ask.fm Open in urlscan Pro
193.138.77.141  Public Scan

14 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

• https://mc.yandex.com/sync_cookie_image_check HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9376.9q5Pg6jwbeI8RVco3BSS1iP06pk4uMy0B4X0SAU4z-HV0uKva5AaNk5_BafQa6z6.jd0mwkjpVuGI7ILfduDW0B2wKH0%2C HTTP 302
• https://mc.yandex.com/sync_cookie_image_decide?token=9376.eeaiJnvDcbTk_1hryR-oLD01z6NE0_gEMZpyCGfWFTyA71wkahY7P2WyuB5Eyp-m6FIvmeyC4Okncdq_roF9Tg%2C%2C.3lLCEtJgBVtMtyiXqu533HJqueM%2C

Request Chain 34

• https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fcoffeeblood297&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A738%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A624%3Acn%3A1%3Adp%3A0%3Als%3A841637214670%3Ahid%3A849448831%3Az%3A120%3Ai%3A20210825182737%3Aet%3A1629908857%3Ac%3A1%3Arn%3A285714950%3Au%3A1629908857121442250%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629908856412%3Ads%3A1%2C335%2C166%2C1%2C1%2C0%2C%2C89%2C12%2C%2C%2C%2C596%3Adsn%3A1%2C336%2C165%2C2%2C0%2C0%2C%2C90%2C12%2C%2C%2C%2C595%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629908857%3At%3AAccount%20Suspended%20-%20Ask.fm HTTP 302
• https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fcoffeeblood297&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A738%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A624%3Acn%3A1%3Adp%3A0%3Als%3A841637214670%3Ahid%3A849448831%3Az%3A120%3Ai%3A20210825182737%3Aet%3A1629908857%3Ac%3A1%3Arn%3A285714950%3Au%3A1629908857121442250%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629908856412%3Ads%3A1%2C335%2C166%2C1%2C1%2C0%2C%2C89%2C12%2C%2C%2C%2C596%3Adsn%3A1%2C336%2C165%2C2%2C0%2C0%2C%2C90%2C12%2C%2C%2C%2C595%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629908857%3At%3AAccount%20Suspended%20-%20Ask.fm

Request Chain 47

• https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=nJD93HxXeGlOSWV5eU1kbFB5cTJhbm1LYk9IbWhuNkp5eVJjNHlVOW9HN2NiS2hRVzdhcFBDS0IzS2FSWEJ4MUdJMEtYZWpQOUQ2SGRSdzNZNXdBVG5pTmd4OW1qSFJuN3ZZTnN0UHQ2b3VpZXU5c2xoL3dhNXlrUldqTlVaZDltc1BaaWIvcjgydUlkM2c0NERTMCtuVDQrbzJiQTNHVzVSMk14U1dkdWljS3dWUlpIQ1BmNDYrV3ZhNmw5MEJxL292dzNFb2RnQTd4OFIwMUEwUmZsR3BSU1R3PT18&cppv=2

Request Chain 72

• https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=d2bba3aa-8054-463e-894a-8d80535ad732 HTTP 302
• https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=d2bba3aa-8054-463e-894a-8d80535ad732&verify=true

Request Chain 73

• https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dd2bba3aa-8054-463e-894a-8d80535ad732%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
• https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dd2bba3aa-8054-463e-894a-8d80535ad732%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
• https://prebid.a-mo.net/setuid?A=d2bba3aa-8054-463e-894a-8d80535ad732&D=&bidder=pubmatic&uid=1A6E6019-11EF-420D-BC6D-39F5E4AAA628

Request Chain 74

• https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dd2bba3aa-8054-463e-894a-8d80535ad732%26D%3D%26bidder%3Dindex_rtb%26uid%3D HTTP 302
• https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dd2bba3aa-8054-463e-894a-8d80535ad732%26D%3D%26bidder%3Dindex_rtb%26uid%3D&s=191503&C=1 HTTP 302
• https://prebid.a-mo.net/setuid?A=d2bba3aa-8054-463e-894a-8d80535ad732&D=&bidder=index_rtb&uid=YSZvgL2ARPHYv6ld-jxJGAAA%261175

Request Chain 75

• https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dd2bba3aa-8054-463e-894a-8d80535ad732%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253Dd2bba3aa-8054-463e-894a-8d80535ad732%2526D%253D%2526bidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
• https://prebid.a-mo.net/setuid?A=d2bba3aa-8054-463e-894a-8d80535ad732&D=&bidder=appnexus&uid=3036622963926583299

Request Chain 76

• https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dd2bba3aa-8054-463e-894a-8d80535ad732%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
• https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dd2bba3aa-8054-463e-894a-8d80535ad732%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
• https://prebid.a-mo.net/setuid?A=d2bba3aa-8054-463e-894a-8d80535ad732&D=&bidder=sovrn&uid=deea1eef1ede436936666d9f

Request Chain 81

• https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
• https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Request Chain 82

• https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
• https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3036622963926583299

Request Chain 83

• https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
• https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3036622963926583299

Request Chain 84

• https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
• https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=6ab46a2c-c71f-4589-8d8c-22e1a7765045

Request Chain 86

• https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
• https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP6038e178-05c1-11ec-b3fa-02469749efa6 HTTP 302
• https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP6038e178-05c1-11ec-b3fa-02469749efa6&verify=true HTTP 302
• https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP6038e178-05c1-11ec-b3fa-02469749efa6

Request Chain 87

• https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
• https://sync.quantumdex.io/setuid?bidder=sovrn&uid=deea1eef1ede436936666d9f

Request Chain 88

• https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
• https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
• https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-jKM9NStE2uHmBvZso60KKwKaSVXmMaQ3H2UxKHw-~A

Request Chain 89

• https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
• https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=55f7665d-5f18-4df7-9d2f-0fbc2090f95c

Request Chain 95

• https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YSZvgL2ARPHYv6ld_jxJGAAABJcAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YSZvgL2ARPHYv6ld_jxJGAAABJcAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOV-hkWubg-kFbPCz78YGPM&google_cver=1

Request Chain 96

• https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YSZvgL2ARPHYv6ld-jxJGAAA HTTP 302
• https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YSZvgL2ARPHYv6ld-jxJGAAA&google_tc= HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDhDyHC8kdExhaZrNBf4PaY&google_cver=1&gdpr=1

Request Chain 97

• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSZvgL2ARPHYv6ld_jxJGAAABJcAAAAB HTTP 302
• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSZvgL2ARPHYv6ld_jxJGAAABJcAAAAB&dcc=t

Request Chain 98

• https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=TWEI6V5qSV1XJYkVOML4uLm0D9M

Request Chain 99

• https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-6b7fa374-6ba5-455f-855b-6e27f3765544

Request Chain 101

• https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06a12204000d9a7f1024d7ce&expiration=[EXPIRATION]&gdpr=1

Request Chain 103

• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSZvgL2ARPHYv6ld_jxJGAAABJcAAAAB HTTP 302
• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSZvgL2ARPHYv6ld_jxJGAAABJcAAAAB&dcc=t

Request Chain 104

• https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YSZvgL2ARPHYv6ld-jxJGAAA HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED1EKbHED6fqRZkN9c9zzbI&google_cver=1&gdpr=1

Request Chain 105

• https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YSZvgL2ARPHYv6ld_jxJGAAABJcAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YSZvgL2ARPHYv6ld_jxJGAAABJcAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEC3G3fsLXJHI-GNvLJzfBww&google_cver=1

114 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	410 Gone	Primary Request Cookie set coffeeblood297 Show response ask.fm/	11 KB 13 KB	503ms 166ms	Document text/html	193.138.77.141 ASK-FM
General Check archive.org Show headers Download Go to Full URL https://ask.fm/coffeeblood297 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.138.77.141 , Latvia, ASN395754 (ASK-FM, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 4bc7f9a41ed3fc55692bb7f4f9a6c91a457f6f6315969d52e0bcf45219674aa3 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Host ask.fm Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Status 410 Gone Cache-Control no-cache X-Frame-Options SAMEORIGIN X-XSS-Protection 1; mode=block X-Content-Type-Options nosniff Date Wed, 25 Aug 2021 16:27:36 GMT Set-Cookie locale=en; path=/; expires=Thu, 25 Aug 2022 22:27:36 -0000 uuid=0a830a8d-ba36-4ffe-ae42-740f8123d717; path=/; expires=Thu, 25 Aug 2022 22:27:36 -0000; secure; HttpOnly country=CZ; path=/; expires=Thu, 25 Aug 2022 22:27:36 -0000 _m_ask_fm_session=NG5FTktNSGUyajlkd1pYNmw1YTZ3THNNWTI2OERHMXJvbG95dDREQ2l1OUdIYk4vMXZiaE5vaFdTL1BSbURuZTlRQ1lzN0VJcEhzTWRDaWxmaWNqVFZWeUNsdDgyajhoRlg5czRiMUtHN3JOaEhDVU1SOTJ4NVk3UlVwdXZNaS9uUEx4UUR3WUc1S2FVTW13YXFzb25FR2dlUnQxbmNua0FEbVhIaEVzWU5ucVVUdFJtWGo3Y0prNWtyNnhIWXg1Nk0vS3FET2tyYmN5NlNNSzY4bmdpYjl3UnRaWjdmc3B3Z0UxdytDZ2EyakJaUGNLUFNrdkllU2FiRHAvendCdS0tVlZMcVlPSkZkcll1OHZNdjhUVjd6QT09--13e2660d08fc13bad536d82eb577f239fe8fd28f; path=/; expires=Sat, 28 Aug 2021 16:27:36 -0000; secure; HttpOnly Server Ask.FM Web Service Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000
GET H2	200	application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css d3r6ceqp4shltl.cloudfront.net/assets/	184 KB 39 KB	35ms 7ms	Stylesheet text/css	2600:9000:21f3:5200:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css Requested by Host: ask.fm URL: https://ask.fm/coffeeblood297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:5200:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 6bf4d1a5ab84231d4d77a7aa49811be50601ad46f93002a7dfc4b29403980787 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 12:23:34 GMT content-encoding gzip age 619442 x-cache Hit from cloudfront access-control-max-age 3000 content-length 39692 access-control-allow-origin https://ask.fm last-modified Wed, 18 Aug 2021 12:19:47 GMT server Ask.FM Web Service etag "611cfae3-9b0c" strict-transport-security max-age=63072000 access-control-allow-methods GET content-type text/css via 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront) cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA2-C2 x-amz-cf-id c7gGKbkA_w-5d480dPrQ0OBIZJ0XV6dSXdecOAiHVuHCSo_qYPM6hw== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js Show response d3r6ceqp4shltl.cloudfront.net/assets/	217 KB 68 KB	35ms 8ms	Script application/javascript	2600:9000:21f3:5200:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js Requested by Host: ask.fm URL: https://ask.fm/coffeeblood297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:5200:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 12:06:37 GMT content-encoding gzip age 620459 x-cache Hit from cloudfront access-control-max-age 3000 content-length 69074 access-control-allow-origin https://ask.fm last-modified Wed, 18 Aug 2021 07:22:53 GMT server Ask.FM Web Service etag "611cb54d-10dd2" strict-transport-security max-age=63072000 access-control-allow-methods GET content-type application/javascript via 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront) cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA2-C2 x-amz-cf-id uXPj9Lsk4ImVg9hX6P1vhl0Bm4GMASm-pf_Tqb-HxDdLBUM1JMvusg== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	account-suspended.gif d3r6ceqp4shltl.cloudfront.net/images/errors/	380 KB 380 KB	16ms 13ms	Image image/gif	2600:9000:21f3:5200:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3r6ceqp4shltl.cloudfront.net/images/errors/account-suspended.gif Requested by Host: ask.fm URL: https://ask.fm/coffeeblood297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:5200:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash b570d38ee9fb9d3c62cdd3395021b23cf0c1b8d6e55aa0f4c31496723a30c202 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 15:38:28 GMT via 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront) age 607748 x-cache Hit from cloudfront content-length 388641 last-modified Wed, 18 Aug 2021 12:19:47 GMT server Ask.FM Web Service etag "611cfae3-5ee21" strict-transport-security max-age=63072000 content-type image/gif cache-control max-age=315360000, public content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA2-C2 accept-ranges bytes x-amz-cf-id AOvXJ4h00CiwRQ42kp4QKBXj1kdyFWXxbYRTm9rE3Bgx9X1a5pv49Q== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	tag.js Show response mc.yandex.ru/metrika/	224 KB 72 KB	140ms 44ms	Script application/javascript	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/tag.js Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash ff1343d1a8da5acf42773c36549ced52929ee8cb0e95eaa11acc91a3c8c76914 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 25 Aug 2021 16:27:37 GMT content-encoding br last-modified Tue, 24 Aug 2021 11:44:41 GMT etag "6123bebf-11d30" strict-transport-security max-age=31536000 content-type application/javascript access-control-allow-origin * cache-control max-age=3600 content-length 73008 expires Wed, 25 Aug 2021 17:27:37 GMT
GET H2	200	64439.jpg d16vsmxl4d5tw1.cloudfront.net/7ee/7209f/1c8c/4215/8780/5e693a63d1d1/thumb/	3 KB 3 KB	68ms 19ms	Image image/jpeg	2600:9000:2190:ca00:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/7ee/7209f/1c8c/4215/8780/5e693a63d1d1/thumb/64439.jpg Requested by Host: ask.fm URL: https://ask.fm/coffeeblood297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:ca00:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 73c1739b9702fb7e15d9f2941caee320669c5198f245f6f53666fb8962dfe888 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 24 Aug 2021 16:33:16 GMT via 1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront) last-modified Sun, 04 Aug 2019 12:06:53 GMT server AmazonS3 age 86062 etag "7e408f5583264c5901555c7de5a65bcc" x-cache Hit from cloudfront x-amz-version-id C4yaIWxA6KF9xSQkRfZ1lK7DDbkle71P x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-type image/jpeg content-length 3013 x-amz-cf-id CR6M4ehu0ahojPOZCKIoLYEwVtdVn3LNGN8IyYaQ4y_oYRk2GIJvhQ==
GET H2	200	Giantravenreadytograb236890.jpg dbq8hrmshvuto.cloudfront.net/assets2/142/743/404/544/normal/	124 KB 125 KB	99ms 51ms	Image image/jpeg	2600:9000:2190:2200:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/assets2/142/743/404/544/normal/Giantravenreadytograb236890.jpg Requested by Host: ask.fm URL: https://ask.fm/coffeeblood297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:2200:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 91091b8174e85461034dc248922ff5abbfc388ce5c847b486df421078919f483 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 17:56:34 GMT via 1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront) last-modified Sat, 09 Jan 2016 12:45:26 GMT server AmazonS3 age 599463 etag "c2f853dc3cb060ee4bc69b497f229b12" x-cache Hit from cloudfront x-amz-version-id null x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-type image/jpeg content-length 127190 x-amz-cf-id sctOnjMmCLPLfnFS-8arWNEWM2XV_c1vcV1y_ByBHZnOOat0rYVPPQ== expires Mon, 01 Jan 2024 00:00:00 GMT
GET H2	200	51845.jpg dbq8hrmshvuto.cloudfront.net/341/9a336/83e6/4a33/af02/4e20edc31487/thumb/	3 KB 3 KB	68ms 20ms	Image image/jpeg	2600:9000:2190:2200:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/341/9a336/83e6/4a33/af02/4e20edc31487/thumb/51845.jpg Requested by Host: ask.fm URL: https://ask.fm/coffeeblood297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:2200:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash baff26be3327d60e1cf1fc501d3fb7a36aa463976cdb151fdc70ea78db5f69d6 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 24 Aug 2021 16:33:16 GMT via 1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront) last-modified Wed, 11 Nov 2020 01:08:22 GMT server AmazonS3 age 86062 etag "775e3bc03e487b219802b3c0a0a67584" x-cache Hit from cloudfront x-amz-version-id fpfRwCOCwi2AugyaBEhIBSw_6MpPDfsm x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-type image/jpeg content-length 2604 x-amz-cf-id 3VRdiDArTjsfaU3FWSn7u8LA7DJTWgk_KjBI28ABp9uZLh750HvE_w==
GET H2	200	avatar.jpg dbq8hrmshvuto.cloudfront.net/assets/353/023/588/normal/	88 KB 88 KB	70ms 22ms	Image image/jpeg	2600:9000:2190:2200:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/assets/353/023/588/normal/avatar.jpg Requested by Host: ask.fm URL: https://ask.fm/coffeeblood297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:2200:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7ab5352fee5e507ae001a03044a471bfe8d730d3a7dba5f4df2ca127481d8600 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 23:40:23 GMT via 1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront) last-modified Tue, 07 Jan 2014 16:37:13 GMT server AmazonS3 age 146835 etag "71d6d4b00907397ec6c4da6740763769" x-cache Hit from cloudfront x-amz-version-id null x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-type image/jpeg content-length 89803 x-amz-cf-id 0i3mYIG26sihx81nkco7t_hM50K0Ff9wq5fMfAiVI074XCmkC8p3OA== expires Mon, 01 Jan 2024 00:00:00 GMT
GET H2	200	373888.jpg dbq8hrmshvuto.cloudfront.net/d3d/725ec/e83c/4972/82f1/5af59a74feb2/thumb/	4 KB 5 KB	111ms 64ms	Image image/jpeg	2600:9000:2190:2200:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/d3d/725ec/e83c/4972/82f1/5af59a74feb2/thumb/373888.jpg Requested by Host: ask.fm URL: https://ask.fm/coffeeblood297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:2200:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6b7545da2af00d2afd0c92b9d6152fed154eee713ff8125bf389c969632a8a81 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 25 Aug 2021 08:45:49 GMT via 1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront) last-modified Sun, 11 Oct 2020 13:04:58 GMT server AmazonS3 age 27709 etag "17429108d82228be324ceb93e570809d" x-cache Hit from cloudfront x-amz-version-id 4zQh1bDWJ5tJamtJOJ6CAq7ibr2RTw9G x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-type image/jpeg content-length 4269 x-amz-cf-id HJj3BOniMduNK0BMdpqXLd_zznAoh01q6z8Ey0_fwwYDgZx14Hc5kA==
GET H2	200	2271253.jpg dbq8hrmshvuto.cloudfront.net/d73/ccaaa/ad95/445c/8e9a/32bb0246c1cc/normal/	35 KB 35 KB	96ms 48ms	Image image/jpeg	2600:9000:2190:2200:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/d73/ccaaa/ad95/445c/8e9a/32bb0246c1cc/normal/2271253.jpg Requested by Host: ask.fm URL: https://ask.fm/coffeeblood297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:2200:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8c67b3f6e5edcf2ce6a7b184c22f5c28b781d05b85d0054595793e754e27fa7c Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id vjOx92fDB9aemxAQsfYU.C8dqJzolSI1 via 1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront) last-modified Sun, 23 Oct 2016 08:59:59 GMT server AmazonS3 age 1140 etag "9f9c5aeca478223f1a5333e5dec57cce" x-cache Hit from cloudfront content-type image/jpeg x-amz-storage-class REDUCED_REDUNDANCY date Wed, 25 Aug 2021 16:08:38 GMT x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 35858 x-amz-cf-id XyLPmw0zPtiFa_wB7pAHCzw6itXOuJ9NrpGfhMN8xN1OxYf2ck0XNA==
GET H2	200	289930.jpg d16vsmxl4d5tw1.cloudfront.net/0cf/9860a/1ac1/4ed6/a6ae/0e85f506132f/thumb/	2 KB 3 KB	67ms 21ms	Image image/jpeg	2600:9000:2190:ca00:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/0cf/9860a/1ac1/4ed6/a6ae/0e85f506132f/thumb/289930.jpg Requested by Host: ask.fm URL: https://ask.fm/coffeeblood297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:ca00:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 91faf2979006332b8194b2f3332fdf8c1c7706c85baa30a5bb9a8b0392e59a28 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id WBhn_Jt7Fdu0WNKP5_bhSW84dqjRFUi. via 1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront) last-modified Wed, 06 Mar 2019 19:52:59 GMT server AmazonS3 age 9921 etag "d34f49fe87e42b54df08399673e31199" x-cache Hit from cloudfront content-type image/jpeg x-amz-storage-class REDUCED_REDUNDANCY date Wed, 25 Aug 2021 13:42:17 GMT x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 2417 x-amz-cf-id dxCg06aagsxEE7LVHWO9wvU73L35FdZU0IFJWUXnQFF-cny-K5kg8g==
GET H2	200	739559.png dbq8hrmshvuto.cloudfront.net/d0f/704ed/2f71/42de/974d/14bdb28a1ce1/thumb/	10 KB 10 KB	114ms 67ms	Image image/png	2600:9000:2190:2200:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/d0f/704ed/2f71/42de/974d/14bdb28a1ce1/thumb/739559.png Requested by Host: ask.fm URL: https://ask.fm/coffeeblood297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:2200:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d40568182282a2934dcd0d6067bf4bf9cba0096420e09faa4037ed91d8efe1e2 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 25 Aug 2021 08:53:07 GMT via 1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront) last-modified Tue, 03 Nov 2020 13:37:20 GMT server AmazonS3 age 27271 etag "a97ffc99724084c0e65afe5f92664fb4" x-cache Hit from cloudfront x-amz-version-id uwpu8qlbX6zmbtsVCWRGfoFN4pJr6VUv x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-type image/png content-length 10208 x-amz-cf-id KmjmjlkkirDy2VX4_NntGo0Q0TvqdWqH4P2LUPiMvdAGaY1f0UvFEQ==
GET H2	200	269364.jpg dbq8hrmshvuto.cloudfront.net/74c/f00cb/e017/4664/84a7/def365f0e658/normal/	90 KB 91 KB	62ms 44ms	Image image/jpeg	2600:9000:2190:2200:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/74c/f00cb/e017/4664/84a7/def365f0e658/normal/269364.jpg Requested by Host: ask.fm URL: https://ask.fm/coffeeblood297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:2200:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 3558707d5c29e5257f9e5e6405548736d79152d52a9be7d07bc82085d5ca5b72 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 25 Aug 2021 12:45:37 GMT via 1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront) last-modified Wed, 06 Jul 2016 08:55:39 GMT server AmazonS3 age 13321 etag "ec98329a92383c4d5d44c74f58bd9cbd" x-cache Hit from cloudfront x-amz-version-id v6s7psC_uc5syfE_QNU2SQg1Zr6saDKt x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-type image/jpeg content-length 92174 x-amz-cf-id -ixrK__tDUUgCCv2toHZ6Ot9LuWMEvIpdtiDR-JRfJq3qmSRznYvbw==
GET H2	200	537250.jpg dbq8hrmshvuto.cloudfront.net/e0e/17923/c06a/4060/b268/528a25f8a9b9/thumb/	4 KB 5 KB	61ms 43ms	Image image/jpeg	2600:9000:2190:2200:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/e0e/17923/c06a/4060/b268/528a25f8a9b9/thumb/537250.jpg Requested by Host: ask.fm URL: https://ask.fm/coffeeblood297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:2200:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1682b40b69953f31e56cfdc29f9dd08857a31be59418c0d83e9c20ef6a98368d Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 25 Aug 2021 11:43:08 GMT via 1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront) last-modified Fri, 15 May 2020 18:41:55 GMT server AmazonS3 age 17070 etag "5e606aed697df3bf9f17688e37361fac" x-cache Hit from cloudfront x-amz-version-id Nvj1uXh2Pr9nk2Pj1ehfAbNzobKCEs6x x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-type image/jpeg content-length 4358 x-amz-cf-id Ulb6T-cgkV5Y36nahpdvhL6odRQYXLm5Wxk__enXRWMzKGPz0n1rIA==
GET H2	200	122414.jpg dbq8hrmshvuto.cloudfront.net/649/ba180/49a7/4152/83bd/bbd93bbf12ae/thumb/	3 KB 3 KB	47ms 28ms	Image image/jpeg	2600:9000:2190:2200:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/649/ba180/49a7/4152/83bd/bbd93bbf12ae/thumb/122414.jpg Requested by Host: ask.fm URL: https://ask.fm/coffeeblood297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:2200:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash dcb23893eb0fb03b8753aa094f76127e059010f2985ff3f089e34294f59ce42d Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id Upn0Onq2M_440Q_WzAl0V0teZADGmxvX via 1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront) last-modified Thu, 05 Aug 2021 04:46:55 GMT server AmazonS3 age 43715 etag "543f4cb4c282cc2d31847381b41fb71c" x-cache Hit from cloudfront content-type image/jpeg x-amz-storage-class REDUCED_REDUNDANCY date Wed, 25 Aug 2021 04:19:03 GMT x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 2672 x-amz-cf-id YlWNejfe3D30yqH399yNYtKbAmsoE3mHsBDTTotdSJex-YgTu10cnQ==
GET H2	200	52797.jpg d16vsmxl4d5tw1.cloudfront.net/85e/3215a/4dca/4bcf/8dd9/c13fcce64232/thumb/	4 KB 5 KB	476ms 430ms	Image image/jpeg	2600:9000:2190:ca00:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/85e/3215a/4dca/4bcf/8dd9/c13fcce64232/thumb/52797.jpg Requested by Host: ask.fm URL: https://ask.fm/coffeeblood297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:ca00:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a38623ad87d9ab92aefdb37f5f999158e7bd400ff26d4d7908a8fde12e5a5dfd Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 25 Aug 2021 16:27:38 GMT via 1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront) last-modified Wed, 09 May 2018 21:00:24 GMT server AmazonS3 x-amz-cf-pop ZRH50-C1 etag "9899094a7e389eb5d3c45079904ad3eb" x-cache Miss from cloudfront x-amz-version-id JQRttC6W3mPs2Qm0zYWLkncalinqdZbC x-amz-storage-class REDUCED_REDUNDANCY accept-ranges bytes content-type image/jpeg content-length 4345 x-amz-cf-id MpX6bpCCF-LBPc37XHg_p1mcrWRQg5l4xZ3wVbtTzggpD2DTOIB8Cg==
GET H2	200	70882.jpg dbq8hrmshvuto.cloudfront.net/89d/6d015/59b5/45f5/848e/7f6320718764/thumb/	2 KB 2 KB	55ms 36ms	Image image/jpeg	2600:9000:2190:2200:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/89d/6d015/59b5/45f5/848e/7f6320718764/thumb/70882.jpg Requested by Host: ask.fm URL: https://ask.fm/coffeeblood297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:2200:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a6904951d039fece466d13d17976fb8934efce3cfbaec2f3167efe54e1855e8f Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id MimcNRHthn6MxKEcTFkwLRJpLzwpiAOF via 1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront) last-modified Thu, 03 Dec 2020 08:20:58 GMT server AmazonS3 age 27244 etag "108659e699722030137d73e7736f2064" x-cache Hit from cloudfront content-type image/jpeg x-amz-storage-class REDUCED_REDUNDANCY date Wed, 25 Aug 2021 08:53:34 GMT x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 1666 x-amz-cf-id G80Yu8zr8QlcSaYyV79kOsEJ9sx-he90c6aEWegrB5ZgsnyN6a_2lQ==
GET H2	200	file.jpg dbq8hrmshvuto.cloudfront.net/assets2/100/782/208/256/normal/	72 KB 72 KB	47ms 29ms	Image image/jpeg	2600:9000:2190:2200:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/assets2/100/782/208/256/normal/file.jpg Requested by Host: ask.fm URL: https://ask.fm/coffeeblood297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:2200:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1b0b4237dbc8f0a910051990e13a246e0998daebddef19477fca46dd8cfb01a6 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 25 Aug 2021 16:26:46 GMT via 1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront) last-modified Sun, 17 May 2015 17:38:49 GMT server AmazonS3 age 51 etag "581a39d65c99a7937141433318e5f876" x-cache Hit from cloudfront x-amz-version-id null x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-type image/jpeg content-length 73633 x-amz-cf-id Z00YVYbJ9NVMvUgnyAuIjNyGUwUjC7MH1F3mrEThA3S2pHjs0-Kc0A== expires Mon, 01 Jan 2024 00:00:00 GMT
GET H2	200	47386.jpg d16vsmxl4d5tw1.cloudfront.net/e31/57c65/ee9b/4786/b930/ac76fa80fe16/thumb/	3 KB 4 KB	40ms 21ms	Image image/jpeg	2600:9000:2190:ca00:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/e31/57c65/ee9b/4786/b930/ac76fa80fe16/thumb/47386.jpg Requested by Host: ask.fm URL: https://ask.fm/coffeeblood297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:ca00:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a5a77cd0587d3878f7f43fe13d542ced9952a0df277afcf32c7d32b045c8bb26 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id P42huwumb5yAoVTOcokW1ppOg5P84CkN via 1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront) last-modified Tue, 02 Apr 2019 21:22:09 GMT server AmazonS3 age 18802 etag "a5f198d3d36987c2e408a8118267b9a7" x-cache Hit from cloudfront content-type image/jpeg x-amz-storage-class REDUCED_REDUNDANCY date Wed, 25 Aug 2021 11:14:16 GMT x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 3319 x-amz-cf-id 0ZKWSvukkebdAwUNgjapzOYdU1vni_ssu6flKZNh-LTZ-_8QYicOBQ==
GET H2	200	457663.jpg d16vsmxl4d5tw1.cloudfront.net/e1a/c604d/0b4a/4ac4/b6ca/f479c9804ee9/thumb/	4 KB 4 KB	41ms 22ms	Image image/jpeg	2600:9000:2190:ca00:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/e1a/c604d/0b4a/4ac4/b6ca/f479c9804ee9/thumb/457663.jpg Requested by Host: ask.fm URL: https://ask.fm/coffeeblood297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:ca00:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash abbbd29403cc52a456f9eb0ba1aa5fd40d8c7e9a653abed78c9258374da9dd63 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 24 Aug 2021 19:19:23 GMT via 1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront) last-modified Wed, 22 Nov 2017 19:35:51 GMT server AmazonS3 age 76095 etag "252a06ec6fe8c527d726ae5d5c8aebd0" x-cache Hit from cloudfront x-amz-version-id 6NWDAWNglvkXh_HWTBKYXbmERLnbS8JN x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-type image/jpeg content-length 4145 x-amz-cf-id Uih8zTPZPQJFRwesPx2xqHVk6-8pAMCxrg3-FfoY-fZ1HVyQMM7EMA==
GET H2	200	3344697.jpg d16vsmxl4d5tw1.cloudfront.net/6d6/7fbcf/98b4/4dd5/ba04/8509d9c9c0ed/thumb/	3 KB 3 KB	40ms 22ms	Image image/jpeg	2600:9000:2190:ca00:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/6d6/7fbcf/98b4/4dd5/ba04/8509d9c9c0ed/thumb/3344697.jpg Requested by Host: ask.fm URL: https://ask.fm/coffeeblood297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:ca00:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash eb68431f7dcdc4e63f324a13eac5ef38be04218d9f851a019a6c9cc276105f08 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id SQBD.4Y5Hjz8Uy_XrB3Z_3T6PE1ptRJp via 1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront) last-modified Wed, 30 Aug 2017 20:58:44 GMT server AmazonS3 age 56325 etag "493464ac9570dc2814ea9f44ec33d46d" x-cache Hit from cloudfront content-type image/jpeg x-amz-storage-class REDUCED_REDUNDANCY date Wed, 25 Aug 2021 00:48:53 GMT x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 2658 x-amz-cf-id _mAjR5QIwlaa43c4nErZ4meQfPtgEBO7aQfzQLLoBG6MCdBtlknmsQ==
GET H2	200	175341.jpg dbq8hrmshvuto.cloudfront.net/0f9/44bf2/2c48/4176/a9a4/056601556e87/thumb/	3 KB 3 KB	54ms 36ms	Image image/jpeg	2600:9000:2190:2200:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/0f9/44bf2/2c48/4176/a9a4/056601556e87/thumb/175341.jpg Requested by Host: ask.fm URL: https://ask.fm/coffeeblood297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:2200:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1c94021cfbb1ea81f28a49cbb9db96fd934ea5b59a5f3196fa6efcddc9c33e52 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id ZC7I_YIy2bIJT8mZHVyG_2PS6hpqEeqR via 1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront) last-modified Sat, 12 Sep 2020 21:21:19 GMT server AmazonS3 age 8614 etag "d2ec650086816e341e8774e3c95cd252" x-cache Hit from cloudfront content-type image/jpeg x-amz-storage-class REDUCED_REDUNDANCY date Wed, 25 Aug 2021 14:04:04 GMT x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 2732 x-amz-cf-id WubhUmu25kXnqTGLoL1S589xkHzOMMg2ORD4BgKyu6ZR4z5nstO60g==
GET H2	200	297271_547476491943136_60799131_n.jpg dbq8hrmshvuto.cloudfront.net/assets/081/294/511/normal/	29 KB 29 KB	61ms 43ms	Image image/jpeg	2600:9000:2190:2200:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/assets/081/294/511/normal/297271_547476491943136_60799131_n.jpg Requested by Host: ask.fm URL: https://ask.fm/coffeeblood297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:2200:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5fdfcacab08c06001948e5225d891b37a9deb60ebfd7627e43b78d91fa1883d6 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 24 Aug 2021 20:40:36 GMT via 1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront) last-modified Mon, 24 Dec 2012 00:08:32 GMT server AmazonS3 age 71222 etag "2b279bf7eed8eb478572f3c664c75213" x-cache Hit from cloudfront x-amz-version-id null x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-type image/jpeg content-length 29238 x-amz-cf-id xXeeDT3wa8xVR5_KbvYq9zIDGpGNXspipDuZrxTtcx7tBPFGdy0y3g== expires Fri, 23 Dec 2022 16:11:57 GMT
GET H2	200	71041.jpg d16vsmxl4d5tw1.cloudfront.net/1e0/024fb/3f8b/41d6/b0fc/549eb57d9d71/thumb/	2 KB 2 KB	466ms 448ms	Image image/jpeg	2600:9000:2190:ca00:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/1e0/024fb/3f8b/41d6/b0fc/549eb57d9d71/thumb/71041.jpg Requested by Host: ask.fm URL: https://ask.fm/coffeeblood297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:ca00:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d696981545b0c5b4d4fdb8c7b69bab05a3673a58365e00dd2f9653a1b536c5d9 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 25 Aug 2021 16:27:38 GMT via 1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront) last-modified Wed, 26 Feb 2020 23:39:54 GMT server AmazonS3 x-amz-cf-pop ZRH50-C1 etag "a7fb57311aa0949182e802b8c0148777" x-cache Miss from cloudfront x-amz-version-id ynmS_YHjoDERXpqt8vQJa460dq1sEjMD x-amz-storage-class REDUCED_REDUNDANCY accept-ranges bytes content-type image/jpeg content-length 1955 x-amz-cf-id 7KGLm6HPvhhhiMlLRLZ5b2xmrhIWgcXvpcKPVAQt9gtrTp2PdkYfJQ==
GET H2	200	162615.jpg dbq8hrmshvuto.cloudfront.net/94f/9442a/a3a1/4ddf/b0ea/b1d9bf924f3b/thumb/	3 KB 4 KB	55ms 38ms	Image image/jpeg	2600:9000:2190:2200:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/94f/9442a/a3a1/4ddf/b0ea/b1d9bf924f3b/thumb/162615.jpg Requested by Host: ask.fm URL: https://ask.fm/coffeeblood297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:2200:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash fab5af095a6ba6230dddf3db7c51b615744f768ed7d015e638af11cebb956d74 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id ZH7QS1uDZXG4TUdKANCtHDAf0pftZ_OX via 1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront) last-modified Sun, 17 Jan 2021 21:15:49 GMT server AmazonS3 age 34395 etag "9f5544c7c6d13e31c68df1f503c2b707" x-cache Hit from cloudfront content-type image/jpeg x-amz-storage-class REDUCED_REDUNDANCY date Wed, 25 Aug 2021 06:54:23 GMT x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 3365 x-amz-cf-id KaHLKDms_TecS90sVQ4_8pJI_jWB9Y4AYpzdYBUl6R99dAq4jGKMWg==
GET H2	200	avatar.jpg dbq8hrmshvuto.cloudfront.net/assets2/066/534/083/840/normal/	56 KB 57 KB	53ms 36ms	Image image/jpeg	2600:9000:2190:2200:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/assets2/066/534/083/840/normal/avatar.jpg Requested by Host: ask.fm URL: https://ask.fm/coffeeblood297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:2200:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 914990860f95aa262ffb522b5401a4d705f6163ee4aa9cf1e6c238dd0c6eebfb Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 16 Aug 2021 12:14:58 GMT via 1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront) last-modified Sun, 07 Dec 2014 08:27:25 GMT server AmazonS3 age 792760 etag "60baace5e78556baaab0715c1128efa5" x-cache Hit from cloudfront x-amz-version-id null x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-type image/jpeg content-length 57389 x-amz-cf-id cue9m2l6IQgRa2tiNBS54fSTm5s9EHueeTxCnGEpc7kk18kT5rd1qw== expires Mon, 01 Jan 2024 00:00:00 GMT
GET H2	200	853033.jpg d16vsmxl4d5tw1.cloudfront.net/893/3d631/185c/4383/a18a/793a3a4cb28e/thumb/	2 KB 2 KB	41ms 22ms	Image image/jpeg	2600:9000:2190:ca00:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/893/3d631/185c/4383/a18a/793a3a4cb28e/thumb/853033.jpg Requested by Host: ask.fm URL: https://ask.fm/coffeeblood297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:ca00:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 89bec4bf2ca2db2ede467a42ce44cb0d2c55c0496664f5cb8c3612cd5424098b Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 25 Aug 2021 11:13:57 GMT via 1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront) last-modified Tue, 24 Apr 2018 20:21:10 GMT server AmazonS3 age 18821 etag "fb76a0cd8a59e5582e521fe61c818e27" x-cache Hit from cloudfront x-amz-version-id fCcTpoHx9RYMJ4C0IubKtNIWeB6qK0gT x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-type image/jpeg content-length 1580 x-amz-cf-id eRao1uNC6SNaAUBx9wsoWWpADhcHINz58clYUO0doHrGVfyuxemWgA==
GET H2	200	57008.jpg dbq8hrmshvuto.cloudfront.net/6ae/b97dd/c495/4265/86ef/7e51d69b9f30/thumb/	2 KB 3 KB	60ms 42ms	Image image/jpeg	2600:9000:2190:2200:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/6ae/b97dd/c495/4265/86ef/7e51d69b9f30/thumb/57008.jpg Requested by Host: ask.fm URL: https://ask.fm/coffeeblood297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:2200:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 12ef38a28051576bb42b65bcc3d433516aef21819c869ecb2c5303f6443103ce Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 25 Aug 2021 11:43:08 GMT via 1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront) last-modified Wed, 03 Mar 2021 23:09:53 GMT server AmazonS3 age 17070 etag "fddafdad0a404435816b9701a8969637" x-cache Hit from cloudfront x-amz-version-id rT_K_1RTMxrbaGbRbqm8iVuzdsYaJjDe x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-type image/jpeg content-length 2318 x-amz-cf-id vvgE0D-iUhMnGF3BR1QUXzxLVlD5xyOecNVKBZk2CO2p0b1GtatnJw==
GET H2	200	IMG_20150914_172939.jpg dbq8hrmshvuto.cloudfront.net/assets2/125/330/053/376/normal/	136 KB 136 KB	57ms 39ms	Image image/jpeg	2600:9000:2190:2200:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/assets2/125/330/053/376/normal/IMG_20150914_172939.jpg Requested by Host: ask.fm URL: https://ask.fm/coffeeblood297 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:2200:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 3f2836269a26f5e0c7bd84fe2d2580075ffd1e365c99987d08e3d194bcfef94f Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 24 Aug 2021 12:21:57 GMT via 1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront) last-modified Sat, 19 Sep 2015 13:40:26 GMT server AmazonS3 age 101141 etag "348ff03d402b15d1d7cce1616d77d32c" x-cache Hit from cloudfront x-amz-version-id null x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-type image/jpeg content-length 138822 x-amz-cf-id vQJKk5B3LyNkNDObG3Wdbxpofk_wTUFeaSYXIH8f_bagVc9be5iVcA== expires Mon, 01 Jan 2024 00:00:00 GMT
GET H2	200	fontello-4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316.woff2 d3r6ceqp4shltl.cloudfront.net/assets/	17 KB 18 KB	32ms 14ms	Font application/font-woff2	2600:9000:21f3:5200:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/fontello-4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316.woff2 Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:5200:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Origin https://ask.fm Referer https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 29 Apr 2021 07:03:25 GMT via 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront) vary Accept-Encoding,Origin age 10229052 x-cache Hit from cloudfront strict-transport-security max-age=63072000 content-length 17880 last-modified Thu, 29 Apr 2021 05:41:49 GMT server Ask.FM Web Service etag "608a471d-45d8" access-control-max-age 3000 access-control-allow-methods GET content-type application/font-woff2 access-control-allow-origin https://ask.fm cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA2-C2 accept-ranges bytes x-amz-cf-id m_Z0YtEmc0DN-lSOI5a1RJU6W0fLNnW04O5hXltZoybObdZjs5L9ZA== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	proximanova-semibold-41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401.woff2 d3r6ceqp4shltl.cloudfront.net/assets/	25 KB 25 KB	26ms 8ms	Font application/font-woff2	2600:9000:21f3:5200:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/proximanova-semibold-41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401.woff2 Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:5200:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Origin https://ask.fm Referer https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 25 Feb 2021 11:14:43 GMT via 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront) vary Accept-Encoding,Origin age 15657174 x-cache Hit from cloudfront strict-transport-security max-age=63072000 content-length 25400 last-modified Wed, 06 Sep 2017 12:36:34 GMT server Ask.FM Web Service etag "59afebd2-6338" access-control-max-age 3000 access-control-allow-methods GET content-type application/font-woff2 access-control-allow-origin https://ask.fm cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA2-C2 accept-ranges bytes x-amz-cf-id wNmvGsCCBK2INTln-RYVe8yk0AWUxgc2v5XB5W0S1szUHSuxpYCNcw== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	proximanovareg-98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f.woff2 d3r6ceqp4shltl.cloudfront.net/assets/	51 KB 52 KB	33ms 16ms	Font application/font-woff2	2600:9000:21f3:5200:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/proximanovareg-98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f.woff2 Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:5200:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Origin https://ask.fm Referer https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 17 Apr 2021 07:55:47 GMT via 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront) vary Accept-Encoding,Origin age 11262710 x-cache Hit from cloudfront strict-transport-security max-age=63072000 content-length 52204 last-modified Wed, 02 Aug 2017 08:00:22 GMT server Ask.FM Web Service etag "59818696-cbec" access-control-max-age 3000 access-control-allow-methods GET content-type application/font-woff2 access-control-allow-origin https://ask.fm cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA2-C2 accept-ranges bytes x-amz-cf-id 0JjAMugykJp746WTtUOE2V3XIVxYCw6KT_RpsJjCmfOzvtxY_rysJQ== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	400	sync_cookie_image_decide mc.yandex.com/ Redirect Chain https://mc.yandex.com/sync_cookie_image_check https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9376.9q5Pg6jwbeI8RVco3BSS1iP06pk4uMy0B4X0SAU4z-HV0uKva5AaNk5_BafQa6z6.jd0mwkjpVuGI7ILfduDW0B2wKH0%2C https://mc.yandex.com/sync_cookie_image_decide?token=9376.eeaiJnvDcbTk_1hryR-oLD01z6NE0_gEMZpyCGfWFTyA71wkahY7P2WyuB5Eyp-m6FIvmeyC4Okncdq_roF9Tg%2C%2C.3lLCEtJgBVtMtyiXqu533HJqueM%2C	57 B 57 B	55ms 54ms	Image text/html	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/sync_cookie_image_decide?token=9376.eeaiJnvDcbTk_1hryR-oLD01z6NE0_gEMZpyCGfWFTyA71wkahY7P2WyuB5Eyp-m6FIvmeyC4Okncdq_roF9Tg%2C%2C.3lLCEtJgBVtMtyiXqu533HJqueM%2C Requested by Host: ask.fm URL: https://ask.fm/coffeeblood297 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 0b5d25d725de817533ea2383733d50bf153071af3405b993cba4f71ff7741017 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 25 Aug 2021 16:27:37 GMT strict-transport-security max-age=31536000 content-length 57 x-xss-protection 1; mode=block content-type text/html; charset=utf-8 Redirect headers location https://mc.yandex.com/sync_cookie_image_decide?token=9376.eeaiJnvDcbTk_1hryR-oLD01z6NE0_gEMZpyCGfWFTyA71wkahY7P2WyuB5Eyp-m6FIvmeyC4Okncdq_roF9Tg%2C%2C.3lLCEtJgBVtMtyiXqu533HJqueM%2C date Wed, 25 Aug 2021 16:27:37 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
GET H2	200	advert.gif mc.yandex.com/metrika/	43 B 112 B	44ms 44ms	Image image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/metrika/advert.gif Requested by Host: ask.fm URL: https://ask.fm/coffeeblood297 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 25 Aug 2021 16:27:37 GMT last-modified Tue, 24 Aug 2021 11:44:41 GMT etag "6123bebf-2b" strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes content-length 43 expires Wed, 25 Aug 2021 17:27:37 GMT
GET H2	200	1 Show response mc.yandex.com/watch/48953915/ Redirect Chain https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fcoffeeblood297&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A738%3Afu%3A0%3Aen%3Autf-8%... https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fcoffeeblood297&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A738%3Afu%3A0%3Aen%3Autf-...	383 B 465 B	47ms 47ms	XHR application/json	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fcoffeeblood297&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A738%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A624%3Acn%3A1%3Adp%3A0%3Als%3A841637214670%3Ahid%3A849448831%3Az%3A120%3Ai%3A20210825182737%3Aet%3A1629908857%3Ac%3A1%3Arn%3A285714950%3Au%3A1629908857121442250%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629908856412%3Ads%3A1%2C335%2C166%2C1%2C1%2C0%2C%2C89%2C12%2C%2C%2C%2C596%3Adsn%3A1%2C336%2C165%2C2%2C0%2C0%2C%2C90%2C12%2C%2C%2C%2C595%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629908857%3At%3AAccount%20Suspended%20-%20Ask.fm Requested by Host: ask.fm URL: https://ask.fm/coffeeblood297 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash a46acd2a60b78a9cf75d59fd4bbfdc9b518cd556553cda357443cbf161fe99ea Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 25 Aug 2021 16:27:37 GMT x-content-type-options nosniff last-modified Wed, 25-Aug-2021 16:27:37 GMT strict-transport-security max-age=31536000 content-type application/json; charset=utf-8 access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 383 x-xss-protection 1; mode=block expires Wed, 25-Aug-2021 16:27:37 GMT Redirect headers pragma no-cache date Wed, 25 Aug 2021 16:27:37 GMT last-modified Wed, 25-Aug-2021 16:27:37 GMT location /watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fcoffeeblood297&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A738%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A624%3Acn%3A1%3Adp%3A0%3Als%3A841637214670%3Ahid%3A849448831%3Az%3A120%3Ai%3A20210825182737%3Aet%3A1629908857%3Ac%3A1%3Arn%3A285714950%3Au%3A1629908857121442250%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629908856412%3Ads%3A1%2C335%2C166%2C1%2C1%2C0%2C%2C89%2C12%2C%2C%2C%2C596%3Adsn%3A1%2C336%2C165%2C2%2C0%2C0%2C%2C90%2C12%2C%2C%2C%2C595%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629908857%3At%3AAccount%20Suspended%20-%20Ask.fm strict-transport-security max-age=31536000 access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Wed, 25-Aug-2021 16:27:37 GMT
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	3 KB 2 KB	21ms 3ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 71eae34b5f21e314cf948a93768f979a091e61a345493e42597afb45eac1a483 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 FmDzRH/fN9x7m1tnoi2rig== cross-origin-resource-policy cross-origin expires Wed, 25 Aug 2021 16:35:58 GMT alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 1686 x-fb-rlafr 0 x-fb-debug rkL+3IQcSsf93Rj6rALlvAbuh8C3CsZmfo4ncCOsuZ+pZgAucsywMfgfUumMg9KYLM0CV1Dnoaf+vSICKDXqiw== x-fb-trip-id 686109401 x-fb-content-md5 8863ae33baf7cedd8f75cbe2804a6aa8 cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Wed, 25 Aug 2021 16:27:37 GMT x-frame-options DENY report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=1200,stale-while-revalidate=3600 etag "02e02a4af79ba72ecb71a981990da057" timing-allow-origin * access-control-expose-headers X-FB-Content-MD5
GET H2	200	gtm.js Show response www.googletagmanager.com/	90 KB 36 KB	45ms 19ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NDJVZHZ Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c4d5b31a75de9f396219d619de92add5e1a27bef1db0f3e30cfb3045556a7c28 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 25 Aug 2021 16:27:37 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36591 x-xss-protection 0 last-modified Wed, 25 Aug 2021 15:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 25 Aug 2021 16:27:37 GMT
GET H2	200	3eb3366e-65c3-4a24-90f5-0026136a4131.min.js Show response cmp.optad360.io/items/	2 B 361 B	79ms 23ms	Script application/javascript	2600:9000:2190:ac00:6:b871:4f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.optad360.io/items/3eb3366e-65c3-4a24-90f5-0026136a4131.min.js Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:ac00:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 25 Aug 2021 15:47:09 GMT via 1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront) last-modified Wed, 28 Apr 2021 09:49:58 GMT server AmazonS3 age 2429 etag "99914b932bd37a50b983c5e7c90ae93b" x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=3600 x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 2 x-amz-cf-id FOtoi-9hPCsYJb9LcBoUl2ln5CaSEDo6b7EESOQ5wmNDU_VDRx-r9A==
GET H2	200	plugin.min.js Show response get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/	275 KB 72 KB	61ms 15ms	Script application/javascript	2600:9000:2190:e600:11:a4de:2580:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:e600:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f241f634c67fb384bc28e2ad5bd96f4879ff34bc1e8865bb6f2393125c5ef70f Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 25 Aug 2021 16:13:58 GMT content-encoding gzip last-modified Wed, 25 Aug 2021 16:12:10 GMT server AmazonS3 age 820 etag W/"f218ca27c0278f5ff55a841b20817a44" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront) cache-control public, max-age=3600 x-amz-cf-pop ZRH50-C1 x-amz-cf-id z3exjLb03agQx-fnM0IQmNfUghkp9zGtF7s_FUq2l1G0fm0Zzg6Msg==
GET H3-29	200	sdk.js Show response connect.facebook.net/en_US/	230 KB 67 KB	16ms 7ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js?hash=59d61c1f69b162af57ee2f6fb8d605e8 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 94825f28b1718430b9180eff43ca0dc0364bf04a89ef14e62b7001ee7c0779c0 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 1uCQlwyrRiC0EYHJ8GoVlA== cross-origin-resource-policy cross-origin expires Thu, 25 Aug 2022 14:30:33 GMT alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 68319 x-fb-rlafr 0 x-fb-debug rf3mYwLs65U5A9hdVL1JLY6NWMFahqo4mtk3mVg7fQdbsUYCLdUoyTFXGNJtwuKhFw8mECVfFny+7179j59yHA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-content-md5 373aeaf6bc094dd4a796f55de67dbbf4 cross-origin-opener-policy same-origin-allow-popups date Wed, 25 Aug 2021 16:27:37 GMT x-frame-options DENY report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable etag "c96fe1d50625abe3c7c527ab747b16c9" timing-allow-origin * priority u=3,i access-control-expose-headers X-FB-Content-MD5
GET H2	200	/ www.facebook.com/tr/	44 B 297 B	20ms 6ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=129215213762342&ev=fb_page_view&dl=https%3A%2F%2Fask.fm%2Fcoffeeblood297&rl=&if=false&ts=1629908857635&sw=1600&sh=1200&at= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 25 Aug 2021 16:27:37 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Wed, 25 Aug 2021 16:27:37 GMT
GET H2	200	prebid4.39.0.js Show response get.optad360.io/sf/	492 KB 153 KB	12ms 12ms	Script application/javascript	2600:9000:2190:e600:11:a4de:2580:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://get.optad360.io/sf/prebid4.39.0.js Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:e600:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 86a90b183aecfa70018125329bdc860971b2f20123c0f40e68bac0a1dcb58645 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 19 Jul 2021 10:24:31 GMT content-encoding gzip last-modified Thu, 13 May 2021 10:44:35 GMT server AmazonS3 age 3218587 etag W/"e020700f5effdce1f4be56434553da72" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront) cache-control public, max-age=360000000 x-amz-cf-pop ZRH50-C1 x-amz-cf-id 6mcT85Lcy9sSYIjPQPDfg88VxWV7U9oLEBoIEgts6dc83UAXdt3Asw==
GET H2	200	latest.json Show response cdn.jsdelivr.net/gh/prebid/currency-file@1/	2 KB 1 KB	18ms 6ms	XHR application/json	2a04:4e42:3::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210825 Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 2379f0dd51e35a8a91d784fe3f7c1080c2784eac7f1670c973f3bd6a954e26df Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 4439 x-jsd-version 1.0.1080 x-cache HIT cross-origin-resource-policy cross-origin content-length 933 etag W/"699-OT0BY8q6A84vpn57VEFpZvh1DDU" x-served-by cache-fra19142-FRA x-jsd-version-type version date Wed, 25 Aug 2021 16:27:38 GMT vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
POST H2	200	48953915 Show response mc.yandex.com/webvisor/	43 B 73 B	91ms 91ms	XHR image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=849448831&page-url=https%3A%2F%2Fask.fm%2Fcoffeeblood297&rn=205285237&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1629908860%3Aw%3A1600x1200%3Av%3A624%3Az%3A120%3Ai%3A20210825182740%3Au%3A1629908857121442250%3Avf%3A25rt5xty9edhsiwwad%3Awe%3A1%3Ati%3A2%3Ast%3A1629908860 Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 25 Aug 2021 16:27:40 GMT last-modified Wed, 25-Aug-2021 16:27:40 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Wed, 25-Aug-2021 16:27:40 GMT
POST H2	200	48953915 Show response mc.yandex.com/webvisor/	43 B 145 B	89ms 89ms	XHR image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=849448831&page-url=https%3A%2F%2Fask.fm%2Fcoffeeblood297&rn=866830709&wv-type=5&browser-info=gdpr%3A14%3Aet%3A1629908860%3Aw%3A1600x1200%3Av%3A624%3Az%3A120%3Ai%3A20210825182740%3Au%3A1629908857121442250%3Avf%3A25rt5xty9edhsiwwad%3Awe%3A1%3Ati%3A2%3Ast%3A1629908860 Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 25 Aug 2021 16:27:40 GMT last-modified Wed, 25-Aug-2021 16:27:40 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Wed, 25-Aug-2021 16:27:40 GMT
OPTIONS H2	200	json gum.criteo.com/sid/ Frame	0 0	36ms 12ms	Preflight application/json	2a02:2638:1::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1 Protocol H2 Server 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin https://ask.fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache content-type application/json; charset=utf-8 expires 0 strict-transport-security max-age=31536000 access-control-allow-origin https://ask.fm access-control-allow-headers content-type access-control-allow-credentials true access-control-allow-methods GET server-processing-duration-in-ticks 1184 date Wed, 25 Aug 2021 16:27:39 GMT content-encoding gzip vary Accept-Encoding
GET H2	200	optad360.js Show response serving.stat-rock.com/player/	304 KB 95 KB	136ms 42ms	Script application/javascript	78.140.185.32 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://serving.stat-rock.com/player/optad360.js Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS ap8.adplayer.pro Software nginx / Resource Hash 3ffd3c012ea6753cd0373b0c79c43ab8a1915dd112e15c821ea654e8b01739ed Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 25 Aug 2021 16:27:40 GMT content-encoding gzip last-modified Fri, 18 Jun 2021 08:28:33 GMT server nginx etag W/"60cc5931-4beb9" vary Accept-Encoding content-type application/javascript cache-control public, max-age=600
GET H2	200	sid Show response mug.criteo.com/ Redirect Chain https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1 https://mug.criteo.com/sid?cpp=nJD93HxXeGlOSWV5eU1kbFB5cTJhbm1LYk9IbWhuNkp5eVJjNHlVOW9HN2NiS2hRVzdhcFBDS0IzS2FSWEJ4MUdJMEtYZWpQOUQ2SGRSdzNZNXdBVG5pTmd4OW1qSFJuN3ZZTnN0UHQ2b3VpZXU5c2xoL3dhNXlrUldqTl...	318 B 586 B	86ms 30ms	XHR application/json	178.250.2.146 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=nJD93HxXeGlOSWV5eU1kbFB5cTJhbm1LYk9IbWhuNkp5eVJjNHlVOW9HN2NiS2hRVzdhcFBDS0IzS2FSWEJ4MUdJMEtYZWpQOUQ2SGRSdzNZNXdBVG5pTmd4OW1qSFJuN3ZZTnN0UHQ2b3VpZXU5c2xoL3dhNXlrUldqTlVaZDltc1BaaWIvcjgydUlkM2c0NERTMCtuVDQrbzJiQTNHVzVSMk14U1dkdWljS3dWUlpIQ1BmNDYrV3ZhNmw5MEJxL292dzNFb2RnQTd4OFIwMUEwUmZsR3BSU1R3PT18&cppv=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash 026ad3da972f9e46f674f9caac69262606ff0cfecfd9b34ce8a9146a73b621e4 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 content-encoding gzip date Wed, 25 Aug 2021 16:27:40 GMT vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin null cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 2222 expires 0 Redirect headers pragma no-cache strict-transport-security max-age=31536000 date Wed, 25 Aug 2021 16:27:40 GMT location https://mug.criteo.com/sid?cpp=nJD93HxXeGlOSWV5eU1kbFB5cTJhbm1LYk9IbWhuNkp5eVJjNHlVOW9HN2NiS2hRVzdhcFBDS0IzS2FSWEJ4MUdJMEtYZWpQOUQ2SGRSdzNZNXdBVG5pTmd4OW1qSFJuN3ZZTnN0UHQ2b3VpZXU5c2xoL3dhNXlrUldqTlVaZDltc1BaaWIvcjgydUlkM2c0NERTMCtuVDQrbzJiQTNHVzVSMk14U1dkdWljS3dWUlpIQ1BmNDYrV3ZhNmw5MEJxL292dzNFb2RnQTd4OFIwMUEwUmZsR3BSU1R3PT18&cppv=2 access-control-allow-methods GET content-type text/html; charset=utf-8 access-control-allow-origin https://ask.fm cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 1771 content-length 455 expires 0
GET H2	200	cygnus Show response htlb.casalemedia.com/	24 B 365 B	80ms 36ms	XHR application/json	184.31.84.150 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://htlb.casalemedia.com/cygnus?s=425272&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2219d4bc7ffcc4c8%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fask.fm%2Fcoffeeblood297%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.39.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222eb1e74c5f6fa1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%222eb1e74c5f6fa1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22750x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A750%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%222eb1e74c5f6fa1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-31-84-150.deploy.static.akamaitechnologies.com Software Apache / Resource Hash dc25e1482aeedd87a2c6cdc0924497ae591ffb4eb08554870cac63dbd200bf7f Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 25 Aug 2021 16:27:40 GMT content-encoding gzip x-ak-initial-geo CC:[CZ], RC:[], CN:[EU], CIP:[185.180.15.211], XFF:[] server Apache vary Is-Traffic-Invalid,Accept-Encoding content-type application/json access-control-allow-origin https://ask.fm x-cs-client-geo 09 cache-control max-age=0, no-cache, no-store access-control-allow-credentials true content-length 44 x-ak-client-geo 09 expires Wed, 25 Aug 2021 16:27:40 GMT
POST H2	200	prebid-request Show response onetag-sys.com/	15 B 362 B	82ms 27ms	XHR application/json	51.89.9.251 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/prebid-request Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip251.ip-51-89-9.eu Software / Resource Hash 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=15552000 content-encoding gzip p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' access-control-allow-origin https://ask.fm cache-control no-transform, no-cache access-control-allow-credentials true content-type application/json access-control-allow-headers content-type, origin, referer, user-agent content-length 41
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	259 B 1 KB	126ms 63ms	XHR application/json	37.252.173.62 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash 7baef48c6b5beb539d4d0f3d69086631766f23ab4a25750d759f2ec3c1d4fe36 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Wed, 25 Aug 2021 16:27:40 GMT X-Proxy-Origin 185.180.15.211; 185.180.15.211; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 4b14a2b2-55ce-4fab-af23-fb033312b353 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://ask.fm Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 259 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	256 B 1 KB	119ms 60ms	XHR application/json	37.252.173.62 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash 7767925d02bbc996e4ac030f2cdc4c43fd7f6066c8c975657cd97174fe46ed58 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Wed, 25 Aug 2021 16:27:40 GMT X-Proxy-Origin 185.180.15.211; 185.180.15.211; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 1d884b77-f3b9-4ac5-aabe-7cd1c2f03dac Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://ask.fm Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 256 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ Show response adx.adform.net/adx/	10 B 449 B	169ms 100ms	XHR application/json	37.157.6.241 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/?rp=4&bWlkPTg2NTI1MyZ0cmFuc2FjdGlvbklkPTgxYWNmMDdlLTdmYjQtNDMyNC05NGZhLWJmYjYyMjU4MjgxOSZyY3VyPVBMTg%3D%3D&bWlkPTgwMjYyMCZ0cmFuc2FjdGlvbklkPTBjNmE0MjY2LWYzY2QtNDU1NC04OTM2LTg0MzE0M2VjOTE5YSZyY3VyPVBMTg%3D%3D&pt=gross&stid=7aa9275e-e44b-4622-bf6d-8cf923f76ba4&gdpr=0&gdpr_consent=undefined&fd=1 Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.241 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 25 Aug 2021 16:27:40 GMT server nginx access-control-max-age 86400 access-control-allow-methods GET, POST p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin https://ask.fm cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains content-type application/json; charset=utf-8 access-control-allow-headers Content-Type, Cache-Control, Accept-Encoding, X-Requested-With content-length 10 expires -1
POST H2	200	c Show response prebid.a-mo.net/a/	861 B 778 B	347ms 127ms	XHR application/json	147.75.38.124 PACKET
General Check archive.org Show headers Download Go to Full URL https://prebid.a-mo.net/a/c Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash a6c21cbf435eced4f2c989982dd39dfee122b90bb13636c5bb4e05a51dfa0df0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Wed, 25 Aug 2021 16:27:40 GMT content-encoding gzip server envoy vary origin, accept-encoding content-type application/json; charset=utf-8 access-control-allow-origin https://ask.fm cache-control max-age=0, private, must-revalidate access-control-allow-credentials true x-envoy-upstream-service-time 18 content-length 354
POST H/1.1	200 OK	v1 Show response prg.smartadserver.com/prebid/	954 B 2 KB	148ms 78ms	XHR application/json	185.86.139.96 SMARTADSERVER
General Check archive.org Show headers Download Go to Full URL https://prg.smartadserver.com/prebid/v1 Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash 4fe14c10690106104501b2716560ba2e22565e248a0815fd48937d3f3349ee61 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 25 Aug 2021 16:27:40 GMT content-encoding br vary Accept-Encoding x-smrt-d 6%3b25%3b85 p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" access-control-allow-origin https://ask.fm cache-control no-cache,no-store access-control-allow-credentials true content-type application/json; charset=UTF-8 transfer-encoding chunked
POST		v2 i.connectad.io/api/	0 0
POST H2	204	apacdex Show response useast.quantumdex.io/auction/	0 625 B	219ms 196ms	XHR text/plain	2606:4700:20::ac43:47f1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://useast.quantumdex.io/auction/apacdex Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Wed, 25 Aug 2021 16:27:41 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-allow-methods POST, GET access-control-allow-origin https://ask.fm report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HN0spzY9b1HxY5XWdWIBzFqcXL%2BfP3bMN%2BA%2Fh%2B%2Fdw45dik3RV5QQrO3M18qR9VJRqnuRGRAnCx6puWw1G2%2BvftbKRV2QSPztnqgdtp68fP9pCMn0LzgttjXWjZhHdJyd2vzAOHjSh%2FKuDREhDBiB0Tp3"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 6846306c7f875b74-FRA
OPTIONS H2	200	sid mug.criteo.com/ Frame	0 0	87ms 29ms	Preflight application/json	178.250.2.146 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=nJD93HxXeGlOSWV5eU1kbFB5cTJhbm1LYk9IbWhuNkp5eVJjNHlVOW9HN2NiS2hRVzdhcFBDS0IzS2FSWEJ4MUdJMEtYZWpQOUQ2SGRSdzNZNXdBVG5pTmd4OW1qSFJuN3ZZTnN0UHQ2b3VpZXU5c2xoL3dhNXlrUldqTlVaZDltc1BaaWIvcjgydUlkM2c0NERTMCtuVDQrbzJiQTNHVzVSMk14U1dkdWljS3dWUlpIQ1BmNDYrV3ZhNmw5MEJxL292dzNFb2RnQTd4OFIwMUEwUmZsR3BSU1R3PT18&cppv=2 Protocol H2 Server 178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin null User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache content-type application/json; charset=utf-8 expires 0 strict-transport-security max-age=31536000 access-control-allow-origin null access-control-allow-headers content-type access-control-allow-credentials true access-control-allow-methods GET server-processing-duration-in-ticks 1034 date Wed, 25 Aug 2021 16:27:40 GMT content-encoding gzip vary Accept-Encoding
GET DATA	200 OK	truncated /	630 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	410 Gone	Cookie set coffeeblood297 Show response ask.fm/	11 KB 13 KB	162ms 162ms	XHR text/html	193.138.77.141 ASK-FM
General Check archive.org Show headers Download Go to Full URL https://ask.fm/coffeeblood297 Requested by Host: serving.stat-rock.com URL: https://serving.stat-rock.com/player/optad360.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.138.77.141 , Latvia, ASN395754 (ASK-FM, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 05aeb90827844a14632bb55f351e35a1031002c16b87c61ebd544cbd4b80b781 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host ask.fm Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Accept */* Cache-Control no-cache Sec-Fetch-Dest empty Referer https://ask.fm/coffeeblood297 Cookie _pbjs_userid_consent_data=6683316680106290; cto_bidid=-nLL4V92MUpMNHhnU1c3TEhsOVNubjlTZ01lWWVYcUhSVENpRU9jbndsZ1RleVVxVXBMdWFSWWNnRld5MmklMkJWUENIRm9sbW1BbjBrb0hoSWZGQm5jeGRFVEdBJTNEJTNE; cto_bundle=8ATZo19ldHp6Q0JjZ0U2USUyQlhJJTJGTWZWZ1U3bkRxempKeHpIZVhxcm10UnNPVW03N2hpMmtUUWU2alFFaGVEcXN3NGtBOGt6dWhLZHFJelFzdkpyc3JBJTJCUEVBcUZ5c24yaGpreWJONVEzaVlEOXR5cyUzRA Connection keep-alive Referer https://ask.fm/coffeeblood297 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 25 Aug 2021 16:27:41 GMT X-Content-Type-Options nosniff Server Ask.FM Web Service X-Frame-Options SAMEORIGIN Strict-Transport-Security max-age=63072000 Content-Type text/html; charset=utf-8 Status 410 Gone Cache-Control no-cache Transfer-Encoding chunked Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Set-Cookie locale=en; path=/; expires=Thu, 25 Aug 2022 22:27:41 -0000 uuid=4afc6621-9586-402b-bcc7-19ecf1119e22; path=/; expires=Thu, 25 Aug 2022 22:27:41 -0000; secure; HttpOnly country=CZ; path=/; expires=Thu, 25 Aug 2022 22:27:41 -0000 _m_ask_fm_session=VWZlNi9HTVlaUXMzdDV3c1ptZjk1ZEZDbHg3ajdmcHNLa1ZJdzBiaUZ1YzQ5Mzl5OUxyczk3STRqQjFCZzVOb3FTMzUwQVN1K2Z3WGRobTQ1WWZQVktJWHFodWdlcHZrTnk0OGF2ajFES0tVVDdaRWdMSXV5Z0VIeTZOTURTTWZvajFMUk1zdUJLd1J5SVB2SzAzeEVKR3k1eUt2UWhkMDFwUDdvTlczTXlickYvOWNNN2cwazdLajVETk95TXN3TFJXcEtkTzFCNCtHVTJqUG5vWitucTh2cFUvS0l3NDhFUkR5K3FheHFiUlBwQjF4OXgydGRVeUNVOE43SWlQbC0tYXpLUlkxTGJxcWdaU3k3NzRQVUhTQT09--153bedef7098e63d5513af3d54ad22f877d3553c; path=/; expires=Sat, 28 Aug 2021 16:27:41 -0000; secure; HttpOnly X-XSS-Protection 1; mode=block
GET H2	200	1 serving.stat-rock.com/v1/log/js/	35 B 163 B	86ms 29ms	Image image/gif	78.140.185.32 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://serving.stat-rock.com/v1/log/js/1?id=1629908861455.1619&type=INIT&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fcoffeeblood297&t=479&v=91&width=528&z=p%3Adf%3Bv%3AinView%3B&r=0.9979856124905828 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS ap8.adplayer.pro Software nginx / Resource Hash 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540 Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://ask.fm date Wed, 25 Aug 2021 16:27:41 GMT srvf 78.140.185.32 server nginx srvb 127.0.0.1:8082 content-length 35 content-type image/gif
GET H2	200	1 serving.stat-rock.com/v1/log/js/	35 B 162 B	86ms 29ms	Image image/gif	78.140.185.32 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://serving.stat-rock.com/v1/log/js/1?id=1629908861455.1619&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fcoffeeblood297&t=486&v=91&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.15188819056709302 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS ap8.adplayer.pro Software nginx / Resource Hash 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540 Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://ask.fm date Wed, 25 Aug 2021 16:27:41 GMT srvf 78.140.185.32 server nginx srvb 127.0.0.1:8082 content-length 35 content-type image/gif
GET H/1.1	410 Gone	Cookie set coffeeblood297 Show response ask.fm/	11 KB 12 KB	191ms 191ms	XHR text/html	193.138.77.141 ASK-FM
General Check archive.org Show headers Download Go to Full URL https://ask.fm/coffeeblood297 Requested by Host: serving.stat-rock.com URL: https://serving.stat-rock.com/player/optad360.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.138.77.141 , Latvia, ASN395754 (ASK-FM, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 5c2630a90192b23dcfde89cd493b549e807b79d861f59277f208dd51f17128ac Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host ask.fm Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Accept */* Cache-Control no-cache Sec-Fetch-Dest empty Referer https://ask.fm/coffeeblood297 Cookie _pbjs_userid_consent_data=6683316680106290; cto_bidid=-nLL4V92MUpMNHhnU1c3TEhsOVNubjlTZ01lWWVYcUhSVENpRU9jbndsZ1RleVVxVXBMdWFSWWNnRld5MmklMkJWUENIRm9sbW1BbjBrb0hoSWZGQm5jeGRFVEdBJTNEJTNE; cto_bundle=8ATZo19ldHp6Q0JjZ0U2USUyQlhJJTJGTWZWZ1U3bkRxempKeHpIZVhxcm10UnNPVW03N2hpMmtUUWU2alFFaGVEcXN3NGtBOGt6dWhLZHFJelFzdkpyc3JBJTJCUEVBcUZ5c24yaGpreWJONVEzaVlEOXR5cyUzRA; locale=en; uuid=4afc6621-9586-402b-bcc7-19ecf1119e22; country=CZ; _m_ask_fm_session=VWZlNi9HTVlaUXMzdDV3c1ptZjk1ZEZDbHg3ajdmcHNLa1ZJdzBiaUZ1YzQ5Mzl5OUxyczk3STRqQjFCZzVOb3FTMzUwQVN1K2Z3WGRobTQ1WWZQVktJWHFodWdlcHZrTnk0OGF2ajFES0tVVDdaRWdMSXV5Z0VIeTZOTURTTWZvajFMUk1zdUJLd1J5SVB2SzAzeEVKR3k1eUt2UWhkMDFwUDdvTlczTXlickYvOWNNN2cwazdLajVETk95TXN3TFJXcEtkTzFCNCtHVTJqUG5vWitucTh2cFUvS0l3NDhFUkR5K3FheHFiUlBwQjF4OXgydGRVeUNVOE43SWlQbC0tYXpLUlkxTGJxcWdaU3k3NzRQVUhTQT09--153bedef7098e63d5513af3d54ad22f877d3553c Connection keep-alive Referer https://ask.fm/coffeeblood297 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 25 Aug 2021 16:27:41 GMT X-Content-Type-Options nosniff Server Ask.FM Web Service X-Frame-Options SAMEORIGIN Strict-Transport-Security max-age=63072000 Content-Type text/html; charset=utf-8 Status 410 Gone Cache-Control no-cache Transfer-Encoding chunked Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Set-Cookie locale=en; path=/; expires=Thu, 25 Aug 2022 22:27:41 -0000 _m_ask_fm_session=ZkQvTFIyYmp4YnB0ZzVlOTNYLzhla3dwaUlLT1dUbXozTWhRNDRzS2ZUa0pRempTQzBHZnZEanlPeEJEUitXdko5bFlGTHNLeEIwN2o1aWsyS2ZtaEprZGVYN3FOQ1QreXFManA2b3VTUDhVQzBMQjd3VVZHMGtCK1lNSWN3aGNZb05sQzEyeEt4MCtkWm8vbFU0L25ZdWMrR3pvTzBoMGdaSHg0aFE4UlBZS25EOGw2MXpuYnZkQmJHNWxPMEFkRmk0cy94RVAvL3BPWG90V0E3U1JJUkpvaTZkcU9UM0RlVkszUXhIMk1jSHR2cVZFM2JSVjcxQ2RzRlZ4VGxSai0tMCtWVWZUTmcyYWVwQkE5Y0Y3WWtWZz09--c2ffa1820ab96e8e038d122b0b6970e45c4b7ff2; path=/; expires=Sat, 28 Aug 2021 16:27:41 -0000; secure; HttpOnly X-XSS-Protection 1; mode=block
GET H2	200	1 serving.stat-rock.com/v1/log/js/	35 B 162 B	34ms 33ms	Image image/gif	78.140.185.32 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://serving.stat-rock.com/v1/log/js/1?d=1&id=1629908861455.1619&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fcoffeeblood297&t=652&v=91&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.025551545547327636 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS ap8.adplayer.pro Software nginx / Resource Hash 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540 Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://ask.fm date Wed, 25 Aug 2021 16:27:41 GMT srvf 78.140.185.32 server nginx srvb 127.0.0.1:8082 content-length 35 content-type image/gif
GET H2	200	1 serving.stat-rock.com/v1/log/js/	35 B 162 B	28ms 27ms	Image image/gif	78.140.185.32 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://serving.stat-rock.com/v1/log/js/1?id=1629908861455.1619&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fcoffeeblood297&t=861&v=91&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.8342359419152241 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS ap8.adplayer.pro Software nginx / Resource Hash 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540 Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://ask.fm date Wed, 25 Aug 2021 16:27:41 GMT srvf 78.140.185.32 server nginx srvb 127.0.0.1:8082 content-length 35 content-type image/gif
GET H2	200	1 serving.stat-rock.com/v1/log/js/	35 B 162 B	28ms 27ms	Image image/gif	78.140.185.32 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://serving.stat-rock.com/v1/log/js/1?d=1&id=1629908861455.1619&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fcoffeeblood297&t=861&v=91&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.23382042756061017 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS ap8.adplayer.pro Software nginx / Resource Hash 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540 Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://ask.fm date Wed, 25 Aug 2021 16:27:41 GMT srvf 78.140.185.32 server nginx srvb 127.0.0.1:8082 content-length 35 content-type image/gif
POST H2	200	48953915 Show response mc.yandex.com/webvisor/	43 B 145 B	176ms 89ms	XHR image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=2&wv-hit=849448831&page-url=https%3A%2F%2Fask.fm%2Fcoffeeblood297&rn=435372229&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1629908862%3Aw%3A1600x1200%3Av%3A624%3Az%3A120%3Ai%3A20210825182742%3Au%3A1629908857121442250%3Avf%3A25rt5xty9edhsiwwad%3Awe%3A1%3Ati%3A2%3Ast%3A1629908862 Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 25 Aug 2021 16:27:42 GMT last-modified Wed, 25-Aug-2021 16:27:42 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Wed, 25-Aug-2021 16:27:42 GMT
GET H2	200	/ Show response onetag-sys.com/usync/ Frame 8DA0	2 KB 823 B	29ms 26ms	Document text/html	51.89.9.251 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/usync/?cb=1629908860924 Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip251.ip-51-89-9.eu Software / Resource Hash 37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers :method GET :authority onetag-sys.com :scheme https :path /usync/?cb=1629908860924 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ask.fm/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers content-type text/html cache-control no-transform, no-cache content-encoding gzip content-length 731 strict-transport-security max-age=15552000
GET H2	403	connectmyusers.php cdn.connectad.io/ Frame 969F	0 0	13ms 11ms	Document text/html	2606:4700:10::6816:37ce CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.connectad.io/connectmyusers.php? Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers :method GET :authority cdn.connectad.io :scheme https :path /connectmyusers.php? pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ask.fm/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers date Wed, 25 Aug 2021 16:27:44 GMT content-type text/html; charset=UTF-8 x-frame-options SAMEORIGIN cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 expires Thu, 01 Jan 1970 00:00:01 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding server cloudflare cf-ray 684630814fcf4401-FRA content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H2	200	apacdex Show response sync.quantumdex.io/usersync/ Frame E35A	3 KB 1 KB	141ms 132ms	Document text/html	2606:4700:20::ac43:47f1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sync.quantumdex.io/usersync/apacdex Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 350ca5af5ef22f815da561b1cdb4abe66d8bbcd8f65fcc95a53551c515cc2e70 Request headers :method GET :authority sync.quantumdex.io :scheme https :path /usersync/apacdex pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ask.fm/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers date Wed, 25 Aug 2021 16:27:44 GMT content-type text/html set-cookie uid=804896fa-9742-4e5f-8f3b-8424f8290d82; expires=Tue, 14 Sep 2021 16:27:44 GMT; domain=quantumdex.io; path=/; secure; SameSite=None cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2Bxl39ltUoe13bXHODhSrvGpc7wCjTzLv5Zwyku%2BaUl8Pc8POVE4%2FfpQyhBbnXO2NXCFyxX%2BIhqeQgH0noUVywVsfw9t3164JoqVItMBSxAGMwYONshqZuZTd4XroA1kvcYg1honErvhRlBKJvEKyw%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 684630815fa95b74-FRA content-encoding br
GET H/1.1	200 OK	ixmatch.html Show response js-sec.indexww.com/um/ Frame DCCD	2 KB 1 KB	72ms 25ms	Document text/html	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://js-sec.indexww.com/um/ixmatch.html Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c Request headers Host js-sec.indexww.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://ask.fm/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers Server Apache Last-Modified Thu, 11 Feb 2021 16:12:45 GMT ETag "e20015-90b-5bb11ca420f07" Accept-Ranges bytes P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type text/html; charset=UTF-8 Vary Accept-Encoding Content-Encoding gzip Content-Length 1151 Date Wed, 25 Aug 2021 16:27:44 GMT Connection keep-alive
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/dmp/ Frame CE7D	52 KB 17 KB	83ms 27ms	Document text/html	151.101.13.108 FASTLY
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx/1.13.10 / Resource Hash 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://ask.fm/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers Connection keep-alive Content-Length 17053 Server nginx/1.13.10 Content-Type text/html Last-Modified Wed, 02 Dec 2020 20:56:47 GMT ETag W/"5fc7ff8f-cf34" Expires Fri, 30 Jul 2021 04:43:13 GMT Cache-Control max-age=86402 Access-Control-Allow-Origin * Content-Encoding gzip Via 1.1 varnish, 1.1 varnish Accept-Ranges bytes Date Wed, 25 Aug 2021 16:27:44 GMT Age 42142 X-Served-By cache-lga21936-LGA, cache-fra19126-FRA X-Cache HIT, HIT X-Cache-Hits 1, 322469 X-Timer S1629908864.288106,VS0,VE0 Vary Accept-Encoding
GET		sync pixel.advertising.com/ups/58474/ Redirect Chain https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=d2bba3aa-8054-463e-894a-8d80535ad732 https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=d2bba3aa-8054-463e-894a-8d80535ad732&verify=true	0 0
GET H2	204	setuid prebid.a-mo.net/ Redirect Chain https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dd2bba3aa-8054-463e-894a-8d80535ad732%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dd2bba3aa-8054-463e-894a-8d80535ad732%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID https://prebid.a-mo.net/setuid?A=d2bba3aa-8054-463e-894a-8d80535ad732&D=&bidder=pubmatic&uid=1A6E6019-11EF-420D-BC6D-39F5E4AAA628	0 123 B	130ms 129ms	Image text/plain	147.75.38.124 PACKET
General Check archive.org Show headers Download Go to Show image Full URL https://prebid.a-mo.net/setuid?A=d2bba3aa-8054-463e-894a-8d80535ad732&D=&bidder=pubmatic&uid=1A6E6019-11EF-420D-BC6D-39F5E4AAA628 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 25 Aug 2021 16:27:43 GMT cache-control max-age=0, private, must-revalidate x-envoy-upstream-service-time 6 server envoy vary Accept-Encoding Redirect headers location https://prebid.a-mo.net/setuid?A=d2bba3aa-8054-463e-894a-8d80535ad732&D=&bidder=pubmatic&uid=1A6E6019-11EF-420D-BC6D-39F5E4AAA628 date Wed, 25 Aug 2021 16:27:44 GMT cache-control no-store, no-cache, private server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H2	204	setuid prebid.a-mo.net/ Redirect Chain https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dd2bba3aa-8054-463e-894a-8d80535ad732%26D%3D%26bidder%3Dindex_rtb%26uid%3D https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dd2bba3aa-8054-463e-894a-8d80535ad732%26D%3D%26bidder%3Dindex_rtb%26uid%3D&s=191503&C=1 https://prebid.a-mo.net/setuid?A=d2bba3aa-8054-463e-894a-8d80535ad732&D=&bidder=index_rtb&uid=YSZvgL2ARPHYv6ld-jxJGAAA%261175	0 119 B	121ms 120ms	Image text/plain	147.75.38.124 PACKET
General Check archive.org Show headers Download Go to Show image Full URL https://prebid.a-mo.net/setuid?A=d2bba3aa-8054-463e-894a-8d80535ad732&D=&bidder=index_rtb&uid=YSZvgL2ARPHYv6ld-jxJGAAA%261175 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 25 Aug 2021 16:27:43 GMT cache-control max-age=0, private, must-revalidate x-envoy-upstream-service-time 4 server envoy vary Accept-Encoding Redirect headers Pragma no-cache Date Wed, 25 Aug 2021 16:27:44 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://prebid.a-mo.net/setuid?A=d2bba3aa-8054-463e-894a-8d80535ad732&D=&bidder=index_rtb&uid=YSZvgL2ARPHYv6ld-jxJGAAA%261175 Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 321 Expires Wed, 25 Aug 2021 16:27:44 GMT
GET H2	204	setuid prebid.a-mo.net/ Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dd2bba3aa-8054-463e-894a-8d80535ad732%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253Dd2bba3aa-8054-463e-894a-8d80535ad732%2526D%253D%2526bidder%253Dappnexus%2526uid%253D%2524UID https://prebid.a-mo.net/setuid?A=d2bba3aa-8054-463e-894a-8d80535ad732&D=&bidder=appnexus&uid=3036622963926583299	0 154 B	118ms 117ms	Image text/plain	147.75.38.124 PACKET
General Check archive.org Show headers Download Go to Show image Full URL https://prebid.a-mo.net/setuid?A=d2bba3aa-8054-463e-894a-8d80535ad732&D=&bidder=appnexus&uid=3036622963926583299 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 25 Aug 2021 16:27:43 GMT cache-control max-age=0, private, must-revalidate x-envoy-upstream-service-time 2 server envoy vary Accept-Encoding Redirect headers Pragma no-cache Date Wed, 25 Aug 2021 16:27:44 GMT X-Proxy-Origin 185.180.15.211; 185.180.15.211; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid f9249244-80f3-4273-afa9-2d030ac95dab Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://prebid.a-mo.net/setuid?A=d2bba3aa-8054-463e-894a-8d80535ad732&D=&bidder=appnexus&uid=3036622963926583299 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	204	setuid prebid.a-mo.net/ Redirect Chain https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dd2bba3aa-8054-463e-894a-8d80535ad732%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dd2bba3aa-8054-463e-894a-8d80535ad732%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true https://prebid.a-mo.net/setuid?A=d2bba3aa-8054-463e-894a-8d80535ad732&D=&bidder=sovrn&uid=deea1eef1ede436936666d9f	0 139 B	131ms 130ms	Image text/plain	147.75.38.124 PACKET
General Check archive.org Show headers Download Go to Show image Full URL https://prebid.a-mo.net/setuid?A=d2bba3aa-8054-463e-894a-8d80535ad732&D=&bidder=sovrn&uid=deea1eef1ede436936666d9f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 25 Aug 2021 16:27:44 GMT cache-control max-age=0, private, must-revalidate x-envoy-upstream-service-time 6 server envoy vary Accept-Encoding Redirect headers Date Wed, 25 Aug 2021 16:27:44 GMT Server nginx Location https://prebid.a-mo.net/setuid?A=d2bba3aa-8054-463e-894a-8d80535ad732&D=&bidder=sovrn&uid=deea1eef1ede436936666d9f Access-Control-Allow-Methods GET, POST, DELETE, PUT Access-Control-Allow-Origin * Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap7ams1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 0
GET H2	204	/ onetag-sys.com/usync/	0 52 B	28ms 27ms	Image text/plain	51.89.9.251 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/usync/?tag=img Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip251.ip-51-89-9.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000 cache-control no-cache, no-transform
GET H/1.1	200 OK	Cookie set usermatch Show response ssum-sec.casalemedia.com/ Frame C837	2 KB 3 KB	75ms 32ms	Document text/html	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/um/ixmatch.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 985340fc705f304837eeecacb2d1a8fd20fbb4d970d1bb5ee821ce2683e224e6 Request headers Host ssum-sec.casalemedia.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://js-sec.indexww.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie CMID=YSZvgL2ARPHYv6ld-jxJGAAA; CMPS=1148 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://js-sec.indexww.com/ Response headers Server Apache Content-Type text/html Dropped-Udsids 39|230|45|241|123|195|111|13 P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Vary Is-Traffic-Usersync Content-Length 1768 Expires Wed, 25 Aug 2021 16:27:44 GMT Cache-Control max-age=0, no-cache, no-store Pragma no-cache Date Wed, 25 Aug 2021 16:27:44 GMT Connection keep-alive Set-Cookie CMID=YSZvgL2ARPHYv6ld-jxJGAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 25 Aug 2022 16:27:44 GMT CMPS=1148;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 23 Nov 2021 16:27:44 GMT CMPRO=1175;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 23 Nov 2021 16:27:44 GMT CMRUM3=e661266f802760&c361266f8005a00&f161266f8005a0&7b61266f8005a00&0d61266f8005a0&2761266f800b40&2d61266f8005a0&6f61266f8005a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 25 Aug 2022 16:27:44 GMT CMST=YSZvgGEmb4AA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 26 Aug 2021 16:27:44 GMT
POST H2	200	48953915 Show response mc.yandex.com/webvisor/	43 B 145 B	44ms 43ms	XHR image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=3&wv-hit=849448831&page-url=https%3A%2F%2Fask.fm%2Fcoffeeblood297&rn=277792687&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1629908864%3Aw%3A1600x1200%3Av%3A624%3Az%3A120%3Ai%3A20210825182744%3Au%3A1629908857121442250%3Avf%3A25rt5xty9edhsiwwad%3Awe%3A1%3Ati%3A2%3Ast%3A1629908864 Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 25 Aug 2021 16:27:44 GMT last-modified Wed, 25-Aug-2021 16:27:44 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Wed, 25-Aug-2021 16:27:44 GMT
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame CE7D	0 733 B	31ms 30ms	Script text/html	37.252.173.62 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 25 Aug 2021 16:27:44 GMT X-Proxy-Origin 185.180.15.211; 185.180.15.211; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 4599f412-fe38-4ba9-af1d-4c67bc06b137 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200	1.gif id5-sync.com/c/495/0/0/ Frame E35A Redirect Chain https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=	43 B 1 KB	33ms 33ms	Image image/gif	51.89.21.21 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent= Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.89.21.21 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS p13.id5-sync.com Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 25 Aug 2021 16:27:43 GMT Transfer-Encoding chunked Content-Type image/gif;charset=UTF-8 Strict-Transport-Security max-age=63072000; includeSubDomains; preload P3P CP="CAO PSA OUR" Redirect headers Location https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent= Date Wed, 25 Aug 2021 16:27:43 GMT Transfer-Encoding chunked Strict-Transport-Security max-age=63072000; includeSubDomains; preload P3P CP="CAO PSA OUR"
GET H2	200	setuid sync.quantumdex.io/ Frame E35A Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3036622963926583299	43 B 333 B	123ms 123ms	Image image/gif	2606:4700:20::ac43:47f1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3036622963926583299 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 25 Aug 2021 16:27:44 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r1efWuALO8CQYx65DNhuZJeaCZn8rbh1y5gw%2BwLBcfYKYSbDYLD4qHyRonOfEha5Js6C54lRTxiSvdfxW9OQ4tvIOVNm4Jwlv2Xi32dfxfWXdjFoBzRulKny4DVXa8RwbvduTTDc6ivscbF9J5Ztbg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 6846308269805b74-FRA content-length 43 Redirect headers Pragma no-cache Date Wed, 25 Aug 2021 16:27:44 GMT X-Proxy-Origin 185.180.15.211; 185.180.15.211; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 778c925e-5822-4a1c-b96c-6ff156d5b425 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3036622963926583299 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	setuid sync.quantumdex.io/ Frame E35A Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3036622963926583299	43 B 330 B	128ms 127ms	Image image/gif	2606:4700:20::ac43:47f1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3036622963926583299 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 25 Aug 2021 16:27:44 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eKvWnW6X%2B3lwuib4ObvTlZdttVt7%2FVfXl6fdYnEDvC4k9V1xWXgdJ4c%2BOCvkHhBRl%2BwmcBOHilqW64AZZa%2BVvhl5MrxYEMH75%2FaYGLfUuQ57s48b8ePDKRdinR7hvVF1Gcswmz3djnDK%2BFec7seBjg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 6846308289cb5b74-FRA content-length 43 Redirect headers Pragma no-cache Date Wed, 25 Aug 2021 16:27:44 GMT X-Proxy-Origin 185.180.15.211; 185.180.15.211; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 1239c6ca-6168-44f0-a6b5-f94edf12a9c6 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3036622963926583299 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	setuid sync.quantumdex.io/ Frame E35A Redirect Chain https://ms.quantumdex.io/user/sync/quantumdex https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=6ab46a2c-c71f-4589-8d8c-22e1a7765045	43 B 323 B	129ms 129ms	Image image/gif	2606:4700:20::ac43:47f1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=6ab46a2c-c71f-4589-8d8c-22e1a7765045 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 25 Aug 2021 16:27:44 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f77fLMB2HwWYcUmb1vfFPCLuVpokwhDT3HoQGkaHiKrVa1oR7Zw8cexjitpSsPtVju5cbp%2Bxp8685pZLt1sZ1VHxrCd0QTYDZ13ICkzNBPZX5lsGzwv9BlWlm5yDqk44YyL7mgZguE%2FUrBpZgiPdeQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 68463082ea645b74-FRA content-length 43 Redirect headers date Wed, 25 Aug 2021 16:27:44 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9TjmuFz1hXjAXdhFy3yX2n7BkiRg0tr2MK4BN4g2KLFY3o9GjLJflhCGMSuCAqmJmImOrhVF1yWmrqNd1Tl8a6Z1Eeq%2BFfM4M3Ed%2FuXQ3fkT0h5ZoPJgXXOwpBKKdgq9u0WqZjb2sYdXegVN53c%3D"}],"group":"cf-nel","max_age":604800} location https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=6ab46a2c-c71f-4589-8d8c-22e1a7765045 cf-ray 6846308249545b74-FRA content-length 0
GET H/1.1	200 OK	us sync.go.sonobi.com/ Frame E35A	0 474 B	138ms 32ms	Image text/plain	178.162.133.149 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-sync.go.sonobi.com Software sonobi-go / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 25 Aug 2021 16:27:44 GMT Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-9 P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache, no-store, private Tcn Choice Content-Type text/plain; charset=utf8 Content-Length 0 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT
GET H2	200	setuid sync.quantumdex.io/ Frame E35A Redirect Chain https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP6038e178-05c1-11ec-b3fa-02469749efa6 https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP6038e178-05c1-11ec-b3fa-02469749efa6&verify=true https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP6038e178-05c1-11ec-b3fa-02469749efa6	43 B 353 B	129ms 128ms	Image image/gif	2606:4700:20::ac43:47f1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP6038e178-05c1-11ec-b3fa-02469749efa6 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 25 Aug 2021 16:27:44 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0TbBiIV2jx4jzakH9Csn9xKXxqn%2FuPke%2Bt0iDyA%2ByGEg1GsFji0kutq2pKLas1l3D%2BFQhZGvaxW3SP9RchY%2FYW3D3lM%2FcmhhFSzghWvhF3iS1rR3ErLwSzpC6SrQMkfLkAk09b04gOMHFvrYv6i%2Bxw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 684630832af25b74-FRA content-length 43 Redirect headers Date Wed, 25 Aug 2021 16:27:44 GMT Server ATS/7.1.2.138 Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Location https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP6038e178-05c1-11ec-b3fa-02469749efa6 Connection keep-alive Content-Length 0
GET H2	200	setuid sync.quantumdex.io/ Frame E35A Redirect Chain https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID https://sync.quantumdex.io/setuid?bidder=sovrn&uid=deea1eef1ede436936666d9f	43 B 325 B	134ms 133ms	Image image/gif	2606:4700:20::ac43:47f1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=sovrn&uid=deea1eef1ede436936666d9f Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 25 Aug 2021 16:27:44 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AcpmvyXgGU52757oAWFmIi3mVnyYzi9jqmNtFm7CGqUynWmf%2F6oMkeJ0S%2BnF4y1RFrBpGyphnkdmDRuU0EvXGMIHJ7prdooslUUEkk7LpKATUqmOXigQ97frfFvveJx%2BJF1r7dEhi3b4FhE94FXIZw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 68463082799c5b74-FRA content-length 43 Redirect headers Date Wed, 25 Aug 2021 16:27:44 GMT Server nginx Location https://sync.quantumdex.io/setuid?bidder=sovrn&uid=deea1eef1ede436936666d9f Access-Control-Allow-Methods GET, POST, DELETE, PUT Access-Control-Allow-Origin * Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap7ams1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 0
GET H2	200	setuid sync.quantumdex.io/ Frame E35A Redirect Chain https://ups.analytics.yahoo.com/ups/58424/occ https://ups.analytics.yahoo.com/ups/58424/occ?verify=true https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-jKM9NStE2uHmBvZso60KKwKaSVXmMaQ3H2UxKHw-~A	43 B 478 B	125ms 124ms	Image image/gif	2606:4700:20::ac43:47f1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-jKM9NStE2uHmBvZso60KKwKaSVXmMaQ3H2UxKHw-~A Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 25 Aug 2021 16:27:44 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mmI%2BiSAW6EwOgP%2F00TSNdPfS1qOif3FBoC3iOaCAnRpJrZPJMn7T3lcVddELnq5osGkBc1ZWJwVwtfoQhLiI7J8rDSRSUyxo4UK7GwtCM10UI00xUmLF3j9qPuqA1%2Fezn6YzKCIp058YDOxBS7IU%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 68463082fa955b74-FRA content-length 43 Redirect headers Date Wed, 25 Aug 2021 16:27:44 GMT Server ATS/7.1.2.138 Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Location https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-jKM9NStE2uHmBvZso60KKwKaSVXmMaQ3H2UxKHw-~A Connection keep-alive Content-Length 0
GET H2	200	setuid sync.quantumdex.io/ Frame E35A Redirect Chain https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=55f7665d-5f18-4df7-9d2f-0fbc2090f95c	43 B 326 B	130ms 129ms	Image image/gif	2606:4700:20::ac43:47f1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=55f7665d-5f18-4df7-9d2f-0fbc2090f95c Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 25 Aug 2021 16:27:44 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DoYUac%2BnWYJIE8vi2jTGjLPVGnK%2BqmIKTTvWTJud%2FD8v06BGs9FnyIUYCkceAPenJwvtlqb25ZCUuKlP44DyVJYmi4Li2GP2qkpY6cdUd67KiYs5pCyND35yQKJGHNnqZjxCgCGy7EjdnacRyjRhyg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 68463082da395b74-FRA content-length 43 Redirect headers location https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=55f7665d-5f18-4df7-9d2f-0fbc2090f95c date Wed, 25 Aug 2021 16:27:44 GMT content-length 0
GET H/1.1	200 OK	Cookie set usermatch Show response ssum-sec.casalemedia.com/ Frame 78ED	2 KB 2 KB	73ms 34ms	Document text/html	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash d1dc6e3b24038ad61400a38a7dcc91055c03f9d10fe4d3d93ad4a1a7595f7254 Request headers Host ssum-sec.casalemedia.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://sync.quantumdex.io/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie CMID=YSZvgL2ARPHYv6ld-jxJGAAA; CMPS=1148; CMPRO=1175; CMST=YSZvgGEmb4AA Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://sync.quantumdex.io/ Response headers Server Apache Content-Type text/html Dropped-Udsids 241|45|230|39|111|156|51|188 P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Vary Is-Traffic-Usersync Content-Length 1537 Expires Wed, 25 Aug 2021 16:27:44 GMT Cache-Control max-age=0, no-cache, no-store Pragma no-cache Date Wed, 25 Aug 2021 16:27:44 GMT Connection keep-alive Set-Cookie CMID=YSZvgL2ARPHYv6ld-jxJGAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 25 Aug 2022 16:27:44 GMT CMPS=1148;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 23 Nov 2021 16:27:44 GMT CMPRO=1175;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 23 Nov 2021 16:27:44 GMT CMRUM3=f161266f8005a0&e661266f802760&6f61266f8005a0&2d61266f8005a0&9c61266f8005a00&bc61266f8005a00&2761266f800b40&3361266f8005a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 25 Aug 2022 16:27:44 GMT
GET H2	200	/ Show response onetag-sys.com/usync/ Frame 648B	2 KB 823 B	27ms 27ms	Document text/html	51.89.9.251 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/usync/?pubId=2bb78272a859ca6 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip251.ip-51-89-9.eu Software / Resource Hash 37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers :method GET :authority onetag-sys.com :scheme https :path /usync/?pubId=2bb78272a859ca6 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://sync.quantumdex.io/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://sync.quantumdex.io/ Response headers content-type text/html cache-control no-transform, no-cache content-encoding gzip content-length 731 strict-transport-security max-age=15552000
GET H/1.1	200 OK	Cookie set uc.html Show response sync.go.sonobi.com/ Frame A1BB	43 B 555 B	132ms 32ms	Document text/html	178.162.133.149 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-sync.go.sonobi.com Software sonobi-go / Resource Hash bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25 Security Headers Name Value X-Xss-Protection 0 Request headers Host sync.go.sonobi.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://sync.quantumdex.io/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://sync.quantumdex.io/ Response headers Date Wed, 25 Aug 2021 16:27:44 GMT Content-Type text/html Transfer-Encoding chunked Expires Sat, 26 Jul 1997 05:00:00 GMT Cache-Control no-cache, no-store, private P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Pragma no-cache Tcn Choice Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-129 X-Xss-Protection 0 Content-Encoding gzip Server sonobi-go Set-Cookie HAPLB5S=s57129|YSZvg; path=/; domain=.go.sonobi.com
GET H2	200	user_sync.html Show response ads.pubmatic.com/AdServer/js/ Frame D126	14 KB 5 KB	70ms 22ms	Document text/html	2.18.233.180 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-233-180.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba Request headers :method GET :authority ads.pubmatic.com :scheme https :path /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://sync.quantumdex.io/ accept-encoding gzip, deflate, br accept-language en-US cookie KTPCACOOKIE=true; KADUSERCOOKIE=1A6E6019-11EF-420D-BC6D-39F5E4AAA628 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://sync.quantumdex.io/ Response headers last-modified Tue, 15 Jun 2021 06:08:03 GMT etag "1300708-3945-5c4c7cc02bd56" server Apache/2.2.15 (CentOS) accept-ranges bytes content-encoding gzip p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 5054 content-type text/html; charset=UTF-8 cache-control max-age=159196 expires Fri, 27 Aug 2021 12:41:00 GMT date Wed, 25 Aug 2021 16:27:44 GMT vary Accept-Encoding
GET H2	200	casale match.adsrvr.org/track/cmf/ Frame C837	70 B 264 B	163ms 54ms	Image image/gif	13.248.242.197 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/casale?gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.248.242.197 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a97adde81b00f2ca4.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 25 Aug 2021 16:27:44 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H/1.1	200 OK	usermatchredir ssum-sec.casalemedia.com/ Frame C837 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YSZvgL2ARPHYv6ld_jxJGAAABJcAAAAB&gdpr_consent=&us_privacy=&gdpr=1 https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YSZvgL2ARPHYv6ld_jxJGAAABJcAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOV-hkWubg-kFbPCz78YGPM&google_cver=1	43 B 315 B	32ms 32ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOV-hkWubg-kFbPCz78YGPM&google_cver=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 25 Aug 2021 16:27:44 GMT Server Apache Vary Is-Traffic-Usersync Content-Type image/gif Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 43 Expires Wed, 25 Aug 2021 16:27:44 GMT Redirect headers pragma no-cache date Wed, 25 Aug 2021 16:27:44 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOV-hkWubg-kFbPCz78YGPM&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 343 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame C837 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YSZvgL2ARPHYv6ld-jxJGAAA https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YSZvgL2ARPHYv6ld-jxJGAAA&google_tc= https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDhDyHC8kdExhaZrNBf4PaY&google_cver=1&gdpr=1	43 B 1001 B	29ms 27ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDhDyHC8kdExhaZrNBf4PaY&google_cver=1&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 25 Aug 2021 16:27:44 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Wed, 25 Aug 2021 16:27:44 GMT Redirect headers pragma no-cache date Wed, 25 Aug 2021 16:27:44 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDhDyHC8kdExhaZrNBf4PaY&google_cver=1&gdpr=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 325 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	dcm s.amazon-adsystem.com/ Frame C837 Redirect Chain https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSZvgL2ARPHYv6ld_jxJGAAABJcAAAAB https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSZvgL2ARPHYv6ld_jxJGAAABJcAAAAB&dcc=t	43 B 645 B	117ms 116ms	Image image/gif	209.54.176.128 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSZvgL2ARPHYv6ld_jxJGAAABJcAAAAB&dcc=t Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 25 Aug 2021 16:27:45 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid 8BGG37HXMH13QMNZNRJY Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Wed, 25 Aug 2021 16:27:44 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid EV2MWAJJGSJPHKS95BXT Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSZvgL2ARPHYv6ld_jxJGAAABJcAAAAB&dcc=t Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame C837 Redirect Chain https://sync.srv.stackadapt.com/sync?nid=68 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=TWEI6V5qSV1XJYkVOML4uLm0D9M	43 B 1 KB	32ms 32ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=TWEI6V5qSV1XJYkVOML4uLm0D9M Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 25 Aug 2021 16:27:45 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Wed, 25 Aug 2021 16:27:45 GMT Redirect headers Location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=TWEI6V5qSV1XJYkVOML4uLm0D9M Date Wed, 25 Aug 2021 16:27:45 GMT Connection keep-alive Content-Length 122 Content-Type text/html; charset=utf-8
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame C837 Redirect Chain https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-6b7fa374-6ba5-455f-855b-6e27f3765544	43 B 1 KB	27ms 27ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-6b7fa374-6ba5-455f-855b-6e27f3765544 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 25 Aug 2021 16:27:45 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Wed, 25 Aug 2021 16:27:45 GMT Redirect headers location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-6b7fa374-6ba5-455f-855b-6e27f3765544 date Wed, 25 Aug 2021 16:27:44 GMT server Apache-Coyote/1.1 content-length 0
GET H2	403	match c1.adform.net/serving/cookie/ Frame C837	0 331 B	105ms 33ms	Image text/plain	37.157.4.23 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://c1.adform.net/serving/cookie/match?party=29&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.4.23 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 25 Aug 2021 16:27:44 GMT server nginx access-control-max-age 86400 access-control-allow-methods GET access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame C837 Redirect Chain https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06a12204000d9a7f1024d7ce&expiration=[EXPIRATION]&gdpr=1	43 B 1013 B	57ms 27ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06a12204000d9a7f1024d7ce&expiration=[EXPIRATION]&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 25 Aug 2021 16:27:44 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Wed, 25 Aug 2021 16:27:44 GMT Redirect headers Location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06a12204000d9a7f1024d7ce&expiration=[EXPIRATION]&gdpr=1 Date Wed, 25 Aug 2021 16:27:44 GMT Access-Control-Allow-Credentials true X-Powered-By Express Content-Length 0 Vary Origin
GET H/1.1	200 OK	htw-pixel.gif js-sec.indexww.com/ht/ Frame C837	43 B 424 B	26ms 24ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://js-sec.indexww.com/ht/htw-pixel.gif?YSZvgL2ARPHYv6ld-jxJGAAA%261175 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 25 Aug 2021 16:27:44 GMT Last-Modified Tue, 24 Jan 2017 19:36:04 GMT Server Apache ETag "902a3d-2b-546dc3a097100" P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=608 Connection keep-alive Accept-Ranges bytes Content-Type image/gif Content-Length 43 Expires Wed, 25 Aug 2021 16:37:52 GMT
GET H/1.1	200 OK	dcm s.amazon-adsystem.com/ Frame 78ED Redirect Chain https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSZvgL2ARPHYv6ld_jxJGAAABJcAAAAB https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSZvgL2ARPHYv6ld_jxJGAAABJcAAAAB&dcc=t	43 B 645 B	117ms 116ms	Image image/gif	209.54.176.128 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSZvgL2ARPHYv6ld_jxJGAAABJcAAAAB&dcc=t Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 25 Aug 2021 16:27:45 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid MXYTHZ2CX8EB90QFWQRT Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Wed, 25 Aug 2021 16:27:44 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid FHVP97BHHWXZF0TACCNE Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSZvgL2ARPHYv6ld_jxJGAAABJcAAAAB&dcc=t Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame 78ED Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YSZvgL2ARPHYv6ld-jxJGAAA https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED1EKbHED6fqRZkN9c9zzbI&google_cver=1&gdpr=1	43 B 1001 B	56ms 55ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED1EKbHED6fqRZkN9c9zzbI&google_cver=1&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 25 Aug 2021 16:27:44 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Wed, 25 Aug 2021 16:27:44 GMT Redirect headers pragma no-cache date Wed, 25 Aug 2021 16:27:44 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED1EKbHED6fqRZkN9c9zzbI&google_cver=1&gdpr=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 325 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	usermatchredir ssum-sec.casalemedia.com/ Frame 78ED Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YSZvgL2ARPHYv6ld_jxJGAAABJcAAAAB&gdpr_consent=&us_privacy=&gdpr=1 https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YSZvgL2ARPHYv6ld_jxJGAAABJcAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEC3G3fsLXJHI-GNvLJzfBww&google_cver=1	43 B 315 B	25ms 25ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEC3G3fsLXJHI-GNvLJzfBww&google_cver=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 25 Aug 2021 16:27:44 GMT Server Apache Vary Is-Traffic-Usersync Content-Type image/gif Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 43 Expires Wed, 25 Aug 2021 16:27:44 GMT Redirect headers pragma no-cache date Wed, 25 Aug 2021 16:27:44 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEC3G3fsLXJHI-GNvLJzfBww&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 343 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	casale match.adsrvr.org/track/cmf/ Frame 78ED	70 B 265 B	117ms 50ms	Image image/gif	13.248.242.197 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/casale?gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.248.242.197 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a97adde81b00f2ca4.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 25 Aug 2021 16:27:44 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H2	403	match c1.adform.net/serving/cookie/ Frame 78ED	0 330 B	64ms 33ms	Image text/plain	37.157.4.23 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://c1.adform.net/serving/cookie/match?party=29&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.4.23 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 25 Aug 2021 16:27:44 GMT server nginx access-control-max-age 86400 access-control-allow-methods GET access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H/1.1	200 OK	cookiesync bttrack.com/pixel/ Frame 78ED	35 B 380 B	707ms 114ms	Image image/gif	192.132.33.46 BIDTELLECT
General Check archive.org Show headers Download Go to Show image Full URL https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US), Reverse DNS 46.bidtellect.com Software Microsoft-IIS/8.5 / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers X-ServerName Track001-dc3 Pragma no-cache Date Wed, 25 Aug 2021 16:27:23 GMT X-AspNetMvc-Version 5.2 Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 P3P CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC" Cache-Control private,no-cache Content-Type image/gif Content-Length 35 Expires -1
GET H2	200	sync x.bidswitch.net/ Frame 78ED	43 B 146 B	77ms 24ms	Image image/gif	3.64.77.7 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?ssp=index&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.64.77.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-64-77-7.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 25 Aug 2021 16:27:44 GMT cache-control no-cache, no-store, must-revalidate content-length 43 content-type image/gif
GET H/1.1	200 OK	CookieIndex rtb.adentifi.com/ Frame 78ED	0 88 B	692ms 120ms	Image text/plain	54.236.227.29 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://rtb.adentifi.com/CookieIndex Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.236.227.29 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-236-227-29.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Connection keep-alive Content-Length 0 Content-Type text/plain
GET H2	200	setuid sync.quantumdex.io/ Frame 78ED	43 B 333 B	132ms 130ms	Image image/gif	2606:4700:20::ac43:47f1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=ix&uid=YSZvgL2ARPHYv6ld_jxJGAAABJcAAAAB Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 25 Aug 2021 16:27:44 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZbgDO%2F85m5deyK3VdvODKSJe%2Bm9ioTqXBXDgZftMOrEp%2FP3DK0o%2FueEjUfh0yWggutiicuP%2BLZRtz7ECx24YpRlwpKm9JtF%2BHrJigERtXLTHoh9r4IsXkuUd%2BN9uuyiSKXjY9E%2F%2FRLs01CxoiX45pQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 68463082ca265b74-FRA content-length 43
GET H2	200	PugMaster Show response image6.pubmatic.com/AdServer/ Frame D126	0 42 B	344ms 31ms	Script text/plain	185.64.190.78 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=24540049&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 25 Aug 2021 16:27:44 GMT content-length 0
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame CE7D	0 733 B	30ms 29ms	Script text/html	37.252.173.62 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 25 Aug 2021 16:27:45 GMT X-Proxy-Origin 185.180.15.211; 185.180.15.211; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 9f5067cd-96d7-45c0-9c5c-aaa1bef2339d Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

i.connectad.io

URL

https://i.connectad.io/api/v2

Domain

pixel.advertising.com

URL

https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=d2bba3aa-8054-463e-894a-8d80535ad732&verify=true