261207e50a8c0&2d61207e5005a0&f161207e5005a0&be61207e5005a0&2761207e500b40&e661207e502760&5861207e5005a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 21 Aug 2022 04:17:20 GMT
GET H/1.1	200 OK	Cookie set uc.html Show response sync.go.sonobi.com/ Frame ACB0	43 B 551 B	81ms 19ms	Document text/html	178.162.133.149 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-sync.go.sonobi.com Software sonobi-go / Resource Hash bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25 Security Headers Name Value X-Xss-Protection 0 Request headers Host sync.go.sonobi.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://sync.quantumdex.io/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://sync.quantumdex.io/ Response headers Date Sat, 21 Aug 2021 04:17:20 GMT Content-Type text/html Transfer-Encoding chunked Expires Sat, 26 Jul 1997 05:00:00 GMT Cache-Control no-cache, no-store, private P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Pragma no-cache Tcn Choice Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-9 X-Xss-Protection 0 Content-Encoding gzip Server sonobi-go Set-Cookie HAPLB5S=s579|YSB+U; path=/; domain=.go.sonobi.com
GET H2	200	/ Show response onetag-sys.com/usync/ Frame BF8F	2 KB 823 B	28ms 28ms	Document text/html	51.89.9.251 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/usync/?pubId=2bb78272a859ca6 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip251.ip-51-89-9.eu Software / Resource Hash 37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers :method GET :authority onetag-sys.com :scheme https :path /usync/?pubId=2bb78272a859ca6 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://sync.quantumdex.io/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://sync.quantumdex.io/ Response headers content-type text/html cache-control no-transform, no-cache content-encoding gzip content-length 731 strict-transport-security max-age=15552000
GET H2	200	user_sync.html Show response ads.pubmatic.com/AdServer/js/ Frame DF0C	14 KB 5 KB	80ms 26ms	Document text/html	2.18.233.180 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-233-180.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba Request headers :method GET :authority ads.pubmatic.com :scheme https :path /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://sync.quantumdex.io/ accept-encoding gzip, deflate, br accept-language en-US cookie KTPCACOOKIE=true; KADUSERCOOKIE=DC35D2C1-453B-4FF3-BCEB-3845AA24C63A Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://sync.quantumdex.io/ Response headers last-modified Tue, 15 Jun 2021 06:08:03 GMT etag "1300708-3945-5c4c7cc02bd56" server Apache/2.2.15 (CentOS) accept-ranges bytes content-encoding gzip p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 5054 content-type text/html; charset=UTF-8 cache-control max-age=81996 expires Sun, 22 Aug 2021 03:03:56 GMT date Sat, 21 Aug 2021 04:17:20 GMT vary Accept-Encoding
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame 7FB4 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YSB.UM2nK6CzyZrxVi9mxAAA https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YSB.UM2nK6CzyZrxVi9mxAAA&google_tc= https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJ7GU2X4_Kf6ujMOwLELtUU&google_cver=1&gdpr=1&google_hm=2	43 B 1 KB	34ms 33ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJ7GU2X4_Kf6ujMOwLELtUU&google_cver=1&gdpr=1&google_hm=2 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sat, 21 Aug 2021 04:17:20 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Sat, 21 Aug 2021 04:17:20 GMT Redirect headers pragma no-cache date Sat, 21 Aug 2021 04:17:20 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJ7GU2X4_Kf6ujMOwLELtUU&google_cver=1&gdpr=1&google_hm=2 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 341 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	usermatchredir ssum-sec.casalemedia.com/ Frame 7FB4 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YSB-UM2nK6CzyZrxVi9mxAAABJsAAAIB&gdpr_consent=&us_privacy=&gdpr=1 https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YSB-UM2nK6CzyZrxVi9mxAAABJsAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEApqFekjWQlTJlSzpc2FdzA&google_cver=1	43 B 315 B	33ms 33ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEApqFekjWQlTJlSzpc2FdzA&google_cver=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sat, 21 Aug 2021 04:17:20 GMT Server Apache Vary Is-Traffic-Usersync Content-Type image/gif Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 43 Expires Sat, 21 Aug 2021 04:17:20 GMT Redirect headers pragma no-cache date Sat, 21 Aug 2021 04:17:20 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEApqFekjWQlTJlSzpc2FdzA&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 343 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	dcm s.amazon-adsystem.com/ Frame 7FB4 Redirect Chain https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSB-UM2nK6CzyZrxVi9mxAAABJsAAAIB https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSB-UM2nK6CzyZrxVi9mxAAABJsAAAIB&dcc=t	43 B 645 B	108ms 107ms	Image image/gif	52.46.133.124 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSB-UM2nK6CzyZrxVi9mxAAABJsAAAIB&dcc=t Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sat, 21 Aug 2021 04:17:21 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid 3PKJXK164KCPWB0JYSJS Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Sat, 21 Aug 2021 04:17:21 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid G28ZS8Q2R6V8WWFAND2P Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSB-UM2nK6CzyZrxVi9mxAAABJsAAAIB&dcc=t Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	casale match.adsrvr.org/track/cmf/ Frame 7FB4	70 B 265 B	116ms 36ms	Image image/gif	76.223.111.131 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YSB.UM2nK6CzyZrxVi9mxAAA&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 76.223.111.131 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a97adde81b00f2ca4.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sat, 21 Aug 2021 04:17:20 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H2	200	index dmp.brand-display.com/cm/api/ Frame 7FB4	43 B 253 B	169ms 119ms	Image image/gif	35.241.40.233 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 233.40.241.35.bc.googleusercontent.com Software nginx/1.21.1 / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sat, 21 Aug 2021 04:17:20 GMT via 1.1 google last-modified Sat, 21 Aug 2021 04:17:20 GMT server nginx/1.21.1 content-type image/gif cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 alt-svc clear content-length 43 expires Sat, 21 Aug 2021 04:17:21 GMT
GET H/1.1	200 OK	noop px.owneriq.net/ Frame 7FB4 Redirect Chain https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6828058401850901653&uid=Q6828058401850901653&ref=%2Feucm%2Fp%2Fcc https://px.owneriq.net/noop?ct=image%2Fgif	0 287 B	27ms 27ms	Image image/gif	104.111.242.53 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.owneriq.net/noop?ct=image%2Fgif Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-242-53.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sat, 21 Aug 2021 04:17:21 GMT Server Apache/2.2.15 (CentOS) Connection keep-alive P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" X-Powered-By PHP/5.3.3 Content-Length 0 Content-Type image/gif Redirect headers Location https://px.owneriq.net/noop?ct=image%2Fgif Date Sat, 21 Aug 2021 04:17:21 GMT Server AkamaiGHost Connection keep-alive Content-Length 0
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame 7FB4 Redirect Chain https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=gipapSsa1MhirC5&gdpr=1	43 B 1 KB	32ms 32ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=gipapSsa1MhirC5&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sat, 21 Aug 2021 04:17:20 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Sat, 21 Aug 2021 04:17:20 GMT Redirect headers Pragma no-cache Date Sat, 21 Aug 2021 04:17:20 GMT Server PingMatch/v2.0.30-661-ga8ef792#rel-ec2-master i-0e5ad42a7c615fafc@eu-central-1b@dxedge-app-eu-central-1-prod-asg Strict-Transport-Security max-age=604800; includeSubDomains P3P policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI" Location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=gipapSsa1MhirC5&gdpr=1 Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame 7FB4 Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=95376120-7e50-4100-9513-1ef8967beb25&gdpr=1&gdpr_consent=	43 B 1 KB	63ms 31ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=95376120-7e50-4100-9513-1ef8967beb25&gdpr=1&gdpr_consent= Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sat, 21 Aug 2021 04:17:20 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Sat, 21 Aug 2021 04:17:20 GMT Redirect headers Date Sat, 21 Aug 2021 04:19:41 GMT Server MT3 3853 9552a83 master cdg-pixel-x29 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=95376120-7e50-4100-9513-1ef8967beb25&gdpr=1&gdpr_consent= Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Sat, 21 Aug 2021 04:19:40 GMT
GET H/1.1	200 OK	htw-pixel.gif js-sec.indexww.com/ht/ Frame 7FB4	43 B 424 B	30ms 29ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://js-sec.indexww.com/ht/htw-pixel.gif?YSB.UM2nK6CzyZrxVi9mxAAA%261179 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sat, 21 Aug 2021 04:17:20 GMT Last-Modified Tue, 24 Jan 2017 19:36:04 GMT Server Apache ETag "da1f1d-2b-546dc3a097100" P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=481 Connection keep-alive Accept-Ranges bytes Content-Type image/gif Content-Length 43 Expires Sat, 21 Aug 2021 04:25:21 GMT
GET H/1.1	200 OK	dcm s.amazon-adsystem.com/ Frame 8465 Redirect Chain https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSB-UM2nK6CzyZrxVi9mxAAABJsAAAIB https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSB-UM2nK6CzyZrxVi9mxAAABJsAAAIB&dcc=t	43 B 645 B	108ms 107ms	Image image/gif	52.46.133.124 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSB-UM2nK6CzyZrxVi9mxAAABJsAAAIB&dcc=t Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sat, 21 Aug 2021 04:17:21 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid 2KQ0WZB3AVBWF02WSJN0 Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Sat, 21 Aug 2021 04:17:21 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid 58CK45Y1YE8J9WBZEH4Z Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSB-UM2nK6CzyZrxVi9mxAAABJsAAAIB&dcc=t Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	casale match.adsrvr.org/track/cmf/ Frame 8465	70 B 264 B	67ms 37ms	Image image/gif	76.223.111.131 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YSB.UM2nK6CzyZrxVi9mxAAA&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 76.223.111.131 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a97adde81b00f2ca4.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sat, 21 Aug 2021 04:17:20 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H/1.1	200 OK	usermatchredir ssum-sec.casalemedia.com/ Frame 8465 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YSB-UM2nK6CzyZrxVi9mxAAABJsAAAIB&gdpr_consent=&us_privacy=&gdpr=1 https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YSB-UM2nK6CzyZrxVi9mxAAABJsAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEHB42i58Neode4RZ7LGwnFk&google_cver=1	43 B 315 B	31ms 31ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEHB42i58Neode4RZ7LGwnFk&google_cver=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sat, 21 Aug 2021 04:17:20 GMT Server Apache Vary Is-Traffic-Usersync Content-Type image/gif Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 43 Expires Sat, 21 Aug 2021 04:17:20 GMT Redirect headers pragma no-cache date Sat, 21 Aug 2021 04:17:20 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEHB42i58Neode4RZ7LGwnFk&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 343 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame 8465 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YSB.UM2nK6CzyZrxVi9mxAAA https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEqWoNxShxisX1pdcQOF99I&google_cver=1&gdpr=1&google_hm=2	43 B 1 KB	32ms 31ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEqWoNxShxisX1pdcQOF99I&google_cver=1&gdpr=1&google_hm=2 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sat, 21 Aug 2021 04:17:20 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Sat, 21 Aug 2021 04:17:20 GMT Redirect headers pragma no-cache date Sat, 21 Aug 2021 04:17:20 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEqWoNxShxisX1pdcQOF99I&google_cver=1&gdpr=1&google_hm=2 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 341 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	400 Request failed due to privacy signals	getuid ib.adnxs.com/ Frame 8465	0 0	30ms 29ms	Image text/html	37.252.173.62 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame 8465 Redirect Chain https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1 https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFQCE7CQP0AABvTwZ_rVg&expiration=1630729041&gdpr=1	43 B 1 KB	33ms 32ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFQCE7CQP0AABvTwZ_rVg&expiration=1630729041&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sat, 21 Aug 2021 04:17:21 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Sat, 21 Aug 2021 04:17:21 GMT Redirect headers location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFQCE7CQP0AABvTwZ_rVg&expiration=1630729041&gdpr=1 Date Sat, 21 Aug 2021 04:17:21 GMT Server nginx Connection keep-alive Content-Length 0 strict-transport-security max-age=2592000; includeSubDomains
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame 8465 Redirect Chain https://ums.acuityplatform.com/tum?umid=8 https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=601442354729	43 B 1000 B	40ms 33ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=601442354729 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sat, 21 Aug 2021 04:17:20 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Sat, 21 Aug 2021 04:17:20 GMT Redirect headers access-control-allow-origin * content-length 0 location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=601442354729
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 8465 Redirect Chain https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YSB_UAADrKywTwBg https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YSB_UAADrKywTwBg&gdpr=1&_test=YSB_UAADrKywTwBg	43 B 1 KB	31ms 31ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YSB_UAADrKywTwBg&gdpr=1&_test=YSB_UAADrKywTwBg Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sat, 21 Aug 2021 04:17:21 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Sat, 21 Aug 2021 04:17:21 GMT Redirect headers pragma no-cache date Sat, 21 Aug 2021 04:17:21 GMT via 1.1 varnish server Varnish x-timer S1629519441.009649,VS0,VE0 x-served-by cache-fra19128-FRA x-cache HIT location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YSB_UAADrKywTwBg&gdpr=1&_test=YSB_UAADrKywTwBg cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H2	200	setuid sync.quantumdex.io/ Frame 8465	43 B 331 B	131ms 130ms	Image image/gif	2606:4700:20::681a:24e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=ix&uid=YSB-UM2nK6CzyZrxVi9mxAAABJsAAAIB Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 Aug 2021 04:17:20 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lqJVn0%2FPEJ7zsFb%2FWPxz2ZOF4GcGcFd1hKx6zZJifEwjqam26dyIVzG%2B%2BS72oKyn5kJN2x6P99cT1rF1YoFRrZT80nZMbyQzO%2FlEKTKwUZMsrNcQ8adM8SAuAETz92B8GjDm1BaJrMpo%2FHrMHd64%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 68210d191e852c19-FRA content-length 43
GET H2	200	PugMaster Show response image6.pubmatic.com/AdServer/ Frame DF0C	2 KB 3 KB	311ms 20ms	Script text/html	185.64.189.115 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=89286835&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash 1e1677a69e1e038cb252137edc9cb65435d87e625107d2a7ab3e65df26245795 Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 Aug 2021 04:17:19 GMT content-type text/html; charset=UTF-8 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H2	200	1 serving.stat-rock.com/v1/log/js/	35 B 162 B	20ms 19ms	Image image/gif	78.140.185.32 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://serving.stat-rock.com/v1/log/js/1?id=1629519440505.1367&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fgvlawyers34&t=483&v=91&width=400&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.8097077086663997 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS ap8.adplayer.pro Software nginx / Resource Hash 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540 Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://ask.fm date Sat, 21 Aug 2021 04:17:20 GMT srvf 78.140.185.32 server nginx srvb 127.0.0.1:8082 content-length 35 content-type image/gif
GET H2	200	1 serving.stat-rock.com/v1/log/js/	35 B 162 B	20ms 20ms	Image image/gif	78.140.185.32 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://serving.stat-rock.com/v1/log/js/1?d=1&id=1629519440505.1367&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fgvlawyers34&t=483&v=91&width=400&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.9785406243717722 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS ap8.adplayer.pro Software nginx / Resource Hash 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540 Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://ask.fm date Sat, 21 Aug 2021 04:17:20 GMT srvf 78.140.185.32 server nginx srvb 127.0.0.1:8082 content-length 35 content-type image/gif
POST H2	200	48953915 Show response mc.yandex.com/webvisor/	43 B 145 B	171ms 83ms	XHR image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=2&wv-hit=539812565&page-url=https%3A%2F%2Fask.fm%2Fgvlawyers34&rn=818370171&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1629519441%3Aw%3A1600x1200%3Av%3A622%3Az%3A120%3Ai%3A20210821061721%3Au%3A1629519437350846475%3Avf%3A25rt5xty9edhsiwwad%3Awe%3A1%3Ati%3A2%3Ast%3A1629519441 Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 21 Aug 2021 04:17:21 GMT last-modified Sat, 21-Aug-2021 04:17:21 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Sat, 21-Aug-2021 04:17:21 GMT
GET H2	200	match Show response c1.adform.net/serving/cookie/ Frame A2E1 Redirect Chain https://c1.adform.net/serving/cookie/match?party=14&cid=DC35D2C1-453B-4FF3-BCEB-3845AA24C63A https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=DC35D2C1-453B-4FF3-BCEB-3845AA24C63A	35 B 467 B	30ms 30ms	Document image/gif	37.157.2.238 ADFORM
General Check archive.org Show headers Download Go to Full URL https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=DC35D2C1-453B-4FF3-BCEB-3845AA24C63A Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.2.238 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers :method GET :authority c1.adform.net :scheme https :path /serving/cookie/match?CC=1&party=14&cid=DC35D2C1-453B-4FF3-BCEB-3845AA24C63A pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ads.pubmatic.com/ accept-encoding gzip, deflate, br accept-language en-US cookie C=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ads.pubmatic.com/ Response headers server nginx date Sat, 21 Aug 2021 04:17:21 GMT content-type image/gif cache-control no-cache, no-store, must-revalidate, no-transform pragma no-cache expires -1 set-cookie uid=6348895550187755226; expires=Wed, 20 Oct 2021 04:17:21 GMT; domain=adform.net; path=/; secure; samesite=none access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With access-control-allow-methods GET access-control-allow-origin * access-control-max-age 86400 strict-transport-security max-age=31536000; includeSubDomains Redirect headers server nginx date Sat, 21 Aug 2021 04:17:21 GMT content-length 0 location https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=DC35D2C1-453B-4FF3-BCEB-3845AA24C63A cache-control no-cache, no-store, must-revalidate, no-transform pragma no-cache expires -1 set-cookie C=1; expires=Tue, 21 Sep 2021 04:17:21 GMT; domain=adform.net; path=/; secure; samesite=none access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With access-control-allow-methods GET access-control-allow-origin * access-control-max-age 86400 strict-transport-security max-age=31536000; includeSubDomains
GET H2	200	Pug Show response image2.pubmatic.com/AdServer/ Frame 5742 Redirect Chain https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4363020146205462268	42 B 288 B	20ms 20ms	Document image/gif	185.64.189.110 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4363020146205462268 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002 Request headers :method GET :authority image2.pubmatic.com :scheme https :path /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4363020146205462268 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ads.pubmatic.com/ accept-encoding gzip, deflate, br accept-language en-US cookie KADUSERCOOKIE=DC35D2C1-453B-4FF3-BCEB-3845AA24C63A; chkChromeAb67Sec=1; DPSync3=1630713600%3A201_197_219%7C1629590400%3A174; SyncRTB3=1630713600%3A21_13_56_54_3_220_161_7%7C1630108800%3A223%7C1630800000%3A35; KRTBCOOKIE_57=22776-4319340587136485608; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEIIyOztBWbofYjNY0vt_8eE&KRTB&16514-CAESEIIyOztBWbofYjNY0vt_8eE&KRTB&23025-CAESEIIyOztBWbofYjNY0vt_8eE; PugT=1629519439 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ads.pubmatic.com/ Response headers server nginx date Sat, 21 Aug 2021 04:17:20 GMT content-type image/gif; charset=utf-8 content-length 42 set-cookie KRTBCOOKIE_336=5844-4363020146205462268; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 20-Sep-2021 04:17:20 GMT; path=/ PugT=1629519440; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 20-Sep-2021 04:17:20 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 19-Nov-2021 04:17:20 GMT; path=/ x-lat amspug016:0:372 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" cache-control no-store, no-cache, private Redirect headers location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4363020146205462268 content-length 0 p3p CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
GET H2	200	usersync.aspx Show response dis.criteo.com/dis/ Frame E1A9	43 B 338 B	358ms 36ms	Document image/gif	178.250.0.163 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers :method GET :authority dis.criteo.com :scheme https :path /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ads.pubmatic.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ads.pubmatic.com/ Response headers cache-control no-cache pragma no-cache content-type image/gif expires Sat, 21 Aug 2021 00:00:00 GMT server Microsoft-IIS/10.0 x-errorlevel 0 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 1192 date Sat, 21 Aug 2021 04:17:21 GMT content-length 43
GET H2	200	setuid Show response sync.quantumdex.io/ Frame 07C6	43 B 334 B	128ms 126ms	Document image/gif	2606:4700:20::681a:24e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=DC35D2C1-453B-4FF3-BCEB-3845AA24C63A Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:24e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers :method GET :authority sync.quantumdex.io :scheme https :path /setuid?bidder=pubmatic&uid=DC35D2C1-453B-4FF3-BCEB-3845AA24C63A pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ads.pubmatic.com/ accept-encoding gzip, deflate, br accept-language en-US cookie uid=ce40878d-ae34-47c7-a645-72dfa5d82d3b Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ads.pubmatic.com/ Response headers date Sat, 21 Aug 2021 04:17:21 GMT content-type image/gif content-length 43 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=toocqQYF5KcbcRGVMLSSmKPWs4dw2w2eCLVMVPs3NdN0C4t5wjsdNUfviOgLfY7p84bPnNzWvGr7RI6TnMtX84upvF3lCi5Xeh0JfCqvFlpkYWLVa8HrQ%2B1s58Qcfj8R%2BFM4FnNDoJADhKQ9xRO2nQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 68210d1b28b12c19-FRA
GET H2	200	user_sync.html ads.pubmatic.com/AdServer/js/ Frame DF0C Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3DXSwUU7T_O86zhFqiTGOg%3D%3D https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=	14 KB 14 KB	27ms 26ms	Image text/html	2.18.233.180 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-233-180.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 Aug 2021 04:17:21 GMT content-encoding gzip last-modified Tue, 15 Jun 2021 06:08:03 GMT server Apache/2.2.15 (CentOS) etag "1300708-3945-5c4c7cc02bd56" vary Accept-Encoding p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" cache-control max-age=81995 accept-ranges bytes content-type text/html; charset=UTF-8 content-length 5054 expires Sun, 22 Aug 2021 03:03:56 GMT Redirect headers pragma no-cache date Sat, 21 Aug 2021 04:17:21 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 272 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	SPug image4.pubmatic.com/AdServer/ Frame DF0C Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=95376120-7e50-4100-9513-1ef8967beb25	0 260 B	312ms 20ms	Image text/plain	185.64.189.114 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=95376120-7e50-4100-9513-1ef8967beb25 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 Aug 2021 04:17:20 GMT cache-control no-store, no-cache, private server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers Date Sat, 21 Aug 2021 04:19:41 GMT Server MT3 3853 9552a83 master cdg-pixel-x5 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=95376120-7e50-4100-9513-1ef8967beb25 Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Sat, 21 Aug 2021 04:19:40 GMT
GET H/1.1	200 OK	/ pixel.onaudience.com/ Frame DF0C Redirect Chain https://pixel.onaudience.com/?partner=214&mapped=DC35D2C1-453B-4FF3-BCEB-3845AA24C63A https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D https://pixel.onaudience.com/?partner=104&icm&cver&mapped=db21899d2015d968a41eab5c05c563a https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 https://pixel.onaudience.com/?partner=147&mapped=2116c85d-b9af-4646-bdf3-e5c4d9fe19d4&icm https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 https://pixel.onaudience.com/?partner=161&icm&cver&mapped=fb451debf82f665ce7cc37cb557591c2	35 B 248 B	24ms 24ms	Image image/gif	51.210.112.63 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.onaudience.com/?partner=161&icm&cver&mapped=fb451debf82f665ce7cc37cb557591c2 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 51.210.112.63 , France, ASN16276 (OVH, FR), Reverse DNS pikafka-3.cloudy.ovh Software / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-length 35 content-type image/gif Redirect headers date Sat, 21 Aug 2021 04:17:21 GMT server nginx x-powered-by Undertow/1 p3p policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA location https://pixel.onaudience.com/?partner=161&icm&cver&mapped=fb451debf82f665ce7cc37cb557591c2 cache-control no-cache access-control-allow-credentials true content-type text/html content-length 0
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame DF0C Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=REMzNUQyQzEtNDUzQi00RkYzLUJDRUItMzg0NUFBMjRDNjNB&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=	42 B 115 B	20ms 20ms	Image image/gif	185.64.189.110 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 Aug 2021 04:17:20 GMT cache-control no-store, no-cache, private x-lat amspug007:0:379 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Sat, 21 Aug 2021 04:17:21 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame DF0C Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIIyOztBWbofYjNY0vt_8eE&google_cver=1	42 B 438 B	20ms 20ms	Image image/gif	185.64.189.110 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIIyOztBWbofYjNY0vt_8eE&google_cver=1 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 Aug 2021 04:17:19 GMT cache-control no-store, no-cache, private x-lat amspug011:0:302 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Sat, 21 Aug 2021 04:17:21 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIIyOztBWbofYjNY0vt_8eE&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 379 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pubmatic um.simpli.fi/ Frame DF0C	43 B 609 B	1080ms 20ms	Image image/gif	159.253.128.183 SOFTLAYER
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US), Reverse DNS b7.80.fd9f.ip4.static.sl-reverse.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 Aug 2021 04:17:22 GMT x-content-type-options nosniff last-modified Mon, 28 Sep 1970 06:00:00 GMT strict-transport-security max-age=63072000; includeSubdomains; preload access-control-allow-methods GET, POST, OPTIONS content-type image/gif access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 43 expires Fri, 20 Aug 2021 04:17:22 GMT
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame DF0C Redirect Chain https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO... https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%... https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3265149073714809487	42 B 233 B	42ms 28ms	Image image/gif	185.64.190.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3265149073714809487 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 Aug 2021 04:17:21 GMT cache-control no-store, no-cache, private x-lat lhrpug001:0:448 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Sat, 21 Aug 2021 04:17:21 GMT server nginx location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3265149073714809487 access-control-max-age 86400 access-control-allow-methods GET access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame DF0C Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3... https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:95376120-7e50-4100-9513-1ef8967beb25&gdpr=0&gdpr_consent=	42 B 340 B	112ms 27ms	Image image/gif	185.64.190.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:95376120-7e50-4100-9513-1ef8967beb25&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 Aug 2021 04:17:21 GMT cache-control no-store, no-cache, private x-lat lhrpug004:0:494 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers Date Sat, 21 Aug 2021 04:19:41 GMT Server MT3 3853 9552a83 master cdg-pixel-x28 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:95376120-7e50-4100-9513-1ef8967beb25&gdpr=0&gdpr_consent= Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Sat, 21 Aug 2021 04:19:40 GMT
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame DF0C Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2116c85d-b9af-4646-bdf3-e5c4d9fe19d4	42 B 604 B	83ms 27ms	Image image/gif	185.64.190.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2116c85d-b9af-4646-bdf3-e5c4d9fe19d4 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 Aug 2021 04:17:21 GMT cache-control no-store, no-cache, private x-lat lhrpug002:0:340 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Sat, 21 Aug 2021 04:17:21 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2116c85d-b9af-4646-bdf3-e5c4d9fe19d4 cache-control private,no-cache, must-revalidate content-type text/html content-length 313
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame DF0C Redirect Chain https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4319340587136485608&gdpr=0&gdpr_consent=	42 B 388 B	20ms 20ms	Image image/gif	185.64.189.110 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4319340587136485608&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 Aug 2021 04:17:20 GMT cache-control no-store, no-cache, private x-lat amspug013:0:374 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers Pragma no-cache Date Sat, 21 Aug 2021 04:17:21 GMT X-Proxy-Origin 159.48.55.6; 159.48.55.6; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid bfa6e340-204e-4bf7-8bf2-e997365fbbd1 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4319340587136485608&gdpr=0&gdpr_consent= Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	SPug image4.pubmatic.com/AdServer/ Frame DF0C Redirect Chain https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DC35D2C1-453B-4FF3-BCEB-3845AA24C63A&redir=true&gdpr=0&gdpr_consent= https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-m_rlgwBE2uVcodBOdD1wIbwgor5HmQA-~A&gdpr=0&gdpr_consent=	0 128 B	306ms 20ms	Image text/plain	185.64.189.114 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-m_rlgwBE2uVcodBOdD1wIbwgor5HmQA-~A&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 Aug 2021 04:17:21 GMT cache-control no-store, no-cache, private server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers Date Sat, 21 Aug 2021 04:17:21 GMT Server ATS/7.1.2.138 Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Location https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-m_rlgwBE2uVcodBOdD1wIbwgor5HmQA-~A&gdpr=0&gdpr_consent= Connection keep-alive Content-Length 0
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame B470	0 727 B	26ms 26ms	Script text/html	37.252.173.62 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sat, 21 Aug 2021 04:17:21 GMT X-Proxy-Origin 159.48.55.6; 159.48.55.6; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 2840caba-5034-461a-ad27-3bbdebc7505e Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame B9BC	0 727 B	26ms 26ms	Script text/html	37.252.173.62 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sat, 21 Aug 2021 04:17:21 GMT X-Proxy-Origin 159.48.55.6; 159.48.55.6; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 19be813b-c469-4f6a-b1e1-c9764e664d55 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT