ask.fm Open in urlscan Pro
193.138.77.147  Public Scan

12 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

• https://mc.yandex.com/sync_cookie_image_check HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9348.kEx0m18UaePeYXTVECRliaM4miudak-ma6zZmfgCyZsradkhDazms4XU9vsuZoEW.ufSNkqwpOvvH8J9aNFmMstdtZ0U%2C HTTP 302
• https://mc.yandex.com/sync_cookie_image_decide?token=9348.N75YOM0xML5V4T9GSZGejP_KCddxF2jovaj3A8roD5vGlpCwlLJqpJUv6rldIuMobPegD4nBHmg_ATKACEXWMQ%2C%2C.33wU_spNKIrUzwWHtZB3byceQAA%2C

Request Chain 10

• https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fquillcrate008&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A777%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A606%3Acn%3A1%3Adp%3A0%3Als%3A400404979094%3Ahid%3A326269779%3Az%3A120%3Ai%3A202107290001033%3Aet%3A1627510234%3Ac%3A1%3Arn%3A468620430%3Au%3A1627510234327501622%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627510233015%3Ads%3A1%2C358%2C200%2C1%2C0%2C0%2C%2C84%2C112%2C%2C%2C%2C647%3Adsn%3A1%2C359%2C199%2C1%2C0%2C0%2C%2C86%2C112%2C%2C%2C%2C647%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627510234%3At%3Apadillasanchez997%20(%40quillcrate008)%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm HTTP 302
• https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fquillcrate008&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A777%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A606%3Acn%3A1%3Adp%3A0%3Als%3A400404979094%3Ahid%3A326269779%3Az%3A120%3Ai%3A202107290001033%3Aet%3A1627510234%3Ac%3A1%3Arn%3A468620430%3Au%3A1627510234327501622%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627510233015%3Ads%3A1%2C358%2C200%2C1%2C0%2C0%2C%2C84%2C112%2C%2C%2C%2C647%3Adsn%3A1%2C359%2C199%2C1%2C0%2C0%2C%2C86%2C112%2C%2C%2C%2C647%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627510234%3At%3Apadillasanchez997%20%28%40quillcrate008%29%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm

Request Chain 26

• https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=7nxoZ3xpN0o4TkZRQW9BMStBVVlQWFk4OUhmNEE1M1c2M3dyL0xoZjN2L295MHVTcEZtZkIvcEd5c0ZoNWorenlVWTBucmtGamxjM3YybjRLNXJPREhLekdzcitTY3J6QUc3N3V3K0VvemJUOGhuampNMERHRU5LZGNBbTl1b3Q1dzI0a3Jxb1FML3VISzVJUWVrQ1k2TlVGRis3eC82MSsrU0x3bmZEbW1ETmtRcEV5RzhtekVidFZhOURHU29QdkVnS25qTW43ZjdHRVJvdVN2dHdMZlBrMWl3PT18&cppv=2

Request Chain 50

• https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D0cacc8a1-a48a-4c3d-8043-79c305f9b7ac%26D%3D%26bidder%3Dindex_rtb%26uid%3D HTTP 302
• https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D0cacc8a1-a48a-4c3d-8043-79c305f9b7ac%26D%3D%26bidder%3Dindex_rtb%26uid%3D&s=191503&C=1 HTTP 302
• https://prebid.a-mo.net/setuid?A=0cacc8a1-a48a-4c3d-8043-79c305f9b7ac&D=&bidder=index_rtb&uid=YQHV4Mf2h-z3aqpS.cmebAAA%261192

Request Chain 51

• https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D0cacc8a1-a48a-4c3d-8043-79c305f9b7ac%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
• https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D0cacc8a1-a48a-4c3d-8043-79c305f9b7ac%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
• https://prebid.a-mo.net/setuid?A=0cacc8a1-a48a-4c3d-8043-79c305f9b7ac&D=&bidder=pubmatic&uid=2C7495CF-BCCE-4A7E-94D0-0EDEFF9AF2D7

Request Chain 52

• https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D0cacc8a1-a48a-4c3d-8043-79c305f9b7ac%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
• https://prebid.a-mo.net/setuid?A=0cacc8a1-a48a-4c3d-8043-79c305f9b7ac&D=&bidder=appnexus&uid=3551943937199483238

Request Chain 54

• https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=0cacc8a1-a48a-4c3d-8043-79c305f9b7ac HTTP 302
• https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=0cacc8a1-a48a-4c3d-8043-79c305f9b7ac&verify=true HTTP 302
• https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=0cacc8a1-a48a-4c3d-8043-79c305f9b7ac&apid=UPa53fc051-eff0-11eb-bc80-06130483c6b8 HTTP 302
• https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=0cacc8a1-a48a-4c3d-8043-79c305f9b7ac&apid=UPa53fc051-eff0-11eb-bc80-06130483c6b8&verify=true HTTP 302
• https://prebid.a-mo.net/setuid/verizon_video?uid=UPa53fc051-eff0-11eb-bc80-06130483c6b8&gdpr=0&gdpr_consent=

Request Chain 55

• https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D0cacc8a1-a48a-4c3d-8043-79c305f9b7ac%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
• https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D0cacc8a1-a48a-4c3d-8043-79c305f9b7ac%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
• https://prebid.a-mo.net/setuid?A=0cacc8a1-a48a-4c3d-8043-79c305f9b7ac&D=&bidder=sovrn&uid=5efb7a4ab5fe2707e2f9c316

Request Chain 58

• https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
• https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-2029e41f-e4fb-4e58-983d-ea90a70af89a

Request Chain 59

• https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
• https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5081143696080428468

Request Chain 60

• https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
• https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5420838695990254616

Request Chain 61

• https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
• https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=c4ab6bd6-e3c6-4b80-b14e-9b701b12bb14

Request Chain 63

• https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D HTTP 302
• https://sync.quantumdex.io/setuid?bidder=sonobi&uid=f5a3b801-45b0-460c-8185-3b2218ad56ff

Request Chain 64

• https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
• https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=b4fbc017-5dca-4809-837b-d9bc043c832a

Request Chain 65

• https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
• https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
• https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-w7DgxBNE2uEuEH5IWPS8abWgXsJHAwL871yVYl4-~A

Request Chain 66

• https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
• https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPa53fc051-eff0-11eb-bc80-06130483c6b8 HTTP 302
• https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPa53fc051-eff0-11eb-bc80-06130483c6b8

Request Chain 67

• https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
• https://sync.quantumdex.io/setuid?bidder=sovrn&uid=5efb7a4ab5fe2707e2f9c316

Request Chain 73

• https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
• https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 76

• https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQHV4Mf2h_z3aqpS-cmebAAABKgAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YQHV4Mf2h_z3aqpS-cmebAAABKgAAAIB&gdpr_consent=&us_privacy=&gdpr=&google_tc= HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELiwJ1Tzq7cqiQvkP-v7aPE&google_cver=1

Request Chain 77

• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YQHV4Mf2h_z3aqpS-cmebAAABKgAAAIB HTTP 302
• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YQHV4Mf2h_z3aqpS-cmebAAABKgAAAIB&dcc=t

Request Chain 78

• https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YQHV4Mf2h-z3aqpS.cmebAAA HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDKRi7LJo5LX-X7Zv9C2wXs&google_cver=1&google_hm=2

Request Chain 80

• https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=57f96101-d5e1-4c00-89f2-405462dedbeb

Request Chain 81

• https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
• https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48 HTTP 302
• https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=52bf027f-ef14-4ecb-a66f-01adb1585e65-6101d5e1-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D52bf027f-ef14-4ecb-a66f-01adb1585e65-6101d5e1-4348%26partner_url%3Dhttps%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D52bf027f-ef14-4ecb-a66f-01adb1585e65-6101d5e1-4348%2526expiration%253D1630102241 HTTP 302
• https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=52bf027f-ef14-4ecb-a66f-01adb1585e65-6101d5e1-4348&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D52bf027f-ef14-4ecb-a66f-01adb1585e65-6101d5e1-4348%26expiration%3D1630102241 HTTP 302
• https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=52bf027f-ef14-4ecb-a66f-01adb1585e65-6101d5e1-4348&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D52bf027f-ef14-4ecb-a66f-01adb1585e65-6101d5e1-4348%26expiration%3D1630102241 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=52bf027f-ef14-4ecb-a66f-01adb1585e65-6101d5e1-4348&expiration=1630102241

Request Chain 82

• https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=niPMO8wnmTuFK5ppzifRPc4mzTmFIskzmCohXcZS

Request Chain 84

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=4d443a3ea2&gdpr=0&gdpr_consent= HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=4d443a3ea2&gdpr=0&gdpr_consent= HTTP 302
• https://sync.go.sonobi.com/us.gif?nw=td&nuid=80c406ce-193a-4ac3-b4c1-83a42b09f513&pubid=4d443a3ea2

Request Chain 85

• https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=6f9d1ddb-408b-495a-a1d6-d650e8d8646f&google_hm=NmY5ZDFkZGItNDA4Yi00OTVhLWExZDYtZDY1MGU4ZDg2NDZm HTTP 302
• https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEOv8XqoQFhiPNPr3IIcWkPg&google_cver=1&ssp=sonobi&bsw_param=6f9d1ddb-408b-495a-a1d6-d650e8d8646f HTTP 302
• https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=6f9d1ddb-408b-495a-a1d6-d650e8d8646f

Request Chain 86

• https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
• https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=61bc6101-d5e1-4400-82b8-70ee3d80b8c5

Request Chain 87

• https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=39dbc767-2b19-4cc2-bd84-d1bb4d5c875d&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=ZHZ5WHlmRnBISzhmUHNRaHpOcWd0QQ&gdpr=&gdpr_consent= HTTP 302
• https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEIVjTl_G3Mbzb1eQ4bZkSEc&google_cver=1 HTTP 302
• https://sync.go.sonobi.com/us.gif?nw=pp&nuid=TIqOf93RBcv0

Request Chain 88

• https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
• https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1871316021985262079

Request Chain 89

• https://sync.1rx.io/usersync2/sonobi&gdpr=0&gdpr_consent= HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=375455470 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=375455470 HTTP 302
• https://sync.1rx.io/usersync/tradedesk/a132b6d6-60cb-4291-8866-d11de8be647b HTTP 302
• https://sync.targeting.unrulymedia.com/csync/RX-0a6cab2c-1746-46a5-863e-1eeac76035a9-003?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Drhythmxchange%26nuid%3DRX-0a6cab2c-1746-46a5-863e-1eeac76035a9-003 HTTP 302
• https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-0a6cab2c-1746-46a5-863e-1eeac76035a9-003

Request Chain 90

• https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=MzlkYmM3NjctMmIxOS00Y2MyLWJkODQtZDFiYjRkNWM4NzVk HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm=&google_hm=MzlkYmM3NjctMmIxOS00Y2MyLWJkODQtZDFiYjRkNWM4NzVk&google_tc= HTTP 302
• https://sync.go.sonobi.com/usg.gif?google_gid=CAESEO4zpjPuRty-7nqsyyVRmFE&google_cver=1

Request Chain 91

• https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YQHV4Mf2h-z3aqpS.cmebAAA HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDKRi7LJo5LX-X7Zv9C2wXs&google_cver=1&google_hm=2

Request Chain 92

• https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQHV4Mf2h_z3aqpS-cmebAAABKgAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YQHV4Mf2h_z3aqpS-cmebAAABKgAAAIB&gdpr_consent=&us_privacy=&gdpr=&google_tc= HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEA_h_wqf4u73TD30z4g8grQ&google_cver=1

Request Chain 93

• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YQHV4Mf2h_z3aqpS-cmebAAABKgAAAIB HTTP 302
• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YQHV4Mf2h_z3aqpS-cmebAAABKgAAAIB&dcc=t

Request Chain 95

• https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
• https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3290914281251210568

Request Chain 96

• https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YQHV4Mf2h-z3aqpS.cmebAAA%261192?gdpr_consent=&us_privacy=&gdpr= HTTP 302
• https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YQHV4Mf2h-z3aqpS.cmebAAA%261192?gdpr_consent=&us_privacy=&gdpr=

Request Chain 97

• https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=09486101-d5e1-4400-9c46-68e25564c37e

Request Chain 98

• https://d.adroll.com/cm/index/ssp HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0

101 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set quillcrate008 Show response ask.fm/	15 KB 6 KB	560ms 200ms	Document text/html	193.138.77.147 ASK-FM
General Check archive.org Show headers Download Go to Full URL https://ask.fm/quillcrate008 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.138.77.147 , Latvia, ASN395754 (ASK-FM, US), Reverse DNS Software Ask.FM Web Service / Resource Hash ceab6947b0794bc0e6beebc9a72a1a06386477babfd4ebe5493fa3c0c49c1f5e Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Host ask.fm Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Status 200 OK Cache-Control max-age=0, private, must-revalidate ETag W/"d5c281f7294b5be2816b271bb58d9365" X-Frame-Options SAMEORIGIN X-XSS-Protection 1; mode=block X-Content-Type-Options nosniff Date Wed, 28 Jul 2021 22:10:33 GMT Set-Cookie locale=en; path=/; expires=Fri, 29 Jul 2022 04:10:33 -0000 uuid=f124e007-903d-40d4-b805-e99aad392916; path=/; expires=Fri, 29 Jul 2022 04:10:33 -0000; secure; HttpOnly country=CH; path=/; expires=Fri, 29 Jul 2022 04:10:33 -0000 traffic_source=organic; path=/; expires=Fri, 30 Jul 2021 22:10:33 -0000 _m_ask_fm_session=NWFhL2piUVZtandZZXlyTGtJMlFUcmhZcitoZGdGdXZOYVJFNDd3M1R4dXRkd2wrMkY2Ukp3YUJEZUVQYm40dHdaaHFVd0J3Z3JBRStsRHJiZGRHMTY3SHVqcFBMTEpuQnc5UGt6SnRSOCt2ZElWL0N0QU9sSnBOWVJGcGZ6Z1ZQejBMV2g5L1F0ZDZWUm5SR29jZ2lJV0piczRLaVV4UjNNdmJ3eUQrclQxWFJlUnpwbHNZYkFselU3WWdtd3BhVE8xUzFKMHE5ODRWMUpDTCtRNTJwMG9RaDVOa0dxYVppVzdVRE1QWVQrU3NkRUpiYjlLTnAzeE1pcHRkOURzcy0tVEx4bXJIc2YzMjVQL3pSUkphQ0R4QT09--c1ddf2638507c518122904174978e40b3cd17a71; path=/; expires=Sat, 31 Jul 2021 22:10:33 -0000; secure; HttpOnly Server Ask.FM Web Service Content-Encoding gzip Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000
GET H2	200	application_ltr-79dd407c5a949cee8d9a029379a49bd11ba6e422343534d8debb568b366fb33e.css d3r6ceqp4shltl.cloudfront.net/assets/	179 KB 39 KB	43ms 7ms	Stylesheet text/css	2600:9000:214f:7200:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-79dd407c5a949cee8d9a029379a49bd11ba6e422343534d8debb568b366fb33e.css Requested by Host: ask.fm URL: https://ask.fm/quillcrate008 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:7200:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash b2e5e4e5a81e4a15556e78fd0de89a86ac2208b717cf37fb823560be8c49f14b Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 20 Jul 2021 12:26:39 GMT content-encoding gzip age 726234 x-cache Hit from cloudfront access-control-max-age 3000 content-length 38947 access-control-allow-origin https://ask.fm last-modified Mon, 19 Jul 2021 12:08:27 GMT server Ask.FM Web Service etag "60f56b3b-9823" strict-transport-security max-age=63072000 access-control-allow-methods GET content-type text/css via 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront) cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA53-C1 x-amz-cf-id 7gLqYLhXW5XpDce_HFqvWEn3I61e3TzdQZVZqaNZKvxKVKDDRI3heQ== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js Show response d3r6ceqp4shltl.cloudfront.net/assets/	215 KB 68 KB	49ms 14ms	Script application/javascript	2600:9000:214f:7200:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js Requested by Host: ask.fm URL: https://ask.fm/quillcrate008 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:7200:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 13:38:20 GMT content-encoding gzip age 5560333 x-cache Hit from cloudfront access-control-max-age 3000 content-length 68515 access-control-allow-origin https://ask.fm last-modified Mon, 24 May 2021 13:24:40 GMT server Ask.FM Web Service etag "60aba918-10ba3" strict-transport-security max-age=63072000 access-control-allow-methods GET content-type application/javascript via 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront) cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA53-C1 x-amz-cf-id Gq3Dh-YKVrF0q0gY1kwaxH9BC2u5yqTO5tvDBxGqjOpy1VKijFByFg== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	profile-bg-853324ad1cb1a0bbc62244f1854403cfe21ddb5bd45fd2595d018734c80daac7.png d3r6ceqp4shltl.cloudfront.net/assets/	24 KB 24 KB	11ms 11ms	Image image/png	2600:9000:214f:7200:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/profile-bg-853324ad1cb1a0bbc62244f1854403cfe21ddb5bd45fd2595d018734c80daac7.png Requested by Host: ask.fm URL: https://ask.fm/quillcrate008 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:7200:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 853324ad1cb1a0bbc62244f1854403cfe21ddb5bd45fd2595d018734c80daac7 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 12 Jun 2021 01:11:32 GMT via 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront) age 4049941 x-cache Hit from cloudfront access-control-max-age 3000 content-length 24239 last-modified Wed, 27 Sep 2017 12:11:28 GMT server Ask.FM Web Service etag "59cb9570-5eaf" strict-transport-security max-age=63072000 access-control-allow-methods GET content-type image/png access-control-allow-origin https://ask.fm cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA53-C1 accept-ranges bytes x-amz-cf-id REIwfQZQVOnzrUh2NXJkbf5u-LOtqrpECQxUQ8coMMyYO9sAOLhnHw== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	tag.js Show response mc.yandex.ru/metrika/	225 KB 72 KB	131ms 43ms	Script application/javascript	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/tag.js Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 3dfd608e10c0c68f9f571b7dd26bceb6bfd71e3253cb6bafeb559bbf1d01b46e Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Jul 2021 22:10:33 GMT content-encoding br last-modified Wed, 28 Jul 2021 09:12:16 GMT etag "61011e70-11dc6" strict-transport-security max-age=31536000 content-type application/javascript access-control-allow-origin * cache-control max-age=3600 content-length 73158 expires Wed, 28 Jul 2021 23:10:33 GMT
GET H2	200	noAvatar-c233d6098087425dfeea8f690fd936de6b3cb2dc9fda991b0a5051169d334399.png d3r6ceqp4shltl.cloudfront.net/assets/	956 B 1 KB	7ms 7ms	Image image/png	2600:9000:214f:7200:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/noAvatar-c233d6098087425dfeea8f690fd936de6b3cb2dc9fda991b0a5051169d334399.png Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:7200:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash c233d6098087425dfeea8f690fd936de6b3cb2dc9fda991b0a5051169d334399 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 08 Jun 2021 21:40:23 GMT via 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront) age 4321810 x-cache Hit from cloudfront access-control-max-age 3000 content-length 956 last-modified Wed, 06 Sep 2017 12:36:34 GMT server Ask.FM Web Service etag "59afebd2-3bc" strict-transport-security max-age=63072000 access-control-allow-methods GET content-type image/png access-control-allow-origin https://ask.fm cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA53-C1 accept-ranges bytes x-amz-cf-id AJiE9zhT5c-rN_w37HPgSzsh-7cUMe3LYo7gy_MKS4oHymDRnrScKg== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	fontello-4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316.woff2 d3r6ceqp4shltl.cloudfront.net/assets/	17 KB 18 KB	23ms 8ms	Font application/font-woff2	2600:9000:214f:7200:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/fontello-4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316.woff2 Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-79dd407c5a949cee8d9a029379a49bd11ba6e422343534d8debb568b366fb33e.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:7200:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Origin https://ask.fm Referer https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-79dd407c5a949cee8d9a029379a49bd11ba6e422343534d8debb568b366fb33e.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 10 Jun 2021 21:24:45 GMT via 1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront) vary Accept-Encoding,Origin age 4149948 x-cache Hit from cloudfront strict-transport-security max-age=63072000 content-length 17880 last-modified Thu, 29 Apr 2021 05:41:49 GMT server Ask.FM Web Service etag "608a471d-45d8" access-control-max-age 3000 access-control-allow-methods GET content-type application/font-woff2 access-control-allow-origin https://ask.fm cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA53-C1 accept-ranges bytes x-amz-cf-id m6QAYX_1i16mD0rDoNbnQb4NFcZoZE_jZj_aSoZ1IlXD6-WMQ020TQ== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	proximanova-semibold-41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401.woff2 d3r6ceqp4shltl.cloudfront.net/assets/	25 KB 25 KB	31ms 16ms	Font application/font-woff2	2600:9000:214f:7200:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/proximanova-semibold-41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401.woff2 Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-79dd407c5a949cee8d9a029379a49bd11ba6e422343534d8debb568b366fb33e.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:7200:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Origin https://ask.fm Referer https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-79dd407c5a949cee8d9a029379a49bd11ba6e422343534d8debb568b366fb33e.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 10 Jun 2021 21:24:45 GMT via 1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront) vary Accept-Encoding,Origin age 4149948 x-cache Hit from cloudfront strict-transport-security max-age=63072000 content-length 25400 last-modified Wed, 06 Sep 2017 12:36:34 GMT server Ask.FM Web Service etag "59afebd2-6338" access-control-max-age 3000 access-control-allow-methods GET content-type application/font-woff2 access-control-allow-origin https://ask.fm cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA53-C1 accept-ranges bytes x-amz-cf-id 4_u0x-IsipMZPOTaeUG_5WKRRklgIfYf0Fp-B3m99Kqz_cjfAiaQYg== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	proximanovareg-98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f.woff2 d3r6ceqp4shltl.cloudfront.net/assets/	51 KB 52 KB	28ms 12ms	Font application/font-woff2	2600:9000:214f:7200:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/proximanovareg-98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f.woff2 Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-79dd407c5a949cee8d9a029379a49bd11ba6e422343534d8debb568b366fb33e.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:7200:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Origin https://ask.fm Referer https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-79dd407c5a949cee8d9a029379a49bd11ba6e422343534d8debb568b366fb33e.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 10 Jun 2021 21:24:45 GMT via 1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront) vary Accept-Encoding,Origin age 4149948 x-cache Hit from cloudfront strict-transport-security max-age=63072000 content-length 52204 last-modified Wed, 02 Aug 2017 08:00:22 GMT server Ask.FM Web Service etag "59818696-cbec" access-control-max-age 3000 access-control-allow-methods GET content-type application/font-woff2 access-control-allow-origin https://ask.fm cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA53-C1 accept-ranges bytes x-amz-cf-id t1HHjUNzXc0GtXnbkcSSdGyT2tBj_cv996cHxevgK4W7dSiPrnvd9g== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	400	sync_cookie_image_decide mc.yandex.com/ Redirect Chain https://mc.yandex.com/sync_cookie_image_check https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9348.kEx0m18UaePeYXTVECRliaM4miudak-ma6zZmfgCyZsradkhDazms4XU9vsuZoEW.ufSNkqwpOvvH8J9aNFmMstdtZ0U%2C https://mc.yandex.com/sync_cookie_image_decide?token=9348.N75YOM0xML5V4T9GSZGejP_KCddxF2jovaj3A8roD5vGlpCwlLJqpJUv6rldIuMobPegD4nBHmg_ATKACEXWMQ%2C%2C.33wU_spNKIrUzwWHtZB3byceQAA%2C	75 B 75 B	43ms 43ms	Image text/html	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/sync_cookie_image_decide?token=9348.N75YOM0xML5V4T9GSZGejP_KCddxF2jovaj3A8roD5vGlpCwlLJqpJUv6rldIuMobPegD4nBHmg_ATKACEXWMQ%2C%2C.33wU_spNKIrUzwWHtZB3byceQAA%2C Requested by Host: ask.fm URL: https://ask.fm/quillcrate008 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Jul 2021 22:10:34 GMT strict-transport-security max-age=31536000 content-length 75 x-xss-protection 1; mode=block content-type text/html; charset=utf-8 Redirect headers location https://mc.yandex.com/sync_cookie_image_decide?token=9348.N75YOM0xML5V4T9GSZGejP_KCddxF2jovaj3A8roD5vGlpCwlLJqpJUv6rldIuMobPegD4nBHmg_ATKACEXWMQ%2C%2C.33wU_spNKIrUzwWHtZB3byceQAA%2C date Wed, 28 Jul 2021 22:10:34 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
GET H2	200	advert.gif mc.yandex.com/metrika/	43 B 135 B	43ms 43ms	Image image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/metrika/advert.gif Requested by Host: ask.fm URL: https://ask.fm/quillcrate008 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Jul 2021 22:10:34 GMT last-modified Wed, 28 Jul 2021 09:12:16 GMT etag "61011e70-2b" strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes content-length 43 expires Wed, 28 Jul 2021 23:10:34 GMT
GET H2	200	1 Show response mc.yandex.com/watch/48953915/ Redirect Chain https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fquillcrate008&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A777%3Afu%3A0%3Aen%3Autf-8%3A... https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fquillcrate008&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A777%3Afu%3A0%3Aen%3Autf-8%...	368 B 450 B	47ms 47ms	XHR application/json	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fquillcrate008&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A777%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A606%3Acn%3A1%3Adp%3A0%3Als%3A400404979094%3Ahid%3A326269779%3Az%3A120%3Ai%3A202107290001033%3Aet%3A1627510234%3Ac%3A1%3Arn%3A468620430%3Au%3A1627510234327501622%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627510233015%3Ads%3A1%2C358%2C200%2C1%2C0%2C0%2C%2C84%2C112%2C%2C%2C%2C647%3Adsn%3A1%2C359%2C199%2C1%2C0%2C0%2C%2C86%2C112%2C%2C%2C%2C647%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627510234%3At%3Apadillasanchez997%20%28%40quillcrate008%29%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 356c4e98985189008ecfef73d1022f0a8c5ed51ac43586b52d5accc6e9d17288 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 28 Jul 2021 22:10:34 GMT x-content-type-options nosniff last-modified Wed, 28-Jul-2021 22:10:34 GMT strict-transport-security max-age=31536000 content-type application/json; charset=utf-8 access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 368 x-xss-protection 1; mode=block expires Wed, 28-Jul-2021 22:10:34 GMT Redirect headers pragma no-cache date Wed, 28 Jul 2021 22:10:34 GMT last-modified Wed, 28-Jul-2021 22:10:34 GMT location /watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fquillcrate008&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A777%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A606%3Acn%3A1%3Adp%3A0%3Als%3A400404979094%3Ahid%3A326269779%3Az%3A120%3Ai%3A202107290001033%3Aet%3A1627510234%3Ac%3A1%3Arn%3A468620430%3Au%3A1627510234327501622%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627510233015%3Ads%3A1%2C358%2C200%2C1%2C0%2C0%2C%2C84%2C112%2C%2C%2C%2C647%3Adsn%3A1%2C359%2C199%2C1%2C0%2C0%2C%2C86%2C112%2C%2C%2C%2C647%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627510234%3At%3Apadillasanchez997%20%28%40quillcrate008%29%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm strict-transport-security max-age=31536000 access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Wed, 28-Jul-2021 22:10:34 GMT
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	3 KB 2 KB	6ms 6ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 4761d05f3af0c1803d9b73f8bcd897d95329cea8f62dcd8976ed6e33404c1658 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 Lufp0em61nwLgrr7/ZT6gQ== cross-origin-resource-policy cross-origin expires Wed, 28 Jul 2021 22:14:21 GMT alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 1688 x-fb-rlafr 0 x-fb-debug OmjkemoyHy18Gqk0iGuc7ydyAIjVvdJ5eCHL/S/GpjrCUEhFuJrwguLjcxD44/rvJghBeCczQj51q+5y7O4xOg== x-fb-trip-id 686109401 x-fb-content-md5 61629ecc6be79cbcbf42a2d699a7e855 cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coop_report" date Wed, 28 Jul 2021 22:10:34 GMT x-frame-options DENY report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=1200,stale-while-revalidate=3600 etag "58a0d4344ec6df9b5b6bae65fd4bfc61" timing-allow-origin * priority u=3,i access-control-expose-headers X-FB-Content-MD5
GET H2	200	gtm.js Show response www.googletagmanager.com/	89 KB 35 KB	20ms 19ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NDJVZHZ Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 73746eb9d3b36e828715a47cc69484e95d5f4784f072820c888eda93d4bb8402 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Jul 2021 22:10:34 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36138 x-xss-protection 0 last-modified Wed, 28 Jul 2021 21:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 28 Jul 2021 22:10:34 GMT
GET H2	200	3eb3366e-65c3-4a24-90f5-0026136a4131.min.js Show response cmp.optad360.io/items/	2 B 360 B	45ms 7ms	Script application/javascript	2600:9000:2156:e800:6:b871:4f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.optad360.io/items/3eb3366e-65c3-4a24-90f5-0026136a4131.min.js Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:e800:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Jul 2021 22:01:33 GMT via 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront) last-modified Wed, 28 Apr 2021 09:49:58 GMT server AmazonS3 age 542 etag "99914b932bd37a50b983c5e7c90ae93b" x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=3600 x-amz-cf-pop FRA50-C1 accept-ranges bytes content-length 2 x-amz-cf-id XkF6bObTE3Yqre14-hq23Oz41uIoBOy6uWL5xMihJldkhfN7CN7lwA==
GET H2	200	plugin.min.js Show response get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/	274 KB 72 KB	30ms 6ms	Script application/javascript	2600:9000:2156:2600:11:a4de:2580:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:2600:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f56ad273e0204eb8d21346d7116686e717353c0864546a4e66a72b581e594a75 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Jul 2021 21:40:18 GMT content-encoding gzip last-modified Mon, 05 Jul 2021 07:03:23 GMT server AmazonS3 age 1817 etag W/"5736885227fcd00664fbd8eea334a4cc" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront) cache-control public, max-age=3600 x-amz-cf-pop FRA50-C1 x-amz-cf-id s1Pwdra5UPb6DY_VRavv9sOQIbAHgOtiSt60IBGQdoRKZNUa6Xmtsw==
GET H3-29	200	sdk.js Show response connect.facebook.net/en_US/	227 KB 66 KB	8ms 7ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js?hash=3637a18597d5b8185d8e5a3201618fb1 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 4e7d223c36d2ae8524da8da12e6254bddf8a6793d8dfc7e76c4337d9778b3a0d Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 Mk9oxfpmvAUFqqLF1V2pVA== cross-origin-resource-policy cross-origin expires Thu, 28 Jul 2022 21:14:38 GMT alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 67617 x-fb-rlafr 0 x-fb-debug +tC7rQGo6dMJJs1Z6AM+iCgXTo9ct9GnT9TfGM8aSP5bzq8SgmingNAGXfSJjhEAZ2RZ16BQWLs48iXwWY4fzg== cross-origin-embedder-policy-report-only require-corp;report-to="coop_report" x-fb-content-md5 184edff1975b4bbad348625eb81fdcf9 cross-origin-opener-policy same-origin-allow-popups date Wed, 28 Jul 2021 22:10:34 GMT x-frame-options DENY report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable etag "d0be258701395dfb04636368378735d4" timing-allow-origin * priority u=3,i access-control-expose-headers X-FB-Content-MD5
GET H2	200	/ www.facebook.com/tr/	44 B 147 B	6ms 6ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=129215213762342&ev=fb_page_view&dl=https%3A%2F%2Fask.fm%2Fquillcrate008&rl=&if=false&ts=1627510234252&sw=1600&sh=1200&at= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Jul 2021 22:10:34 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Wed, 28 Jul 2021 22:10:34 GMT
GET H2	200	prebid4.39.0.js Show response get.optad360.io/sf/	492 KB 493 KB	15ms 15ms	Script application/javascript	2600:9000:2156:2600:11:a4de:2580:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://get.optad360.io/sf/prebid4.39.0.js Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:2600:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 86a90b183aecfa70018125329bdc860971b2f20123c0f40e68bac0a1dcb58645 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 28 Jun 2021 10:19:57 GMT via 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront) last-modified Thu, 13 May 2021 10:44:35 GMT server AmazonS3 age 2634638 etag "e020700f5effdce1f4be56434553da72" x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=360000000 x-amz-cf-pop FRA50-C1 accept-ranges bytes content-length 503605 x-amz-cf-id T0yHJly54jUe6QZZHcgPUwiPUSibTWCatYsXZ_3fREEiTtDOF7gIYQ==
GET H2	200	latest.json Show response cdn.jsdelivr.net/gh/prebid/currency-file@1/	2 KB 1 KB	6ms 5ms	XHR application/json	2a04:4e42:3::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210729 Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 3d47238831047212d85dc591b2a9a01bc08711e17d5ebe79b37b7802e44a358d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 25253 x-jsd-version 1.0.1052 x-cache HIT cross-origin-resource-policy cross-origin content-length 935 etag W/"6a0-F8dDGncfmuu3lsQhTn/Gjj9tlgk" x-served-by cache-fra19149-FRA x-jsd-version-type version date Wed, 28 Jul 2021 22:10:35 GMT vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H/1.1	200 OK	Cookie set conversion Show response ask.fm/signup/	10 KB 4 KB	159ms 158ms	XHR text/html	193.138.77.147 ASK-FM
General Check archive.org Show headers Download Go to Full URL https://ask.fm/signup/conversion Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.138.77.147 , Latvia, ASN395754 (ASK-FM, US), Reverse DNS Software Ask.FM Web Service / Resource Hash e4391a89da8ea6f84b70e387ecf414065d4cd7cfe25d4aa832b48d4773c091ac Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host ask.fm Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Accept */* Cache-Control no-cache Sec-Fetch-Dest empty X-Requested-With XMLHttpRequest Connection keep-alive Referer https://ask.fm/quillcrate008 Accept */* Referer https://ask.fm/quillcrate008 X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 28 Jul 2021 22:10:36 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server Ask.FM Web Service ETag W/"6a2655b6244c974ea0828299c98154a6" X-Frame-Options SAMEORIGIN Content-Type text/html; charset=utf-8 Status 200 OK Set-Cookie locale=en; path=/; expires=Fri, 29 Jul 2022 04:10:36 -0000 uuid=443e3cd0-1b03-495e-a696-65cf80f7a2cf; path=/; expires=Fri, 29 Jul 2022 04:10:36 -0000; secure; HttpOnly country=CH; path=/; expires=Fri, 29 Jul 2022 04:10:36 -0000 tutm=utm_medium%3Dconversion_desktop_default_64; path=/; expires=Fri, 30 Jul 2021 22:10:36 -0000 _m_ask_fm_session=MEgzb3JPRzBFR3B4dUl1TTVLZ1dkaTY3YzN0dk5TT1FEemFyOFM4aWxMcnZDYk5ycTNRVTZKOUpUMXc4SmoxanBUNm1VVzVGOXZzdk80d3h1eEFMNWRvOEdNaU9UZ2dnOUhHdUV4ZU1kMG14c1BZdmtQNjkwMmpVVytCZS9LdzhPRzRRcnQ4MEJLQnA0YkFpRmtLTFdkZmxiM2JGb3ZJd0lyOHNQSEtlalJ6cVFIU1F0cmV1OXdwTGwwL0NxVGlRQUF0Y251N1ZIQmJLVmRyZzJaRmhnbDRIZk1kT2cxMnJKUEVJcElmTTVxNjBUaWp0SE1EUjdzeUZleXFJN2ptOFkyS0M5aU5vSXNCaFhoVnVxc2FqVGc9PS0tOE1BRGlob0ZscWMrWmNvS1FITUh2UT09--b286ab4b51d34070eca5c10415200f785c676038; path=/; expires=Sat, 31 Jul 2021 22:10:36 -0000; secure; HttpOnly Cache-Control max-age=0, private, must-revalidate Transfer-Encoding chunked Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 X-XSS-Protection 1; mode=block
GET H2	200	button_app_store-3929e571584ac404ba32c11166c577244729dbd1e4189320e124126366224f08.png d3r6ceqp4shltl.cloudfront.net/assets/	2 KB 3 KB	8ms 7ms	Image image/png	2600:9000:214f:7200:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/button_app_store-3929e571584ac404ba32c11166c577244729dbd1e4189320e124126366224f08.png Requested by Host: ask.fm URL: https://ask.fm/quillcrate008 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:7200:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 3929e571584ac404ba32c11166c577244729dbd1e4189320e124126366224f08 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 12 Jul 2021 23:26:28 GMT via 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront) age 1377848 x-cache Hit from cloudfront access-control-max-age 3000 content-length 2309 last-modified Wed, 28 Oct 2020 11:38:17 GMT server Ask.FM Web Service etag "5f995829-905" strict-transport-security max-age=63072000 access-control-allow-methods GET content-type image/png access-control-allow-origin https://ask.fm cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA53-C1 accept-ranges bytes x-amz-cf-id B1yvacT0gDrLo7cQr9MwfzTj_k3g0rEbxKv8GkgppfJkZTktXcP2tg== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	button_google_play-467206f00105224e1a448a4ac9950cf1ad03988d92f95a03100b64c6feb17999.png d3r6ceqp4shltl.cloudfront.net/assets/	3 KB 4 KB	9ms 8ms	Image image/png	2600:9000:214f:7200:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/button_google_play-467206f00105224e1a448a4ac9950cf1ad03988d92f95a03100b64c6feb17999.png Requested by Host: ask.fm URL: https://ask.fm/quillcrate008 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:7200:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 467206f00105224e1a448a4ac9950cf1ad03988d92f95a03100b64c6feb17999 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 25 Feb 2021 11:14:52 GMT via 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront) age 13258544 x-cache Hit from cloudfront access-control-max-age 3000 content-length 3404 last-modified Wed, 28 Oct 2020 11:38:17 GMT server Ask.FM Web Service etag "5f995829-d4c" strict-transport-security max-age=63072000 access-control-allow-methods GET content-type image/png access-control-allow-origin https://ask.fm cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA53-C1 accept-ranges bytes x-amz-cf-id J5n0cQbV-omNWy4VI9d3dGn3jKnk4ONUWhEJ0TgdSFWbA0RUfeONUA== expires Thu, 31 Dec 2037 23:55:55 GMT
POST H2	200	48953915 Show response mc.yandex.com/webvisor/	43 B 73 B	131ms 131ms	XHR image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=326269779&page-url=https%3A%2F%2Fask.fm%2Fquillcrate008&rn=1061989823&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1627510237%3Aw%3A1600x1200%3Av%3A606%3Az%3A120%3Ai%3A202107290001037%3Au%3A1627510234327501622%3Avf%3A4uzkmd4e35cd16k0n%3Awe%3A1%3Ati%3A2%3Ast%3A1627510237 Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 28 Jul 2021 22:10:37 GMT last-modified Wed, 28-Jul-2021 22:10:37 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Wed, 28-Jul-2021 22:10:37 GMT
POST H2	200	48953915 Show response mc.yandex.com/webvisor/	43 B 145 B	126ms 124ms	XHR image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=326269779&page-url=https%3A%2F%2Fask.fm%2Fquillcrate008&rn=102606227&wv-type=5&browser-info=gdpr%3A14%3Aet%3A1627510237%3Aw%3A1600x1200%3Av%3A606%3Az%3A120%3Ai%3A202107290001037%3Au%3A1627510234327501622%3Avf%3A4uzkmd4e35cd16k0n%3Awe%3A1%3Ati%3A2%3Ast%3A1627510237 Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 28 Jul 2021 22:10:37 GMT last-modified Wed, 28-Jul-2021 22:10:37 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Wed, 28-Jul-2021 22:10:37 GMT
OPTIONS H2	200	json gum.criteo.com/sid/ Frame	0 0	48ms 15ms	Preflight application/json	2a02:2638::1c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1 Protocol H2 Server 2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin https://ask.fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache content-type application/json; charset=utf-8 expires 0 strict-transport-security max-age=31536000 access-control-allow-origin https://ask.fm access-control-allow-headers content-type access-control-allow-credentials true access-control-allow-methods GET server-processing-duration-in-ticks 1389 date Wed, 28 Jul 2021 22:10:37 GMT content-encoding gzip vary Accept-Encoding
GET H2	200	optad360.js Show response serving.stat-rock.com/player/	304 KB 95 KB	100ms 31ms	Script application/javascript	78.140.185.32 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://serving.stat-rock.com/player/optad360.js Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS ap8.adplayer.pro Software nginx / Resource Hash 3ffd3c012ea6753cd0373b0c79c43ab8a1915dd112e15c821ea654e8b01739ed Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Jul 2021 22:10:37 GMT content-encoding gzip last-modified Fri, 18 Jun 2021 08:28:33 GMT server nginx etag W/"60cc5931-4beb9" vary Accept-Encoding content-type application/javascript cache-control public, max-age=600
GET H2	200	sid Show response mug.criteo.com/ Redirect Chain https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1 https://mug.criteo.com/sid?cpp=7nxoZ3xpN0o4TkZRQW9BMStBVVlQWFk4OUhmNEE1M1c2M3dyL0xoZjN2L295MHVTcEZtZkIvcEd5c0ZoNWorenlVWTBucmtGamxjM3YybjRLNXJPREhLekdzcitTY3J6QUc3N3V3K0VvemJUOGhuampNMERHRU5LZGNBbT...	313 B 583 B	98ms 33ms	XHR application/json	178.250.2.146 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=7nxoZ3xpN0o4TkZRQW9BMStBVVlQWFk4OUhmNEE1M1c2M3dyL0xoZjN2L295MHVTcEZtZkIvcEd5c0ZoNWorenlVWTBucmtGamxjM3YybjRLNXJPREhLekdzcitTY3J6QUc3N3V3K0VvemJUOGhuampNMERHRU5LZGNBbTl1b3Q1dzI0a3Jxb1FML3VISzVJUWVrQ1k2TlVGRis3eC82MSsrU0x3bmZEbW1ETmtRcEV5RzhtekVidFZhOURHU29QdkVnS25qTW43ZjdHRVJvdVN2dHdMZlBrMWl3PT18&cppv=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash 6f65bc50b2010dec1950d81bd1a6c89c579a650df2b1aea2f13748248fa231ae Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 content-encoding gzip date Wed, 28 Jul 2021 22:10:37 GMT vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin null cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 2086 expires 0 Redirect headers pragma no-cache strict-transport-security max-age=31536000 date Wed, 28 Jul 2021 22:10:36 GMT location https://mug.criteo.com/sid?cpp=7nxoZ3xpN0o4TkZRQW9BMStBVVlQWFk4OUhmNEE1M1c2M3dyL0xoZjN2L295MHVTcEZtZkIvcEd5c0ZoNWorenlVWTBucmtGamxjM3YybjRLNXJPREhLekdzcitTY3J6QUc3N3V3K0VvemJUOGhuampNMERHRU5LZGNBbTl1b3Q1dzI0a3Jxb1FML3VISzVJUWVrQ1k2TlVGRis3eC82MSsrU0x3bmZEbW1ETmtRcEV5RzhtekVidFZhOURHU29QdkVnS25qTW43ZjdHRVJvdVN2dHdMZlBrMWl3PT18&cppv=2 access-control-allow-methods GET content-type text/html; charset=utf-8 access-control-allow-origin https://ask.fm cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 1576 content-length 455 expires 0
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	260 B 1 KB	226ms 156ms	XHR application/json	185.33.223.178 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 9c1cbad5090d6d28c19099ffcc2f046e753ab31c7b7b7fb20709671b6599e305 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Wed, 28 Jul 2021 22:10:37 GMT X-Proxy-Origin 185.236.201.227; 185.236.201.227; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 72c0e1cb-a5d5-4eed-abec-428b8a40ff36 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://ask.fm Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 260 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	cygnus Show response htlb.casalemedia.com/	24 B 679 B	92ms 39ms	XHR application/json	184.31.84.150 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://htlb.casalemedia.com/cygnus?s=425272&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%224ac971fb9009ec%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fask.fm%2Fquillcrate008%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.39.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2254c1d10fd831c7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2254c1d10fd831c7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22750x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A750%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2254c1d10fd831c7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-31-84-150.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 54d9f752a164a57dd3608713af332b9e8164b466b46c029d83d9c091b33b8cd4 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 28 Jul 2021 22:10:37 GMT content-encoding gzip x-ak-initial-geo CC:[CH], RC:[ZH], CN:[EU], CIP:[185.236.201.227], XFF:[] server Apache vary Is-Traffic-Invalid,Accept-Encoding p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" access-control-allow-origin https://ask.fm x-cs-client-geo 12 cache-control max-age=0, no-cache, no-store access-control-allow-credentials true content-type application/json content-length 44 x-ak-client-geo 12 expires Wed, 28 Jul 2021 22:10:37 GMT
POST H2	200	prebid-request Show response onetag-sys.com/	15 B 362 B	101ms 37ms	XHR application/json	51.38.120.206 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/prebid-request Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.38.120.206 , France, ASN16276 (OVH, FR), Reverse DNS ip206.ip-51-38-120.eu Software / Resource Hash 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=15552000 content-encoding gzip p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' access-control-allow-origin https://ask.fm cache-control no-transform, no-cache access-control-allow-credentials true content-type application/json access-control-allow-headers content-type, origin, referer, user-agent content-length 41
POST H2	204	apacdex Show response useast.quantumdex.io/auction/	0 605 B	220ms 202ms	XHR text/plain	2606:4700:20::681a:34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://useast.quantumdex.io/auction/apacdex Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Wed, 28 Jul 2021 22:10:37 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-allow-methods POST, GET access-control-allow-origin https://ask.fm report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WH%2F6bG5%2F8q7fx7QBxPxMRtEo6qrZg5k6zFCz6HT2tirUOX8mkdaR6ZP52YurpZ4LEQTXtCqCPrV2SdCouMslujZa8Wm5mjrF8U2U28JkwFo1S2qV0osHyp6JSD86FUzIeyPBVYp7gVxF92V4lCQ%2FzoFw"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 67617047ce504315-FRA
POST H2	200	c Show response prebid.a-mo.net/a/	861 B 778 B	353ms 130ms	XHR application/json	147.75.38.124 PACKET
General Check archive.org Show headers Download Go to Full URL https://prebid.a-mo.net/a/c Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash ee01149c87770b27297bf7ae87950805ff6d9ee1de77a5dd9712ce241c05b13b Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Wed, 28 Jul 2021 22:10:36 GMT content-encoding gzip server envoy vary origin, accept-encoding content-type application/json; charset=utf-8 access-control-allow-origin https://ask.fm cache-control max-age=0, private, must-revalidate access-control-allow-credentials true x-envoy-upstream-service-time 22 content-length 355
POST H2	200	v2 Show response i.connectad.io/api/	96 B 454 B	184ms 103ms	XHR application/json	35.190.63.210 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://i.connectad.io/api/v2 Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.63.210 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 210.63.190.35.bc.googleusercontent.com Software nginx / Resource Hash 701fed30245a1113c1c196bf1f432bfcb4433ec5b466cba6497813ea64a1499c Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Wed, 28 Jul 2021 22:10:37 GMT content-encoding gzip server nginx vary Accept-Encoding p3p CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" access-control-allow-origin https://ask.fm cache-control no-cache, private access-control-allow-credentials true content-type application/json alt-svc clear via 1.1 google
GET H2	200	/ Show response adx.adform.net/adx/	10 B 449 B	140ms 61ms	XHR application/json	37.157.6.252 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/?rp=4&bWlkPTg2NTI1MyZ0cmFuc2FjdGlvbklkPWUzMzUxZGQxLTNjODAtNDEwYy04MzM1LWU1NWUzMDYwMTczYiZyY3VyPVBMTg%3D%3D&bWlkPTgwMjYyMCZ0cmFuc2FjdGlvbklkPTRkZTJmYzI0LTk1M2QtNDA3YS05NzAxLWMzNzI3YzBmNWU5YyZyY3VyPVBMTg%3D%3D&pt=gross&stid=ebdffbd7-f5d7-4948-8c90-c2eced734202&gdpr=0&gdpr_consent=undefined&fd=1 Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.252 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS s1.adform.net Software nginx / Resource Hash 78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 28 Jul 2021 22:10:37 GMT server nginx access-control-max-age 86400 access-control-allow-methods GET, POST p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin https://ask.fm cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains content-type application/json; charset=utf-8 access-control-allow-headers Content-Type, Cache-Control, Accept-Encoding, X-Requested-With content-length 10 expires -1
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	262 B 1 KB	124ms 60ms	XHR application/json	185.33.223.178 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 2fd64341196b6f879489ca4acc50eb37c827a5dbd2bff17c269bebc010307d7c Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Wed, 28 Jul 2021 22:10:37 GMT X-Proxy-Origin 185.236.201.227; 185.236.201.227; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 114d6c3c-e64d-49a5-b9a6-7d4a5335641b Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://ask.fm Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 262 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
OPTIONS H2	200	sid mug.criteo.com/ Frame	0 0	112ms 27ms	Preflight application/json	178.250.2.146 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=7nxoZ3xpN0o4TkZRQW9BMStBVVlQWFk4OUhmNEE1M1c2M3dyL0xoZjN2L295MHVTcEZtZkIvcEd5c0ZoNWorenlVWTBucmtGamxjM3YybjRLNXJPREhLekdzcitTY3J6QUc3N3V3K0VvemJUOGhuampNMERHRU5LZGNBbTl1b3Q1dzI0a3Jxb1FML3VISzVJUWVrQ1k2TlVGRis3eC82MSsrU0x3bmZEbW1ETmtRcEV5RzhtekVidFZhOURHU29QdkVnS25qTW43ZjdHRVJvdVN2dHdMZlBrMWl3PT18&cppv=2 Protocol H2 Server 178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin null User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache content-type application/json; charset=utf-8 expires 0 strict-transport-security max-age=31536000 access-control-allow-origin null access-control-allow-headers content-type access-control-allow-credentials true access-control-allow-methods GET server-processing-duration-in-ticks 957 date Wed, 28 Jul 2021 22:10:36 GMT content-encoding gzip vary Accept-Encoding
GET DATA	200 OK	truncated /	630 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	200 OK	Cookie set quillcrate008 Show response ask.fm/	15 KB 6 KB	199ms 198ms	XHR text/html	193.138.77.147 ASK-FM
General Check archive.org Show headers Download Go to Full URL https://ask.fm/quillcrate008 Requested by Host: serving.stat-rock.com URL: https://serving.stat-rock.com/player/optad360.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.138.77.147 , Latvia, ASN395754 (ASK-FM, US), Reverse DNS Software Ask.FM Web Service / Resource Hash ff5a7ad8c8149931e5503c0c525bc71ba4fd2178b6606af4f9bec7e56ac83b7d Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host ask.fm Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Accept */* Cache-Control no-cache Sec-Fetch-Dest empty Referer https://ask.fm/quillcrate008 Cookie cto_bidid=gfqoFV9naTV5QlVteEFQNG5DWnJZaHhROWc0OEVTeldLSWkzeVhITExXeTFSQlV2Rm9TREpNemVpdWVDODhIZ2YyQnRsa1M5WXZsakFGRmx1UlVOSEVzYjdDQSUzRCUzRA; cto_bundle=pgH5yl9USXZ4Sk5UdWs3aVBRcHc2YVc3S2tqT1l6eG02cURub1hSNncyYjZ1dnBHeUVQTTJiVW5XdmxTSSUyRm01R3FTV1lLTHhZcW5KMGt3TXN3QmR6alpzJTJCeVVWbklKZkRsTXVDMDdlS1BpaFVQNWclM0Q Connection keep-alive Referer https://ask.fm/quillcrate008 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 28 Jul 2021 22:10:38 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server Ask.FM Web Service ETag W/"7e338aee3e710a365f49c884a90913ea" X-Frame-Options SAMEORIGIN Content-Type text/html; charset=utf-8 Status 200 OK Set-Cookie locale=en; path=/; expires=Fri, 29 Jul 2022 04:10:38 -0000 uuid=1101188f-bbd5-4a5c-a1c6-7413e8551160; path=/; expires=Fri, 29 Jul 2022 04:10:38 -0000; secure; HttpOnly country=CH; path=/; expires=Fri, 29 Jul 2022 04:10:38 -0000 traffic_source=internal; path=/; expires=Fri, 30 Jul 2021 22:10:38 -0000 _m_ask_fm_session=TVlQMTQyTkIrNUhkMGJsK25SdEJISXNRVDYyK0Nma1JNcnFscUczd2dQbXZmV3lvOVhkajIwanIzblVtYmx2OUZsU0VlNzB5NHRmOEFRdUxUMEFLMFY1U0hoNklPcWQ4clcwTGJkY3A3N3VhR0grMDl1NzNZZ0RwYVYwMGJpTCtNcDJONUZYeVhIMUlCa3pqRWh5N3hlYU1Hek1lWjhDSE8rS2YvZlc4VWpLNHFQMitqUis3NExaODhTdmdDMmZrREpwVjA5K3ZVQy9yMitzM0FXMnV6eUpCRVhJSE5HYWdIZTYyWUxaeFhQUGw2cHJzVElsSTlVVUtETFc4RHNsNi0tb3RPWkVjck96S1l2OTVpTmxtU2dkZz09--93001d2108c080db32332ac563c231eb2441151d; path=/; expires=Sat, 31 Jul 2021 22:10:38 -0000; secure; HttpOnly Cache-Control max-age=0, private, must-revalidate Transfer-Encoding chunked Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 X-XSS-Protection 1; mode=block
GET H2	200	1 serving.stat-rock.com/v1/log/js/	35 B 163 B	123ms 39ms	Image image/gif	78.140.185.32 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://serving.stat-rock.com/v1/log/js/1?id=1627510237995.093&type=INIT&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fquillcrate008&t=476&v=91&width=528&z=p%3Adf%3Bv%3AinView%3B&r=0.692843822115313 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS ap8.adplayer.pro Software nginx / Resource Hash 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540 Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://ask.fm date Wed, 28 Jul 2021 22:10:38 GMT srvf 78.140.185.32 server nginx srvb 127.0.0.1:8082 content-length 35 content-type image/gif
GET H2	200	1 serving.stat-rock.com/v1/log/js/	35 B 162 B	124ms 40ms	Image image/gif	78.140.185.32 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://serving.stat-rock.com/v1/log/js/1?id=1627510237995.093&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fquillcrate008&t=485&v=91&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.8333125477441303 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS ap8.adplayer.pro Software nginx / Resource Hash 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540 Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://ask.fm date Wed, 28 Jul 2021 22:10:38 GMT srvf 78.140.185.32 server nginx srvb 127.0.0.1:8082 content-length 35 content-type image/gif
GET H/1.1	200 OK	Cookie set quillcrate008 Show response ask.fm/	15 KB 6 KB	179ms 178ms	XHR text/html	193.138.77.147 ASK-FM
General Check archive.org Show headers Download Go to Full URL https://ask.fm/quillcrate008 Requested by Host: serving.stat-rock.com URL: https://serving.stat-rock.com/player/optad360.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.138.77.147 , Latvia, ASN395754 (ASK-FM, US), Reverse DNS Software Ask.FM Web Service / Resource Hash fa91ddb5287f05145070674dbde0c50a6c7f192380695ce3daeba6ecc6ae288b Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host ask.fm Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Accept */* Cache-Control no-cache Sec-Fetch-Dest empty Referer https://ask.fm/quillcrate008 Cookie cto_bidid=gfqoFV9naTV5QlVteEFQNG5DWnJZaHhROWc0OEVTeldLSWkzeVhITExXeTFSQlV2Rm9TREpNemVpdWVDODhIZ2YyQnRsa1M5WXZsakFGRmx1UlVOSEVzYjdDQSUzRCUzRA; cto_bundle=pgH5yl9USXZ4Sk5UdWs3aVBRcHc2YVc3S2tqT1l6eG02cURub1hSNncyYjZ1dnBHeUVQTTJiVW5XdmxTSSUyRm01R3FTV1lLTHhZcW5KMGt3TXN3QmR6alpzJTJCeVVWbklKZkRsTXVDMDdlS1BpaFVQNWclM0Q; locale=en; uuid=1101188f-bbd5-4a5c-a1c6-7413e8551160; country=CH; traffic_source=internal; _m_ask_fm_session=TVlQMTQyTkIrNUhkMGJsK25SdEJISXNRVDYyK0Nma1JNcnFscUczd2dQbXZmV3lvOVhkajIwanIzblVtYmx2OUZsU0VlNzB5NHRmOEFRdUxUMEFLMFY1U0hoNklPcWQ4clcwTGJkY3A3N3VhR0grMDl1NzNZZ0RwYVYwMGJpTCtNcDJONUZYeVhIMUlCa3pqRWh5N3hlYU1Hek1lWjhDSE8rS2YvZlc4VWpLNHFQMitqUis3NExaODhTdmdDMmZrREpwVjA5K3ZVQy9yMitzM0FXMnV6eUpCRVhJSE5HYWdIZTYyWUxaeFhQUGw2cHJzVElsSTlVVUtETFc4RHNsNi0tb3RPWkVjck96S1l2OTVpTmxtU2dkZz09--93001d2108c080db32332ac563c231eb2441151d Connection keep-alive Referer https://ask.fm/quillcrate008 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 28 Jul 2021 22:10:38 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server Ask.FM Web Service ETag W/"34ca60cb3c649243338b96ac7671317b" X-Frame-Options SAMEORIGIN Content-Type text/html; charset=utf-8 Status 200 OK Set-Cookie locale=en; path=/; expires=Fri, 29 Jul 2022 04:10:38 -0000 _m_ask_fm_session=NXpOTUFzNWhkUHB6ajRYYnZjUGNjT0FuZVdibzRUMWdGUUkyY3V3RXhCUE1uZ1RLZVZoVlhua2NEVXFtU2M0VjRyeGVKWnVBeXRDRXd1RTZpejdQQjB5b1NHYmdpOTljcC9LWDBqRW5kdk5qRXhOWDY4dVFQOXBmYXdQZHpXTFVPY2JMUkxpb0VKV090ZWYzK055aXpGR0lvVk16eWZadTN5YkN5T25QTXhEM0xland3SzJINUgwcnF3UWZNQThJTzN4UWVCMmNCNmtvUk1xZTQ1a0h0blRvOStXV0pnRGFRYWkrTFgxRVlnT3R4endTRmFQMzcxZkhWb2tFczZNay0tT0lEcGEwUDdjMWZva2FMVlFneWtxZz09--8d6454bcd4710d4f56be564fca98d7a206819aff; path=/; expires=Sat, 31 Jul 2021 22:10:38 -0000; secure; HttpOnly Cache-Control max-age=0, private, must-revalidate Transfer-Encoding chunked Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 X-XSS-Protection 1; mode=block
GET H2	200	1 serving.stat-rock.com/v1/log/js/	35 B 162 B	40ms 39ms	Image image/gif	78.140.185.32 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://serving.stat-rock.com/v1/log/js/1?d=1&id=1627510237995.093&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fquillcrate008&t=689&v=91&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.6662312547869917 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS ap8.adplayer.pro Software nginx / Resource Hash 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540 Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://ask.fm date Wed, 28 Jul 2021 22:10:38 GMT srvf 78.140.185.32 server nginx srvb 127.0.0.1:8082 content-length 35 content-type image/gif
GET H2	200	1 serving.stat-rock.com/v1/log/js/	35 B 162 B	40ms 39ms	Image image/gif	78.140.185.32 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://serving.stat-rock.com/v1/log/js/1?id=1627510237995.093&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fquillcrate008&t=871&v=91&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.9666335391867253 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS ap8.adplayer.pro Software nginx / Resource Hash 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540 Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://ask.fm date Wed, 28 Jul 2021 22:10:38 GMT srvf 78.140.185.32 server nginx srvb 127.0.0.1:8082 content-length 35 content-type image/gif
GET H2	200	1 serving.stat-rock.com/v1/log/js/	35 B 162 B	40ms 40ms	Image image/gif	78.140.185.32 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://serving.stat-rock.com/v1/log/js/1?d=1&id=1627510237995.093&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fquillcrate008&t=871&v=91&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.36921107931967434 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS ap8.adplayer.pro Software nginx / Resource Hash 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540 Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://ask.fm date Wed, 28 Jul 2021 22:10:38 GMT srvf 78.140.185.32 server nginx srvb 127.0.0.1:8082 content-length 35 content-type image/gif
POST H2	200	48953915 Show response mc.yandex.com/webvisor/	43 B 145 B	128ms 43ms	XHR image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=2&wv-hit=326269779&page-url=https%3A%2F%2Fask.fm%2Fquillcrate008&rn=907998264&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1627510239%3Aw%3A1600x1200%3Av%3A606%3Az%3A120%3Ai%3A202107290001039%3Au%3A1627510234327501622%3Avf%3A4uzkmd4e35cd16k0n%3Awe%3A1%3Ati%3A2%3Ast%3A1627510239 Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 28 Jul 2021 22:10:39 GMT last-modified Wed, 28-Jul-2021 22:10:39 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Wed, 28-Jul-2021 22:10:39 GMT
GET H/1.1	200 OK	ixmatch.html Show response js-sec.indexww.com/um/ Frame 6246	2 KB 1 KB	150ms 47ms	Document text/html	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://js-sec.indexww.com/um/ixmatch.html Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c Request headers Host js-sec.indexww.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://ask.fm/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers Server Apache Last-Modified Thu, 11 Feb 2021 16:12:45 GMT ETag "e20015-90b-5bb11ca420f07" Accept-Ranges bytes P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type text/html; charset=UTF-8 Vary Accept-Encoding Content-Encoding gzip Content-Length 1151 Date Wed, 28 Jul 2021 22:10:40 GMT Connection keep-alive
GET H2	200	apacdex Show response sync.quantumdex.io/usersync/ Frame D39D	3 KB 1 KB	124ms 121ms	Document text/html	2606:4700:20::681a:34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sync.quantumdex.io/usersync/apacdex Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 37b25a8f1ec9f5cfebfc5d8255b06bec950cdfdf7bf736ab738b9490173cac00 Request headers :method GET :authority sync.quantumdex.io :scheme https :path /usersync/apacdex pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ask.fm/ accept-encoding gzip, deflate, br accept-language en-US cookie uid=6fa67852-5a55-4f72-b69b-e1ad1d65f0f4 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers date Wed, 28 Jul 2021 22:10:40 GMT content-type text/html set-cookie uid=6fa67852-5a55-4f72-b69b-e1ad1d65f0f4; expires=Tue, 17 Aug 2021 22:10:40 GMT; domain=quantumdex.io; path=/; secure; SameSite=None cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2BYaZut9f1a6y%2BcJfAX0%2B1q%2FKDDre8G4H8z9bFnXfEYwNDpkus3YaRrJlgz%2BuDhzq%2FGnBUsgHDv0RZVL5lJ8o4oicj3HdxpBir4GhDW%2BeQ4hx6M2yGOfoDPnKa3oKvQgq3wimpvRq%2B2aXccIUiDiiA%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6761705cca624315-FRA content-encoding br
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/dmp/ Frame 4B0A	52 KB 17 KB	135ms 53ms	Document text/html	2.18.232.130 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-232-130.deploy.static.akamaitechnologies.com Software nginx/1.13.10 / Resource Hash 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://ask.fm/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie icu=ChgI_t1aEAoYASABKAEw3auHiAY4AUABSAEQ3auHiAYYAA..; uuid2=3551943937199483238 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers Last-Modified Wed, 02 Dec 2020 20:56:47 GMT ETag "5fc7ff8f-cf34" Server nginx/1.13.10 Access-Control-Allow-Origin * Content-Type text/html Content-Encoding gzip Content-Length 17053 Cache-Control max-age=86402 Expires Thu, 29 Jul 2021 22:10:42 GMT Date Wed, 28 Jul 2021 22:10:40 GMT Connection keep-alive Vary Accept-Encoding
GET H2	200	connectmyusers.php Show response cdn.connectad.io/ Frame EA61	1 KB 935 B	38ms 22ms	Document text/html	2606:4700:10::ac43:8ae CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.connectad.io/connectmyusers.php? Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60 Request headers :method GET :authority cdn.connectad.io :scheme https :path /connectmyusers.php? pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ask.fm/ accept-encoding gzip, deflate, br accept-language en-US cookie uid=fJNoDxA3Z9vgxxm0WbUXRNl0zwBSUsmKbJSaMWiz Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers date Wed, 28 Jul 2021 22:10:40 GMT content-type text/html; charset=UTF-8 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6761705d19c505b3-FRA content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H2	200	/ Show response onetag-sys.com/usync/ Frame 27DF	2 KB 823 B	33ms 33ms	Document text/html	51.38.120.206 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/usync/?cb=1627510237486 Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid4.39.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.38.120.206 , France, ASN16276 (OVH, FR), Reverse DNS ip206.ip-51-38-120.eu Software / Resource Hash 37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers :method GET :authority onetag-sys.com :scheme https :path /usync/?cb=1627510237486 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ask.fm/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers content-type text/html cache-control no-transform, no-cache content-encoding gzip content-length 731 strict-transport-security max-age=15552000
GET H2	204	setuid prebid.a-mo.net/ Redirect Chain https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D0cacc8a1-a48a-4c3d-8043-79c305f9b7ac%26D%3D%26bidder%3Dindex_rtb%26uid%3D https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D0cacc8a1-a48a-4c3d-8043-79c305f9b7ac%26D%3D%26bidder%3Dindex_rtb%26uid%3D&s=191503&C=1 https://prebid.a-mo.net/setuid?A=0cacc8a1-a48a-4c3d-8043-79c305f9b7ac&D=&bidder=index_rtb&uid=YQHV4Mf2h-z3aqpS.cmebAAA%261192	0 116 B	111ms 110ms	Image text/plain	147.75.38.124 PACKET
General Check archive.org Show headers Download Go to Show image Full URL https://prebid.a-mo.net/setuid?A=0cacc8a1-a48a-4c3d-8043-79c305f9b7ac&D=&bidder=index_rtb&uid=YQHV4Mf2h-z3aqpS.cmebAAA%261192 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Jul 2021 22:10:40 GMT cache-control max-age=0, private, must-revalidate x-envoy-upstream-service-time 2 server envoy vary Accept-Encoding Redirect headers Pragma no-cache Date Wed, 28 Jul 2021 22:10:40 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://prebid.a-mo.net/setuid?A=0cacc8a1-a48a-4c3d-8043-79c305f9b7ac&D=&bidder=index_rtb&uid=YQHV4Mf2h-z3aqpS.cmebAAA%261192 Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 321 Expires Wed, 28 Jul 2021 22:10:40 GMT
GET H2	204	setuid prebid.a-mo.net/ Redirect Chain https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D0cacc8a1-a48a-4c3d-8043-79c305f9b7ac%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D0cacc8a1-a48a-4c3d-8043-79c305f9b7ac%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID https://prebid.a-mo.net/setuid?A=0cacc8a1-a48a-4c3d-8043-79c305f9b7ac&D=&bidder=pubmatic&uid=2C7495CF-BCCE-4A7E-94D0-0EDEFF9AF2D7	0 121 B	111ms 111ms	Image text/plain	147.75.38.124 PACKET
General Check archive.org Show headers Download Go to Show image Full URL https://prebid.a-mo.net/setuid?A=0cacc8a1-a48a-4c3d-8043-79c305f9b7ac&D=&bidder=pubmatic&uid=2C7495CF-BCCE-4A7E-94D0-0EDEFF9AF2D7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Jul 2021 22:10:40 GMT cache-control max-age=0, private, must-revalidate x-envoy-upstream-service-time 2 server envoy vary Accept-Encoding Redirect headers location https://prebid.a-mo.net/setuid?A=0cacc8a1-a48a-4c3d-8043-79c305f9b7ac&D=&bidder=pubmatic&uid=2C7495CF-BCCE-4A7E-94D0-0EDEFF9AF2D7 date Wed, 28 Jul 2021 22:10:40 GMT cache-control no-store, no-cache, private server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H2	204	setuid prebid.a-mo.net/ Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D0cacc8a1-a48a-4c3d-8043-79c305f9b7ac%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID https://prebid.a-mo.net/setuid?A=0cacc8a1-a48a-4c3d-8043-79c305f9b7ac&D=&bidder=appnexus&uid=3551943937199483238	0 154 B	111ms 111ms	Image text/plain	147.75.38.124 PACKET
General Check archive.org Show headers Download Go to Show image Full URL https://prebid.a-mo.net/setuid?A=0cacc8a1-a48a-4c3d-8043-79c305f9b7ac&D=&bidder=appnexus&uid=3551943937199483238 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Jul 2021 22:10:40 GMT cache-control max-age=0, private, must-revalidate x-envoy-upstream-service-time 2 server envoy vary Accept-Encoding Redirect headers Pragma no-cache Date Wed, 28 Jul 2021 22:10:40 GMT X-Proxy-Origin 185.236.201.227; 185.236.201.227; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid b8103272-54f1-4b5b-be0f-bd146df3122d Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://prebid.a-mo.net/setuid?A=0cacc8a1-a48a-4c3d-8043-79c305f9b7ac&D=&bidder=appnexus&uid=3551943937199483238 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	204	/ onetag-sys.com/usync/	0 52 B	32ms 31ms	Image text/plain	51.38.120.206 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/usync/?tag=img Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.38.120.206 , France, ASN16276 (OVH, FR), Reverse DNS ip206.ip-51-38-120.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000 cache-control no-cache, no-transform
GET H2	204	verizon_video prebid.a-mo.net/setuid/ Redirect Chain https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=0cacc8a1-a48a-4c3d-8043-79c305f9b7ac https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=0cacc8a1-a48a-4c3d-8043-79c305f9b7ac&verify=true https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=0cacc8a1-a48a-4c3d-8043-79c305f9b7ac&apid=UPa53fc051-eff0-11eb-bc80-06130483c6b8 https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=0cacc8a1-a48a-4c3d-8043-79c305f9b7ac&apid=UPa53fc051-eff0-11eb-bc80-06130483c6b8&verify=true https://prebid.a-mo.net/setuid/verizon_video?uid=UPa53fc051-eff0-11eb-bc80-06130483c6b8&gdpr=0&gdpr_consent=	0 124 B	110ms 110ms	Image text/plain	147.75.38.124 PACKET
General Check archive.org Show headers Download Go to Show image Full URL https://prebid.a-mo.net/setuid/verizon_video?uid=UPa53fc051-eff0-11eb-bc80-06130483c6b8&gdpr=0&gdpr_consent= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Jul 2021 22:10:40 GMT cache-control max-age=0, private, must-revalidate x-envoy-upstream-service-time 1 server envoy vary Accept-Encoding Redirect headers Date Wed, 28 Jul 2021 22:10:41 GMT Server ATS/7.1.2.128 Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Location https://prebid.a-mo.net/setuid/verizon_video?uid=UPa53fc051-eff0-11eb-bc80-06130483c6b8&gdpr=0&gdpr_consent= Connection keep-alive Content-Length 0
GET H2	204	setuid prebid.a-mo.net/ Redirect Chain https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D0cacc8a1-a48a-4c3d-8043-79c305f9b7ac%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D0cacc8a1-a48a-4c3d-8043-79c305f9b7ac%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true https://prebid.a-mo.net/setuid?A=0cacc8a1-a48a-4c3d-8043-79c305f9b7ac&D=&bidder=sovrn&uid=5efb7a4ab5fe2707e2f9c316	0 119 B	110ms 109ms	Image text/plain	147.75.38.124 PACKET
General Check archive.org Show headers Download Go to Show image Full URL https://prebid.a-mo.net/setuid?A=0cacc8a1-a48a-4c3d-8043-79c305f9b7ac&D=&bidder=sovrn&uid=5efb7a4ab5fe2707e2f9c316 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Jul 2021 22:10:40 GMT cache-control max-age=0, private, must-revalidate x-envoy-upstream-service-time 1 server envoy vary Accept-Encoding Redirect headers Date Wed, 28 Jul 2021 22:10:40 GMT Server nginx Location https://prebid.a-mo.net/setuid?A=0cacc8a1-a48a-4c3d-8043-79c305f9b7ac&D=&bidder=sovrn&uid=5efb7a4ab5fe2707e2f9c316 Access-Control-Allow-Methods GET, POST, DELETE, PUT Access-Control-Allow-Origin * Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap7ams1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 0
GET H2	204	1 sync-eu.connectad.io/syncer/ Frame 377B	0 0	35ms 29ms	Document text/plain	2606:4700:10::ac43:8ae CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sync-eu.connectad.io/syncer/1 Requested by Host: cdn.connectad.io URL: https://cdn.connectad.io/connectmyusers.php? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :method GET :authority sync-eu.connectad.io :scheme https :path /syncer/1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://cdn.connectad.io/ accept-encoding gzip, deflate, br accept-language en-US cookie cadsync Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://cdn.connectad.io/ Response headers date Wed, 28 Jul 2021 22:10:40 GMT set-cookie id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None cache-control no-cache, private via 1.1 google alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6761705d5a4e05b3-FRA
POST H2	200	48953915 Show response mc.yandex.com/webvisor/	43 B 176 B	48ms 48ms	XHR image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=3&wv-hit=326269779&page-url=https%3A%2F%2Fask.fm%2Fquillcrate008&rn=898044225&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1627510241%3Aw%3A1600x1200%3Av%3A606%3Az%3A120%3Ai%3A202107290001041%3Au%3A1627510234327501622%3Avf%3A4uzkmd4e35cd16k0n%3Awe%3A1%3Ati%3A2%3Ast%3A1627510241 Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 28 Jul 2021 22:10:41 GMT last-modified Wed, 28-Jul-2021 22:10:41 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Wed, 28-Jul-2021 22:10:41 GMT
GET H2	200	setuid sync.quantumdex.io/ Frame D39D Redirect Chain https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-2029e41f-e4fb-4e58-983d-ea90a70af89a	43 B 331 B	131ms 131ms	Image image/gif	2606:4700:20::681a:34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-2029e41f-e4fb-4e58-983d-ea90a70af89a Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Jul 2021 22:10:41 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YaIGmQ%2Bv0YmmUGnGHaQcgHDy2iyN24I6l0FUdN5xwV1ADnDK0kQwzNR%2FD4CHiBkO%2BCUQjEYHaNx4HjJUzH7RmiIg2zkXKfvFhqldlt%2Ba8ljuEpRpBOjWQp8eD33lzCwqxlW0N3orlOAR%2F90WkZy8%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 67617062985d4315-FRA content-length 43 Redirect headers location https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-2029e41f-e4fb-4e58-983d-ea90a70af89a date Wed, 28 Jul 2021 22:10:41 GMT server Apache-Coyote/1.1 content-length 0
GET H2	200	setuid sync.quantumdex.io/ Frame D39D Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5081143696080428468	43 B 320 B	123ms 123ms	Image image/gif	2606:4700:20::681a:34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5081143696080428468 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Jul 2021 22:10:41 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BOpSK0QoIHIt0mvxz58aI8fWp0VKPafulNQwFaLZZSQkF3N5bf93w4hB87VZsyni0SjpmpPx6g4psBsStXiq2tkPTQX4NWfBsaE5yOQAOKwhvAghMFemNTxs4XykE6LsMEUtlt4qyt2zQjjItdsqWA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 676170607bcd4315-FRA content-length 43 Redirect headers Pragma no-cache Date Wed, 28 Jul 2021 22:10:41 GMT X-Proxy-Origin 185.236.201.227; 185.236.201.227; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 647e078d-745e-4347-9c9e-f088ebd45ac2 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5081143696080428468 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	setuid sync.quantumdex.io/ Frame D39D Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5420838695990254616	43 B 328 B	125ms 125ms	Image image/gif	2606:4700:20::681a:34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5420838695990254616 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Jul 2021 22:10:41 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YbHkyIbVsNSolWyxYyEINVDCvoqFWk5wCU8Z0OsgfvIWo2hCXj6Wym8MNRojU79gBt%2BjuTZkaxk4D6P3ud03ij90sQT3lXnb%2BsCgxvqd8wZd%2BIYri2GIE7FPUcJaWatjb2uGl%2Fksn%2Fp2IyZccGfyAg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 67617060ac464315-FRA content-length 43 Redirect headers Pragma no-cache Date Wed, 28 Jul 2021 22:10:41 GMT X-Proxy-Origin 185.236.201.227; 185.236.201.227; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 53fa6b70-5fce-4976-9244-e1377e8d19e9 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5420838695990254616 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	setuid sync.quantumdex.io/ Frame D39D Redirect Chain https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=c4ab6bd6-e3c6-4b80-b14e-9b701b12bb14	43 B 325 B	123ms 123ms	Image image/gif	2606:4700:20::681a:34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=c4ab6bd6-e3c6-4b80-b14e-9b701b12bb14 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Jul 2021 22:10:41 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zCGY4AkYfy57Tnp7JtuVd1ddMMfFIw2eOarm37ad60Q9R9vjXUeAiWlxfl9ZeXUY9Y1F8cnouMEL6tBW%2BBzdEMQLe0Ky7WwxAsG%2FJzacmaCQwz2XgJKcmkLGUYk0gbFMQQWmBR6aHQKQOCLNUX%2Bv8A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 67617061cea84315-FRA content-length 43 Redirect headers location https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=c4ab6bd6-e3c6-4b80-b14e-9b701b12bb14 date Wed, 28 Jul 2021 22:10:41 GMT content-length 0
GET H2	204	pbsync usermatch.targeting.unrulymedia.com/ Frame D39D	0 50 B	296ms 31ms	Image text/plain	213.19.147.45 RHYTHMONE
General Check archive.org Show headers Download Go to Show image Full URL https://usermatch.targeting.unrulymedia.com/pbsync?rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US), Reverse DNS Software Tengine / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Jul 2021 22:10:41 GMT server Tengine
GET H2	200	setuid sync.quantumdex.io/ Frame D39D Redirect Chain https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D https://sync.quantumdex.io/setuid?bidder=sonobi&uid=f5a3b801-45b0-460c-8185-3b2218ad56ff	43 B 331 B	123ms 121ms	Image image/gif	2606:4700:20::681a:34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=sonobi&uid=f5a3b801-45b0-460c-8185-3b2218ad56ff Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Jul 2021 22:10:41 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SEMlnrHpd2i8Q8Zb%2B9ncvCQwYEc4M4lR4ndkysCXsUq8FnMYQFCMzmrNXRmwMoLIH4b%2FwXs0LOMV3VQ%2BCH6vRpemqodUZoLcVxh1zcYf%2FnG3f6w%2Bx5pz7nvuhKdeLNrflsovo%2BzBv%2BzE1Vp0rympSQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 676170621f694315-FRA content-length 43 Redirect headers Pragma no-cache Date Wed, 28 Jul 2021 22:10:41 GMT Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-129 P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Location https://sync.quantumdex.io/setuid?bidder=sonobi&uid=f5a3b801-45b0-460c-8185-3b2218ad56ff Cache-Control no-cache, no-store, private Tcn Choice Content-Type text/plain; charset=utf8 Content-Length 0 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT
GET H2	200	setuid sync.quantumdex.io/ Frame D39D Redirect Chain https://ms.quantumdex.io/user/sync/quantumdex https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=b4fbc017-5dca-4809-837b-d9bc043c832a	43 B 466 B	121ms 121ms	Image image/gif	2606:4700:20::681a:34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=b4fbc017-5dca-4809-837b-d9bc043c832a Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Jul 2021 22:10:41 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oo0IIRAJG550ewsNf7QS2RkhAz8BCIwjWYKbCEZG5Zh6uo%2BJFDujTOixmk4N9aV3J%2FSj%2BMwzoUkajqsIq4VuRLCZkmTz2%2FgjxxldOYAGyuKiL%2FJLjTzIwocoFgoNg7cF6BLcRDO6G0nKCYiNB5izAg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 676170612d694315-FRA content-length 43 Redirect headers date Wed, 28 Jul 2021 22:10:41 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rFtLCIC%2FDULqPGU%2FR3YcwpMjcS7uopoKr9Rzjb%2BqIrvj9h%2FgTaA%2BED3kKJPqpmrGQposgrcx%2FUt8r2NTIXeU3gNAYGYe5YZATTJi%2F4uzLbz8eE0jNglF6Yx%2Bb8L2V9u4WarHfSoEALLRGZ3BfYg%3D"}],"group":"cf-nel","max_age":604800} location https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=b4fbc017-5dca-4809-837b-d9bc043c832a cf-ray 676170600abf4315-FRA content-length 0
GET H2	200	setuid sync.quantumdex.io/ Frame D39D Redirect Chain https://ups.analytics.yahoo.com/ups/58424/occ https://ups.analytics.yahoo.com/ups/58424/occ?verify=true https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-w7DgxBNE2uEuEH5IWPS8abWgXsJHAwL871yVYl4-~A	43 B 327 B	121ms 121ms	Image image/gif	2606:4700:20::681a:34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-w7DgxBNE2uEuEH5IWPS8abWgXsJHAwL871yVYl4-~A Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Jul 2021 22:10:41 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SUVpGDrHcBE9SlXfc4NxDKd8a2x1TLFgLiBvSvQr4k8xWwUs6yA3yAQ57bQRjVU5LyNRzqlzNuq%2BgGdusi63mDT1kslwl2z6VCdcXpjT%2BjQKWGpNLmlzddd1%2FGAeCeuNqbG927xZe1%2FlvShBLSGpFA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 67617060bc5f4315-FRA content-length 43 Redirect headers Date Wed, 28 Jul 2021 22:10:41 GMT Server ATS/7.1.2.128 Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Location https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-w7DgxBNE2uEuEH5IWPS8abWgXsJHAwL871yVYl4-~A Connection keep-alive Content-Length 0
GET H2	200	setuid sync.quantumdex.io/ Frame D39D Redirect Chain https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPa53fc051-eff0-11eb-bc80-06130483c6b8 https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPa53fc051-eff0-11eb-bc80-06130483c6b8	43 B 325 B	127ms 127ms	Image image/gif	2606:4700:20::681a:34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPa53fc051-eff0-11eb-bc80-06130483c6b8 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Jul 2021 22:10:41 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pYRfwa6ajoFqH6SmzYuz2rXj2l36rYw76Aw2kFQU7GU7OZu9OgThowldUSzAvtNyHrk9Wa9jnnaq8Uvu7FujJ9359ffWa0qITMbEFvaw%2FrsCE3OLPEjZ%2FBGIPKvVNbSl93iHlUhIwJQtodkDeQkZOA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 67617060ac3b4315-FRA content-length 43 Redirect headers Date Wed, 28 Jul 2021 22:10:41 GMT Server ATS/7.1.2.128 Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Location https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPa53fc051-eff0-11eb-bc80-06130483c6b8 Connection keep-alive Content-Length 0
GET H2	200	setuid sync.quantumdex.io/ Frame D39D Redirect Chain https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID https://sync.quantumdex.io/setuid?bidder=sovrn&uid=5efb7a4ab5fe2707e2f9c316	43 B 360 B	125ms 124ms	Image image/gif	2606:4700:20::681a:34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=sovrn&uid=5efb7a4ab5fe2707e2f9c316 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Jul 2021 22:10:41 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Fg0ax6tbm3YnOkTGIttTpKLpXOZFCo5zVijg7kvVV1HS50ZdwzjEqpBGdEj4gUV0iExk64X3SBN%2BIq8%2B3TnvsA9kDybOxbVUtg1SZA2MGGZvdvYKRIl4gVN84I2Zl58j%2FrO3TAKsxCND2i8F60tQw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 676170603b244315-FRA content-length 43 Redirect headers Date Wed, 28 Jul 2021 22:10:41 GMT Server nginx Location https://sync.quantumdex.io/setuid?bidder=sovrn&uid=5efb7a4ab5fe2707e2f9c316 Access-Control-Allow-Methods GET, POST, DELETE, PUT Access-Control-Allow-Origin * Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap7ams1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 0
GET H2	200	/ Show response onetag-sys.com/usync/ Frame 92A6	2 KB 823 B	38ms 37ms	Document text/html	51.38.120.206 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/usync/?pubId=2bb78272a859ca6 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.38.120.206 , France, ASN16276 (OVH, FR), Reverse DNS ip206.ip-51-38-120.eu Software / Resource Hash 37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers :method GET :authority onetag-sys.com :scheme https :path /usync/?pubId=2bb78272a859ca6 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://sync.quantumdex.io/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://sync.quantumdex.io/ Response headers content-type text/html cache-control no-transform, no-cache content-encoding gzip content-length 731 strict-transport-security max-age=15552000
GET H/1.1	200 OK	Cookie set usermatch Show response ssum-sec.casalemedia.com/ Frame 48BC	2 KB 3 KB	340ms 80ms	Document text/html	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 987cc33fb5ee7ade06604f79d703d61c974879f0a0fb7e3a8af8141e82a6574f Request headers Host ssum-sec.casalemedia.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://sync.quantumdex.io/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie CMID=YQHV4Mf2h-z3aqpS.cmebAAA; CMPS=5222; CMPRO=1192; CMST=YQHV4GEB1eAA Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://sync.quantumdex.io/ Response headers Server Apache Content-Type text/html Dropped-Udsids 45|230|241|39|190|221|3|105 P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Vary Is-Traffic-Usersync Content-Length 1794 Expires Wed, 28 Jul 2021 22:10:41 GMT Cache-Control max-age=0, no-cache, no-store Pragma no-cache Date Wed, 28 Jul 2021 22:10:41 GMT Connection keep-alive Set-Cookie CMID=YQHV4Mf2h-z3aqpS.cmebAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 28 Jul 2022 22:10:41 GMT CMPS=5222;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 26 Oct 2021 22:10:41 GMT CMPRO=1192;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 26 Oct 2021 22:10:41 GMT CMRUM3=dd6101d5e12760&276101d5e10b40&f16101d5e105a0&be6101d5e105a0&036101d5e105a0&696101d5e105a0&e66101d5e12760&2d6101d5e105a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 28 Jul 2022 22:10:41 GMT CMST=YQHV4GEB1eEA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 29 Jul 2021 22:10:41 GMT
GET H2	200	user_sync.html Show response ads.pubmatic.com/AdServer/js/ Frame 9190	14 KB 5 KB	298ms 39ms	Document text/html	2.18.233.180 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-233-180.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba Request headers :method GET :authority ads.pubmatic.com :scheme https :path /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://sync.quantumdex.io/ accept-encoding gzip, deflate, br accept-language en-US cookie KTPCACOOKIE=true; KADUSERCOOKIE=2C7495CF-BCCE-4A7E-94D0-0EDEFF9AF2D7 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://sync.quantumdex.io/ Response headers last-modified Tue, 15 Jun 2021 06:08:03 GMT etag "1300708-3945-5c4c7cc02bd56" server Apache/2.2.15 (CentOS) accept-ranges bytes content-encoding gzip p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 5054 content-type text/html; charset=UTF-8 cache-control max-age=41918 expires Thu, 29 Jul 2021 09:49:19 GMT date Wed, 28 Jul 2021 22:10:41 GMT vary Accept-Encoding
GET H/1.1	200 OK	Cookie set uc.html Show response sync.go.sonobi.com/ Frame B428	905 B 2 KB	306ms 27ms	Document text/html	178.162.133.149 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-sync.go.sonobi.com Software sonobi-go / Resource Hash b23be76494ce56ee36c9125831ba622172627b24025211bbc33cfe271821b80d Security Headers Name Value X-Xss-Protection 0 Request headers Host sync.go.sonobi.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://sync.quantumdex.io/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://sync.quantumdex.io/ Response headers Date Wed, 28 Jul 2021 22:10:41 GMT Content-Type text/html Transfer-Encoding chunked Expires Sat, 26 Jul 1997 05:00:00 GMT Cache-Control no-cache, no-store, private P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Pragma no-cache Tcn Choice Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-129 X-Xss-Protection 0 Set-Cookie __uqc=1; expires=Thu, 29 Jul 2021 00:10:40 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uis=39dbc767-2b19-4cc2-bd84-d1bb4d5c875d; expires=Fri, 27 Aug 2021 22:10:40 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_td=1; expires=Thu, 29 Jul 2021 22:10:40 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_bw=1; expires=Thu, 29 Jul 2021 06:10:40 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_mm=1; expires=Thu, 12 Aug 2021 22:10:40 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_pp=1; expires=Tue, 10 Aug 2021 22:10:40 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_zt=1; expires=Tue, 10 Aug 2021 22:10:40 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_rx=1; expires=Thu, 12 Aug 2021 22:10:40 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None __uir_eb=1; expires=Tue, 10 Aug 2021 22:10:40 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None HAPLB5S=s57129|YQHV5; path=/; domain=.go.sonobi.com Content-Encoding gzip Server sonobi-go
GET H/1.1	200 OK	Cookie set usermatch Show response ssum-sec.casalemedia.com/ Frame A227	2 KB 3 KB	294ms 45ms	Document text/html	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/um/ixmatch.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 8348a453520ac23153ec94703d649b50d852e99147135de00d7504a54aceed19 Request headers Host ssum-sec.casalemedia.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://js-sec.indexww.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie CMID=YQHV4Mf2h-z3aqpS.cmebAAA; CMPS=5222; CMPRO=1192; CMST=YQHV4GEB1eAA Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://js-sec.indexww.com/ Response headers Server Apache Content-Type text/html Dropped-Udsids 39|230|241|45|41|3|64|81 P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Vary Is-Traffic-Usersync Content-Length 1717 Expires Wed, 28 Jul 2021 22:10:41 GMT Cache-Control max-age=0, no-cache, no-store Pragma no-cache Date Wed, 28 Jul 2021 22:10:41 GMT Connection keep-alive Set-Cookie CMID=YQHV4Mf2h-z3aqpS.cmebAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 28 Jul 2022 22:10:41 GMT CMPS=5222;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 26 Oct 2021 22:10:41 GMT CMPRO=1192;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 26 Oct 2021 22:10:41 GMT CMST=YQHV4GEB1eEA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 29 Jul 2021 22:10:41 GMT CMRUM3=276101d5e10b40&406101d5e105a0&296101d5e105a0&f16101d5e105a0&516101d5e105a0&036101d5e105a0&e66101d5e12760&2d6101d5e105a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 28 Jul 2022 22:10:41 GMT
GET H/1.1	200 OK	bounce Show response ib.adnxs.com/ Frame 4B0A Redirect Chain https://ib.adnxs.com/async_usersync?cbfn=queuePixels https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels	0 807 B	37ms 32ms	Script text/html	185.33.223.178 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 28 Jul 2021 22:10:41 GMT X-Proxy-Origin 185.236.201.227; 185.236.201.227; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid b9e003cc-cc66-4a83-bf41-51415f61558f Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Wed, 28 Jul 2021 22:10:41 GMT X-Proxy-Origin 185.236.201.227; 185.236.201.227; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 88411829-b4ef-4b55-8b66-3d72e878689f Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	PugMaster Show response image6.pubmatic.com/AdServer/ Frame 9190	0 42 B	93ms 25ms	Script text/plain	185.64.189.115 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=81674213&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Jul 2021 22:10:41 GMT content-length 0
GET H2	200	casale match.adsrvr.org/track/cmf/ Frame A227	70 B 264 B	134ms 39ms	Image image/gif	76.223.111.131 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YQHV4Mf2h-z3aqpS.cmebAAA Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 76.223.111.131 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a97adde81b00f2ca4.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 28 Jul 2021 22:10:41 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H/1.1	200 OK	usermatchredir ssum-sec.casalemedia.com/ Frame A227 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQHV4Mf2h_z3aqpS-cmebAAABKgAAAIB&gdpr_consent=&us_privacy=&gdpr= https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YQHV4Mf2h_z3aqpS-cmebAAABKgAAAIB&gdpr_consent=&us_privacy=&gdpr=&google_tc= https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELiwJ1Tzq7cqiQvkP-v7aPE&google_cver=1	43 B 315 B	83ms 81ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELiwJ1Tzq7cqiQvkP-v7aPE&google_cver=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 28 Jul 2021 22:10:41 GMT Server Apache Vary Is-Traffic-Usersync Content-Type image/gif Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 43 Expires Wed, 28 Jul 2021 22:10:41 GMT Redirect headers pragma no-cache date Wed, 28 Jul 2021 22:10:41 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELiwJ1Tzq7cqiQvkP-v7aPE&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 342 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	dcm s.amazon-adsystem.com/ Frame A227 Redirect Chain https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YQHV4Mf2h_z3aqpS-cmebAAABKgAAAIB https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YQHV4Mf2h_z3aqpS-cmebAAABKgAAAIB&dcc=t	43 B 932 B	138ms 137ms	Image image/gif	209.54.177.54 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YQHV4Mf2h_z3aqpS-cmebAAABKgAAAIB&dcc=t Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 28 Jul 2021 22:10:42 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid XVG3CCRTEC1JY836AP23 Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Wed, 28 Jul 2021 22:10:41 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid 4NHTRGPJ7RTJV0G7F6T3 Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YQHV4Mf2h_z3aqpS-cmebAAABKgAAAIB&dcc=t Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame A227 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YQHV4Mf2h-z3aqpS.cmebAAA https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDKRi7LJo5LX-X7Zv9C2wXs&google_cver=1&google_hm=2	43 B 999 B	84ms 43ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDKRi7LJo5LX-X7Zv9C2wXs&google_cver=1&google_hm=2 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 28 Jul 2021 22:10:41 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Wed, 28 Jul 2021 22:10:41 GMT Redirect headers pragma no-cache date Wed, 28 Jul 2021 22:10:41 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDKRi7LJo5LX-X7Zv9C2wXs&google_cver=1&google_hm=2 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 330 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	bridge cm.adgrx.com/ Frame A227	43 B 408 B	96ms 28ms	Image image/gif	72.251.241.196 VOXEL-DOT-NET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 72.251.241.196 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US), Reverse DNS Software Cowboy / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 28 Jul 2021 22:10:41 GMT server Cowboy P3P CP="NOI OTC OTP OUR NOR" Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate, proxy-revalidate Connection keep-alive Content-Type image/gif X-RealServer-NX ams-delivery-5 Content-Length 43 Expires Thu, 23 Sep 2004 17:42:04 GMT
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame A227 Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=57f96101-d5e1-4c00-89f2-405462dedbeb	43 B 1008 B	122ms 53ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=57f96101-d5e1-4c00-89f2-405462dedbeb Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 28 Jul 2021 22:10:41 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Wed, 28 Jul 2021 22:10:41 GMT Redirect headers Date Wed, 28 Jul 2021 22:10:02 GMT Server MT3 3810 5cb7d7e master cdg-pixel-x14 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=57f96101-d5e1-4c00-89f2-405462dedbeb Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Wed, 28 Jul 2021 22:10:01 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame A227 Redirect Chain https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48 https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=52bf027f-ef14-4ecb-a66f-01adb1585e65-6101d5e1-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i... https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=52bf027f-ef14-4ecb-a66f-01adb1585e65-6101d5e1-4348&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D64... https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=52bf027f-ef14-4ecb-a66f-01adb1585e65-6101d5e1-4348&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_i... https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=52bf027f-ef14-4ecb-a66f-01adb1585e65-6101d5e1-4348&expiration=1630102241	43 B 1 KB	57ms 56ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=52bf027f-ef14-4ecb-a66f-01adb1585e65-6101d5e1-4348&expiration=1630102241 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 28 Jul 2021 22:10:42 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Wed, 28 Jul 2021 22:10:42 GMT Redirect headers location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=52bf027f-ef14-4ecb-a66f-01adb1585e65-6101d5e1-4348&expiration=1630102241 date Wed, 28 Jul 2021 22:10:42 GMT via 1.1 google alt-svc clear content-length 0 strict-transport-security max-age=31536000 p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame A227 Redirect Chain https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=niPMO8wnmTuFK5ppzifRPc4mzTmFIskzmCohXcZS	43 B 1 KB	149ms 54ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=niPMO8wnmTuFK5ppzifRPc4mzTmFIskzmCohXcZS Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 28 Jul 2021 22:10:41 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Wed, 28 Jul 2021 22:10:41 GMT Redirect headers pragma no-cache date Wed, 28 Jul 2021 22:10:41 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=niPMO8wnmTuFK5ppzifRPc4mzTmFIskzmCohXcZS cache-control private, no-cache, no-store, proxy-revalidate content-length 0 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H/1.1	200 OK	htw-pixel.gif js-sec.indexww.com/ht/ Frame A227	43 B 425 B	52ms 48ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://js-sec.indexww.com/ht/htw-pixel.gif?YQHV4Mf2h-z3aqpS.cmebAAA%261192 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 28 Jul 2021 22:10:41 GMT Last-Modified Tue, 24 Jan 2017 19:36:04 GMT Server Apache ETag "da1f1d-2b-546dc3a097100" P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=3498 Connection keep-alive Accept-Ranges bytes Content-Type image/gif Content-Length 43 Expires Wed, 28 Jul 2021 23:08:59 GMT
GET H/1.1	200 OK	us.gif sync.go.sonobi.com/ Frame B428 Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=4d443a3ea2&gdpr=0&gdpr_consent= https://match.adsrvr.org/track/cmb/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=4d443a3ea2&gdpr=0&gdpr_consent= https://sync.go.sonobi.com/us.gif?nw=td&nuid=80c406ce-193a-4ac3-b4c1-83a42b09f513&pubid=4d443a3ea2	49 B 927 B	30ms 27ms	Image image/gif	178.162.133.149 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/us.gif?nw=td&nuid=80c406ce-193a-4ac3-b4c1-83a42b09f513&pubid=4d443a3ea2 Requested by Host: sync.go.sonobi.com URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-sync.go.sonobi.com Software sonobi-go / Resource Hash 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://sync.go.sonobi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 28 Jul 2021 22:10:41 GMT Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-9 P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache, no-store, private Tcn Choice Content-Type image/gif Content-Length 49 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Wed, 28 Jul 2021 22:10:41 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://sync.go.sonobi.com/us.gif?nw=td&nuid=80c406ce-193a-4ac3-b4c1-83a42b09f513&pubid=4d443a3ea2 cache-control private,no-cache, must-revalidate content-type text/html content-length 227
GET H/1.1	200 OK	us.gif sync.go.sonobi.com/ Frame B428 Redirect Chain https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent= https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=6f9d1ddb-408b-495a-a1d6-d650e8d8646f&google_hm=NmY5ZDFkZGItNDA4Yi00OTVhLWExZDYtZDY1MGU4ZDg2NDZm https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEOv8XqoQFhiPNPr3IIcWkPg&google_cver=1&ssp=sonobi&bsw_param=6f9d1ddb-408b-495a-a1d6-d650e8d8646f https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=6f9d1ddb-408b-495a-a1d6-d650e8d8646f	49 B 931 B	27ms 26ms	Image image/gif	178.162.133.149 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=6f9d1ddb-408b-495a-a1d6-d650e8d8646f Requested by Host: sync.go.sonobi.com URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-sync.go.sonobi.com Software sonobi-go / Resource Hash 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://sync.go.sonobi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 28 Jul 2021 22:10:41 GMT Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-129 P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache, no-store, private Tcn Choice Content-Type image/gif Content-Length 49 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT Redirect headers location //sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=6f9d1ddb-408b-495a-a1d6-d650e8d8646f date Wed, 28 Jul 2021 22:10:41 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H/1.1	200 OK	us.gif sync.go.sonobi.com/ Frame B428 Redirect Chain https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=61bc6101-d5e1-4400-82b8-70ee3d80b8c5	49 B 931 B	28ms 27ms	Image image/gif	178.162.133.149 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=61bc6101-d5e1-4400-82b8-70ee3d80b8c5 Requested by Host: sync.go.sonobi.com URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-sync.go.sonobi.com Software sonobi-go / Resource Hash 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://sync.go.sonobi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 28 Jul 2021 22:10:41 GMT Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-129 P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache, no-store, private Tcn Choice Content-Type image/gif Content-Length 49 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT Redirect headers Date Wed, 28 Jul 2021 22:10:02 GMT Server MT3 3810 5cb7d7e master cdg-pixel-x25 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=61bc6101-d5e1-4400-82b8-70ee3d80b8c5 Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Wed, 28 Jul 2021 22:10:01 GMT
GET H/1.1	200 OK	us.gif sync.go.sonobi.com/ Frame B428 Redirect Chain https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=39dbc767-2b19-4cc2-bd84-d1bb4d5c875d&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=ZHZ5WHlmRnBISzhmUHNRaHpOcWd0QQ&gdpr=&gdpr_consent= https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEIVjTl_G3Mbzb1eQ4bZkSEc&google_cver=1 https://sync.go.sonobi.com/us.gif?nw=pp&nuid=TIqOf93RBcv0	49 B 907 B	27ms 25ms	Image image/gif	178.162.133.149 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/us.gif?nw=pp&nuid=TIqOf93RBcv0 Requested by Host: sync.go.sonobi.com URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-sync.go.sonobi.com Software sonobi-go / Resource Hash 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://sync.go.sonobi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 28 Jul 2021 22:10:42 GMT Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-129 P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache, no-store, private Tcn Choice Content-Type image/gif Content-Length 49 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT Redirect headers strict-transport-security max-age=15768000 server Jetty(9.4.14.v20181114) p3p policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT" content-language en-US location https://sync.go.sonobi.com/us.gif?nw=pp&nuid=TIqOf93RBcv0 cache-control private, max-age=0, no-cache, no-store cw-server bh-deployment-589cbd599f-kz2vk expires -1
GET H/1.1	200 OK	us.gif sync.go.sonobi.com/ Frame B428 Redirect Chain https://p.rfihub.com/cm?pub=35683&in=1 https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1871316021985262079	49 B 914 B	26ms 26ms	Image image/gif	178.162.133.149 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1871316021985262079 Requested by Host: sync.go.sonobi.com URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-sync.go.sonobi.com Software sonobi-go / Resource Hash 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://sync.go.sonobi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 28 Jul 2021 22:10:41 GMT Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-129 P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache, no-store, private Tcn Choice Content-Type image/gif Content-Length 49 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT Redirect headers Location https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1871316021985262079 Date Wed, 28 Jul 2021 22:10:41 GMT Server Jetty(9.3.29.v20201019) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H/1.1	200 OK	us.gif sync.go.sonobi.com/ Frame B428 Redirect Chain https://sync.1rx.io/usersync2/sonobi&gdpr=0&gdpr_consent= https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=375455470 https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=375455470 https://sync.1rx.io/usersync/tradedesk/a132b6d6-60cb-4291-8866-d11de8be647b https://sync.targeting.unrulymedia.com/csync/RX-0a6cab2c-1746-46a5-863e-1eeac76035a9-003?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Drhythmxchange%26nuid%3DRX-0a6cab2c-1746-46a5-863e-1ee... https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-0a6cab2c-1746-46a5-863e-1eeac76035a9-003	49 B 938 B	30ms 25ms	Image image/gif	178.162.133.149 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-0a6cab2c-1746-46a5-863e-1eeac76035a9-003 Requested by Host: sync.go.sonobi.com URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-sync.go.sonobi.com Software sonobi-go / Resource Hash 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://sync.go.sonobi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 28 Jul 2021 22:10:41 GMT Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-129 P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache, no-store, private Tcn Choice Content-Type image/gif Content-Length 49 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT Redirect headers location https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-0a6cab2c-1746-46a5-863e-1eeac76035a9-003 date Wed, 28 Jul 2021 22:10:41 GMT server Tengine p3p CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why" etag RX0a6cab2c174646a5863e1eeac76035a9003 content-type text/html
GET H/1.1	200 OK	usg.gif sync.go.sonobi.com/ Frame B428 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=MzlkYmM3NjctMmIxOS00Y2MyLWJkODQtZDFiYjRkNWM4NzVk https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm=&google_hm=MzlkYmM3NjctMmIxOS00Y2MyLWJkODQtZDFiYjRkNWM4NzVk&google_tc= https://sync.go.sonobi.com/usg.gif?google_gid=CAESEO4zpjPuRty-7nqsyyVRmFE&google_cver=1	49 B 925 B	27ms 25ms	Image image/gif	178.162.133.149 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/usg.gif?google_gid=CAESEO4zpjPuRty-7nqsyyVRmFE&google_cver=1 Requested by Host: sync.go.sonobi.com URL: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-sync.go.sonobi.com Software sonobi-go / Resource Hash 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://sync.go.sonobi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 28 Jul 2021 22:10:41 GMT Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-129 P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache, no-store, private Tcn Choice Content-Type image/gif Content-Length 49 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Wed, 28 Jul 2021 22:10:41 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://sync.go.sonobi.com/usg.gif?google_gid=CAESEO4zpjPuRty-7nqsyyVRmFE&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 288 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame 48BC Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YQHV4Mf2h-z3aqpS.cmebAAA https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDKRi7LJo5LX-X7Zv9C2wXs&google_cver=1&google_hm=2	43 B 1 KB	80ms 53ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDKRi7LJo5LX-X7Zv9C2wXs&google_cver=1&google_hm=2 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 28 Jul 2021 22:10:41 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Wed, 28 Jul 2021 22:10:41 GMT Redirect headers pragma no-cache date Wed, 28 Jul 2021 22:10:41 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDKRi7LJo5LX-X7Zv9C2wXs&google_cver=1&google_hm=2 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 330 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	usermatchredir ssum-sec.casalemedia.com/ Frame 48BC Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQHV4Mf2h_z3aqpS-cmebAAABKgAAAIB&gdpr_consent=&us_privacy=&gdpr= https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YQHV4Mf2h_z3aqpS-cmebAAABKgAAAIB&gdpr_consent=&us_privacy=&gdpr=&google_tc= https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEA_h_wqf4u73TD30z4g8grQ&google_cver=1	43 B 315 B	42ms 40ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEA_h_wqf4u73TD30z4g8grQ&google_cver=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 28 Jul 2021 22:10:41 GMT Server Apache Vary Is-Traffic-Usersync Content-Type image/gif Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 43 Expires Wed, 28 Jul 2021 22:10:41 GMT Redirect headers pragma no-cache date Wed, 28 Jul 2021 22:10:41 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEA_h_wqf4u73TD30z4g8grQ&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 342 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	dcm s.amazon-adsystem.com/ Frame 48BC Redirect Chain https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YQHV4Mf2h_z3aqpS-cmebAAABKgAAAIB https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YQHV4Mf2h_z3aqpS-cmebAAABKgAAAIB&dcc=t	43 B 932 B	133ms 133ms	Image image/gif	209.54.177.54 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YQHV4Mf2h_z3aqpS-cmebAAABKgAAAIB&dcc=t Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 28 Jul 2021 22:10:42 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid HZHJMV0D9FE0XASPMFYD Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Wed, 28 Jul 2021 22:10:41 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid 6H7KPX6YKYA18S78FXPR Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YQHV4Mf2h_z3aqpS-cmebAAABKgAAAIB&dcc=t Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	casale match.adsrvr.org/track/cmf/ Frame 48BC	70 B 264 B	91ms 39ms	Image image/gif	76.223.111.131 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YQHV4Mf2h-z3aqpS.cmebAAA Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 76.223.111.131 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a97adde81b00f2ca4.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 28 Jul 2021 22:10:41 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H/1.1	200 OK	crum dsum.casalemedia.com/ Frame 48BC Redirect Chain https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3290914281251210568	43 B 991 B	127ms 42ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3290914281251210568 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 28 Jul 2021 22:10:41 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Wed, 28 Jul 2021 22:10:41 GMT Redirect headers Pragma no-cache Date Wed, 28 Jul 2021 22:10:41 GMT X-Proxy-Origin 185.236.201.227; 185.236.201.227; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 8ced36fd-7042-4c42-81e8-9aed4fa551ff Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3290914281251210568 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	tpid=YQHV4Mf2h-z3aqpS.cmebAAA%261192 bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame 48BC Redirect Chain https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YQHV4Mf2h-z3aqpS.cmebAAA%261192?gdpr_consent=&us_privacy=&gdpr= https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YQHV4Mf2h-z3aqpS.cmebAAA%261192?gdpr_consent=&us_privacy=&gdpr=	49 B 736 B	57ms 57ms	Image image/gif	52.48.137.92 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YQHV4Mf2h-z3aqpS.cmebAAA%261192?gdpr_consent=&us_privacy=&gdpr= Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-48-137-92.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 28 Jul 2021 22:10:42 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.45.30.17 content-type image/gif content-length 49 expires 0 Redirect headers pragma no-cache date Wed, 28 Jul 2021 22:10:42 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV location https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YQHV4Mf2h-z3aqpS.cmebAAA%261192?gdpr_consent=&us_privacy=&gdpr= cache-control no-cache x-server 10.45.1.173 content-length 0 expires 0
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame 48BC Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=09486101-d5e1-4400-9c46-68e25564c37e	43 B 1008 B	110ms 54ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=09486101-d5e1-4400-9c46-68e25564c37e Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 28 Jul 2021 22:10:41 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Wed, 28 Jul 2021 22:10:41 GMT Redirect headers Date Wed, 28 Jul 2021 22:10:02 GMT Server MT3 3810 5cb7d7e master cdg-pixel-x15 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=09486101-d5e1-4400-9c46-68e25564c37e Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Wed, 28 Jul 2021 22:10:01 GMT
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame 48BC Redirect Chain https://d.adroll.com/cm/index/ssp https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0	43 B 1 KB	57ms 56ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 28 Jul 2021 22:10:42 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Wed, 28 Jul 2021 22:10:42 GMT Redirect headers location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0 date Wed, 28 Jul 2021 22:10:42 GMT server nginx/1.20.0 content-length 76
GET H2	200	setuid sync.quantumdex.io/ Frame 48BC	43 B 365 B	125ms 120ms	Image image/gif	2606:4700:20::681a:34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=ix&uid=YQHV4Mf2h_z3aqpS-cmebAAABKgAAAIB Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Jul 2021 22:10:41 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZA3cqlT%2FykDLmwqoEjIsA7XrgkywTAjhdQz0%2FECSQl0CAdwDVd3%2B865treuOzRuu2xP8dQBII8AImAvUyXC6lvW6%2FAeqPe3Mz7%2BX8sPHxEwoNSRLpJpRP%2FkcySIRyIy4nK2wNs831vYcDPwlBvBOIw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 6761706278224315-FRA content-length 43
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame 4B0A	0 735 B	33ms 32ms	Script text/html	185.33.223.178 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 28 Jul 2021 22:10:42 GMT X-Proxy-Origin 185.236.201.227; 185.236.201.227; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid ca34304e-1124-4d50-be4c-a97094dc2a0f Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT