ask.fm Open in urlscan Pro
193.138.77.141  Public Scan

14 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

• https://mc.yandex.com/sync_cookie_image_check HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9371.raXden5Pv8IbSEUbEMv93l7H01KwHHQGS6LSdS04o5zHG-olO4sh8zP2CtV9zkly.n4MQ1U6VbTPuDLxgw7a1_cjg4mY%2C HTTP 302
• https://mc.yandex.com/sync_cookie_image_decide?token=9371.SaHFyMCwv0DMujOgEjbmIaZBFI69Rz5uAgMGjmb-1VszXG0UN06FjgMCJN9k-VDeas-RTxwUplNEH4-SKCsn2w%2C%2C.5azUu0brLtJ4wdUOM2QgQJVwQhQ%2C

Request Chain 34

• https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Frodmail212&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A768%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A621%3Acn%3A1%3Adp%3A0%3Als%3A1491077795723%3Ahid%3A919121401%3Az%3A120%3Ai%3A202108201501041%3Aet%3A1629465041%3Ac%3A1%3Arn%3A224694019%3Au%3A16294650411004662656%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629465040094%3Ads%3A1%2C345%2C180%2C4%2C0%2C0%2C%2C105%2C7%2C%2C%2C%2C635%3Adsn%3A1%2C345%2C181%2C3%2C0%2C0%2C%2C105%2C7%2C%2C%2C%2C636%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629465041%3At%3AAccount%20Suspended%20-%20Ask.fm HTTP 302
• https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Frodmail212&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A768%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A621%3Acn%3A1%3Adp%3A0%3Als%3A1491077795723%3Ahid%3A919121401%3Az%3A120%3Ai%3A202108201501041%3Aet%3A1629465041%3Ac%3A1%3Arn%3A224694019%3Au%3A16294650411004662656%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629465040094%3Ads%3A1%2C345%2C180%2C4%2C0%2C0%2C%2C105%2C7%2C%2C%2C%2C635%3Adsn%3A1%2C345%2C181%2C3%2C0%2C0%2C%2C105%2C7%2C%2C%2C%2C636%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629465041%3At%3AAccount%20Suspended%20-%20Ask.fm

Request Chain 45

• https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=nmFO9nwyNTQwcEtqMzNsOHlNWTdEQUptcW50ZjdKcHFMSWM0U0NEWjdnWXJUUDBHcmVkVjhsVVM5aHE0aGJxNE1HQVMzOHRxN1EwMnp1ai8zK3JwOWRPcjdFOWJXYlZ2OTlFU0FHQ1pDSkE1R2piWlh6bEQ3YzRQUGthcld0ZFA0K2x5US9zSmhOb0R4Y3BIcDVyaDZFQU95ZnpVdHY4TE9CNDJ0aW5mZ3dwTVUrUDVsK1lxUUpuWExMOVJrdW44M2RxQ1VrcnhZVzdIVitBNFVEYTdsSTAvVitRPT18&cppv=2

Request Chain 75

• https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da72d4891-075f-480d-8358-d663d3a8c873%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
• https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da72d4891-075f-480d-8358-d663d3a8c873%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
• https://prebid.a-mo.net/setuid?A=a72d4891-075f-480d-8358-d663d3a8c873&D=&bidder=pubmatic&uid=93CAF91F-E979-4128-B38F-DBA086DC6759

Request Chain 76

• https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da72d4891-075f-480d-8358-d663d3a8c873%26D%3D%26bidder%3Dindex_rtb%26uid%3D HTTP 302
• https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da72d4891-075f-480d-8358-d663d3a8c873%26D%3D%26bidder%3Dindex_rtb%26uid%3D&s=191503&C=1 HTTP 302
• https://prebid.a-mo.net/setuid?A=a72d4891-075f-480d-8358-d663d3a8c873&D=&bidder=index_rtb&uid=YR.p1QTdEnblU2IzOPKGowAA%261136

Request Chain 77

• https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=a72d4891-075f-480d-8358-d663d3a8c873 HTTP 302
• https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=a72d4891-075f-480d-8358-d663d3a8c873&verify=true HTTP 302
• https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=a72d4891-075f-480d-8358-d663d3a8c873&apid=UP0773ea3e-01b8-11ec-87e8-06463838ddb8 HTTP 302
• https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=a72d4891-075f-480d-8358-d663d3a8c873&apid=UP0773ea3e-01b8-11ec-87e8-06463838ddb8&verify=true HTTP 302
• https://prebid.a-mo.net/setuid/verizon_video?uid=UP0773ea3e-01b8-11ec-87e8-06463838ddb8&gdpr=0&gdpr_consent=

Request Chain 78

• https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da72d4891-075f-480d-8358-d663d3a8c873%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253Da72d4891-075f-480d-8358-d663d3a8c873%2526D%253D%2526bidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
• https://prebid.a-mo.net/setuid?A=a72d4891-075f-480d-8358-d663d3a8c873&D=&bidder=appnexus&uid=2318151539258726895

Request Chain 79

• https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da72d4891-075f-480d-8358-d663d3a8c873%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
• https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da72d4891-075f-480d-8358-d663d3a8c873%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
• https://prebid.a-mo.net/setuid?A=a72d4891-075f-480d-8358-d663d3a8c873&D=&bidder=sovrn&uid=e46024ad4757de0a02a3cf02

Request Chain 85

• https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
• https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Request Chain 86

• https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
• https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
• https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-lY10lplE2uHPf5Ka.6OI_e3XKns.HULnPgYrarA-~A

Request Chain 87

• https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
• https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=d25bd7a5-6a68-4d79-aed7-447a98693b25

Request Chain 88

• https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
• https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2318151539258726895

Request Chain 89

• https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
• https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP0773ea3e-01b8-11ec-87e8-06463838ddb8 HTTP 302
• https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP0773ea3e-01b8-11ec-87e8-06463838ddb8&verify=true HTTP 302
• https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP0773ea3e-01b8-11ec-87e8-06463838ddb8

Request Chain 91

• https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
• https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2318151539258726895

Request Chain 92

• https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
• https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=27e8f049-2199-4e53-9ce3-823994b802a9

Request Chain 93

• https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
• https://sync.quantumdex.io/setuid?bidder=sovrn&uid=e46024ad4757de0a02a3cf02

Request Chain 98

• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YR-p1QTdEnblU2IzOPKGowAABHAAAAIB HTTP 302
• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YR-p1QTdEnblU2IzOPKGowAABHAAAAIB&dcc=t

Request Chain 99

• https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YR.p1QTdEnblU2IzOPKGowAA HTTP 302
• https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YR.p1QTdEnblU2IzOPKGowAA&google_tc= HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPAbiUascQ9kCvljmm_B67E&google_cver=1&gdpr=1&google_hm=2

Request Chain 100

• https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YR-p1QTdEnblU2IzOPKGowAABHAAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YR-p1QTdEnblU2IzOPKGowAABHAAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPXA3zSkTnpj_u5KVUceUKw&google_cver=1

Request Chain 103

• https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1632057045

Request Chain 106

• https://um2.eqads.com/um/cs HTTP 302
• https://um2.eqads.com/um/cs&eq_cc=1

Request Chain 108

• https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YR-p1QTdEnblU2IzOPKGowAABHAAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YR-p1QTdEnblU2IzOPKGowAABHAAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEN9s1W2XKJsUMHjp92TMwN8&google_cver=1

Request Chain 109

• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YR-p1QTdEnblU2IzOPKGowAABHAAAAIB HTTP 302
• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YR-p1QTdEnblU2IzOPKGowAABHAAAAIB&dcc=t

Request Chain 110

• https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YR.p1QTdEnblU2IzOPKGowAA HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED7KZ9nuevxrpNn3-ygI-3A&google_cver=1&gdpr=1&google_hm=2

Request Chain 111

• https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=6501611f-a9d5-4e00-a221-c664ad4438a7&gdpr=1&gdpr_consent=

Request Chain 112

• https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YR.p1QTdEnblU2IzOPKGowAA%261136?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
• https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YR.p1QTdEnblU2IzOPKGowAA%261136?gdpr_consent=&us_privacy=&gdpr=1

Request Chain 114

• https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
• https://um.simpli.fi/no_match_opted_out

121 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	410 Gone	Primary Request Cookie set rodmail212 Show response ask.fm/	11 KB 13 KB	527ms 180ms	Document text/html	193.138.77.141 ASK-FM
General Check archive.org Show headers Download Go to Full URL https://ask.fm/rodmail212 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.138.77.141 , Latvia, ASN395754 (ASK-FM, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 84ac31f4b3f998031da23724eed29d7a18e7bf49c317eaa1a63ee7187b70f945 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Host ask.fm Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Status 410 Gone Cache-Control no-cache X-Frame-Options SAMEORIGIN X-XSS-Protection 1; mode=block X-Content-Type-Options nosniff Date Fri, 20 Aug 2021 13:10:40 GMT Set-Cookie locale=en; path=/; expires=Sat, 20 Aug 2022 19:10:40 -0000 uuid=a09c0758-ae24-42bb-a3b2-58458853c8e1; path=/; expires=Sat, 20 Aug 2022 19:10:40 -0000; secure; HttpOnly country=CZ; path=/; expires=Sat, 20 Aug 2022 19:10:40 -0000 _m_ask_fm_session=TksrQnRXdXNDZVRzbVFMZVd0VkVaQU40RjIyc1dvRFJwQlRoMnk3aSsrNG9TcGNHRXZyV3RKUjR5OG5YNzllcEQ3cDZLbXNiZ0NlNmdKTHpEQjgvMXB5M0hUM2NoaXFsbDM1c1U4ZEw1MGlBZ1crSjlrbWxRakRxNUh6ZSs1b09iZkh3RE1HcXUrcGcrQlhQb1dBelZIUm12eGp6anc2Tm5tdy90OS9iNHpPWW1Cd1ZvL3VneU54aEQyZi9YZjI3Z2VqeVlEam1OMDhtSjd2NU9FcXU1V1ZGbnFPcXo1d044aEhtendlUDM3cmtjcWdOc241VUhPdEFBV1lqamw4TS0tSUFLV3Q1RFJrcWNaRk00NUsvOGsrQT09--9064e39380cbb12d558f119d43229886aac1489f; path=/; expires=Mon, 23 Aug 2021 13:10:40 -0000; secure; HttpOnly Server Ask.FM Web Service Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000
GET H2	200	application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css d3r6ceqp4shltl.cloudfront.net/assets/	184 KB 39 KB	54ms 13ms	Stylesheet text/css	2600:9000:21f3:f800:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css Requested by Host: ask.fm URL: https://ask.fm/rodmail212 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:f800:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 6bf4d1a5ab84231d4d77a7aa49811be50601ad46f93002a7dfc4b29403980787 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 12:23:34 GMT content-encoding gzip age 175626 x-cache Hit from cloudfront access-control-max-age 3000 content-length 39692 access-control-allow-origin https://ask.fm last-modified Wed, 18 Aug 2021 12:19:47 GMT server Ask.FM Web Service etag "611cfae3-9b0c" strict-transport-security max-age=63072000 access-control-allow-methods GET content-type text/css via 1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront) cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA2-C2 x-amz-cf-id duXoYKr6GA5PLrcGSE5myD5jjKBk64IRoNkxigatVBd4SPEFvNNz-A== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js Show response d3r6ceqp4shltl.cloudfront.net/assets/	217 KB 68 KB	54ms 13ms	Script application/javascript	2600:9000:21f3:f800:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js Requested by Host: ask.fm URL: https://ask.fm/rodmail212 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:f800:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 12:06:37 GMT content-encoding gzip age 176643 x-cache Hit from cloudfront access-control-max-age 3000 content-length 69074 access-control-allow-origin https://ask.fm last-modified Wed, 18 Aug 2021 07:22:53 GMT server Ask.FM Web Service etag "611cb54d-10dd2" strict-transport-security max-age=63072000 access-control-allow-methods GET content-type application/javascript via 1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront) cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA2-C2 x-amz-cf-id 1wKrcoGKj0Vi0DlXosZ7_9Ub7METUVScWK6XejuMygPGALNQjFndcA== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	account-suspended.gif d3r6ceqp4shltl.cloudfront.net/images/errors/	380 KB 380 KB	18ms 18ms	Image image/gif	2600:9000:21f3:f800:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3r6ceqp4shltl.cloudfront.net/images/errors/account-suspended.gif Requested by Host: ask.fm URL: https://ask.fm/rodmail212 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:f800:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash b570d38ee9fb9d3c62cdd3395021b23cf0c1b8d6e55aa0f4c31496723a30c202 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 15:38:28 GMT via 1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront) age 163932 x-cache Hit from cloudfront content-length 388641 last-modified Wed, 18 Aug 2021 12:19:47 GMT server Ask.FM Web Service etag "611cfae3-5ee21" strict-transport-security max-age=63072000 content-type image/gif cache-control max-age=315360000, public content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA2-C2 accept-ranges bytes x-amz-cf-id 61o-H5_fZkYoavTsN6caFRqrAw5gw3uSmrMO5SGHw2lVENTdt52oKQ== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	tag.js Show response mc.yandex.ru/metrika/	224 KB 72 KB	152ms 50ms	Script application/javascript	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/tag.js Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash b09d5ecdad54220ba1e8c42968e912589fbe4f4f18d581f4092cce89cf76d8f1 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 13:10:40 GMT content-encoding br last-modified Fri, 20 Aug 2021 11:31:50 GMT etag "611f849d-11d3b" strict-transport-security max-age=31536000 content-type application/javascript access-control-allow-origin * cache-control max-age=3600 content-length 73019 expires Fri, 20 Aug 2021 14:10:40 GMT
GET H2	200	838377.jpg d16vsmxl4d5tw1.cloudfront.net/a23/c1876/de1c/4f0b/aa13/6d04ab157db3/thumb/	3 KB 4 KB	65ms 21ms	Image image/jpeg	2600:9000:21f3:6200:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/a23/c1876/de1c/4f0b/aa13/6d04ab157db3/thumb/838377.jpg Requested by Host: ask.fm URL: https://ask.fm/rodmail212 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:6200:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 3688245cf8852c5fe9366ce46b2a0e3553a0cc19d1b502a871356ce519191876 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id dPlPW5kzpqYfTgyAZd4w6pcDFhc4NuTI via 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront) last-modified Thu, 25 Jan 2018 13:25:27 GMT server AmazonS3 age 44902 etag "93fbb5ce442e8f6739392ca02b686417" x-cache Hit from cloudfront content-type image/jpeg x-amz-storage-class REDUCED_REDUNDANCY date Fri, 20 Aug 2021 00:42:19 GMT x-amz-cf-pop FRA2-C2 accept-ranges bytes content-length 3289 x-amz-cf-id sk3CoC8zmEqIdzf5z44pFy54VLCMKqro9Eot9U0Ox4Rf0sIscNVqkw==
GET H2	200	38210.jpg dbq8hrmshvuto.cloudfront.net/b64/92109/913b/4abe/b222/be5a2885968b/thumb/	3 KB 4 KB	67ms 17ms	Image image/jpeg	2600:9000:20eb:a400:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/b64/92109/913b/4abe/b222/be5a2885968b/thumb/38210.jpg Requested by Host: ask.fm URL: https://ask.fm/rodmail212 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:a400:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5477788c2f5143c7eb2b7cbec8cc266ab03d53d47121fffd43ff05104d58f64e Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 19 Aug 2021 18:42:26 GMT via 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront) last-modified Thu, 01 Apr 2021 13:49:15 GMT server AmazonS3 age 66495 etag "5e71409bbd3e8bb2212286ec402ebb81" x-cache Hit from cloudfront x-amz-version-id syVHwuaAxw3WAsQDKulC4Nt_h.JUy5oP x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 3473 x-amz-cf-id iR4Prv-6yCm_1bweYK-qSQ0inuAoTrcL-YP53Jc4sO27yFxWkGa3VQ==
GET H2	200	472318.jpg dbq8hrmshvuto.cloudfront.net/f52/10253/785b/492e/8a6c/e177e641a9e7/thumb/	2 KB 2 KB	68ms 18ms	Image image/jpeg	2600:9000:20eb:a400:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/f52/10253/785b/492e/8a6c/e177e641a9e7/thumb/472318.jpg Requested by Host: ask.fm URL: https://ask.fm/rodmail212 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:a400:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 624b1f0d023dbcbd0c4b1bdf21744cdf5dee406872f9cbb1e9a58f1e15125ad2 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id U4ilki4fCSFZrrplmRvd5dY1_0IIs64R via 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront) last-modified Tue, 10 Nov 2020 07:12:29 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 etag "31b4fbe983c31374eb6adaf4a6c7b54c" x-cache Hit from cloudfront content-type image/jpeg x-amz-storage-class REDUCED_REDUNDANCY date Fri, 20 Aug 2021 13:10:40 GMT accept-ranges bytes content-length 1922 x-amz-cf-id g4YoHx5HS39or_D_IqPIM1tAak6b2JfPK3PIEViqgyGfAYfiLewgtQ==
GET H2	200	13322175_1424426704249490_9031077728617829265_n.jpg dbq8hrmshvuto.cloudfront.net/assets2/164/648/349/952/normal/	38 KB 38 KB	86ms 36ms	Image image/jpeg	2600:9000:20eb:a400:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/assets2/164/648/349/952/normal/13322175_1424426704249490_9031077728617829265_n.jpg Requested by Host: ask.fm URL: https://ask.fm/rodmail212 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:a400:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 94882debde5d16f44c142cb1644f5a5acdf427b52b3d2e09702a32c4c739ea50 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 19 Aug 2021 10:01:19 GMT via 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront) last-modified Thu, 14 Jul 2016 20:25:14 GMT server AmazonS3 age 97762 etag "eb6924b9b45ab3cc68e14542f76f5e08" x-cache Hit from cloudfront x-amz-version-id eCyFR9T_I8nCv_V_KV477PhEi5jYoP.h x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 38484 x-amz-cf-id pJ7vXiFcCzRJSKRFXUYZW3xflaroTdBRpJzNTA3QuXncl0v0YI7K8A== expires Mon, 01 Jan 2024 00:00:00 GMT
GET H2	200	13808.jpg d16vsmxl4d5tw1.cloudfront.net/68e/58ba4/d133/4648/9c7f/711b54ec2156/thumb/	3 KB 3 KB	66ms 22ms	Image image/jpeg	2600:9000:21f3:6200:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/68e/58ba4/d133/4648/9c7f/711b54ec2156/thumb/13808.jpg Requested by Host: ask.fm URL: https://ask.fm/rodmail212 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:6200:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2b2b09b5d7f5e5ab0f31c430330f88079d26aadbdd872cf2d19f301749558a12 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id Mj1xJXWbib5s4icjoV9TkEFLaCu81UWg via 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront) last-modified Wed, 23 Oct 2019 06:50:30 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 etag "c2a43c58b578e0606c45ee0fa9a9fb5c" x-cache Hit from cloudfront content-type image/jpeg x-amz-storage-class REDUCED_REDUNDANCY date Fri, 20 Aug 2021 13:10:40 GMT accept-ranges bytes content-length 3131 x-amz-cf-id maWWu0LRUWl_UD-RozhsBl-peLzre8tBV1fVa_DwtKdPjjo-39A-gw==
GET H2	200	3246.jpg dbq8hrmshvuto.cloudfront.net/370/20bac/0f8b/4c12/9053/3f3e97e42f18/thumb/	4 KB 4 KB	465ms 416ms	Image image/jpeg	2600:9000:20eb:a400:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/370/20bac/0f8b/4c12/9053/3f3e97e42f18/thumb/3246.jpg Requested by Host: ask.fm URL: https://ask.fm/rodmail212 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:a400:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a0b2e0e10a647babf724d9454feaf4f0ba2d415c4d8b657e14508fdd51d6315b Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id 7Z_nvTtoY8v_xeHWjWfYm6uVzN.aegTF via 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront) last-modified Wed, 09 Jun 2021 18:48:57 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 etag "52157e79e664cf174df2e60625c4556a" x-cache RefreshHit from cloudfront content-type image/jpeg x-amz-storage-class REDUCED_REDUNDANCY date Fri, 20 Aug 2021 13:10:42 GMT accept-ranges bytes content-length 4000 x-amz-cf-id OT6R-Kb_7StzhktobtxZ8hQHZEq9s-Krt11SWTbRJlLPr_beyNcQGw==
GET H2	200	FB_IMG_1464516807789.jpg dbq8hrmshvuto.cloudfront.net/assets2/159/474/697/216/normal/	50 KB 50 KB	69ms 20ms	Image image/jpeg	2600:9000:20eb:a400:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/assets2/159/474/697/216/normal/FB_IMG_1464516807789.jpg Requested by Host: ask.fm URL: https://ask.fm/rodmail212 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:a400:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 32f825c7ad7f657cfa9e01e7c17e3ca5ad6a1c5b26b2db43383fb0864da77823 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 08 Aug 2021 07:53:33 GMT via 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront) last-modified Wed, 01 Jun 2016 15:17:25 GMT server AmazonS3 age 1055828 etag "cc2f5031926d73c21dbe3eedb74950b4" x-cache Hit from cloudfront x-amz-version-id rAja5CaAqZ2gLbr9Rc738v1i3byw61Ug x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 50885 x-amz-cf-id WkXoj0I4RdpgGrRjumsufJiS2dijgL36UzBt7Ko4MTc8UU-GPBMdWQ== expires Mon, 01 Jan 2024 00:00:00 GMT
GET H2	200	10805614_1565162703729091_8279440105014033641_n.jpg dbq8hrmshvuto.cloudfront.net/assets2/072/484/773/888/normal/	20 KB 20 KB	80ms 31ms	Image image/jpeg	2600:9000:20eb:a400:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/assets2/072/484/773/888/normal/10805614_1565162703729091_8279440105014033641_n.jpg Requested by Host: ask.fm URL: https://ask.fm/rodmail212 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:a400:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 063eae60da6186cb475568aca91e814347088f9301cffeb1ce285c172a8fab62 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 17:09:10 GMT via 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront) last-modified Tue, 06 Jan 2015 20:08:17 GMT server AmazonS3 age 158491 etag "87ec25958afb13a12c430c725acf7498" x-cache Hit from cloudfront x-amz-version-id null x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 20404 x-amz-cf-id Le0mCTYLy9v9f1NwQNczPnVFAMQGU1QlYqilTmT-cq0qBqgnuuPznw== expires Mon, 01 Jan 2024 00:00:00 GMT
GET H2	200	64744.jpg dbq8hrmshvuto.cloudfront.net/1d8/d9f1f/e46f/4872/9c0a/15b58da62082/thumb/	2 KB 3 KB	60ms 58ms	Image image/jpeg	2600:9000:20eb:a400:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/1d8/d9f1f/e46f/4872/9c0a/15b58da62082/thumb/64744.jpg Requested by Host: ask.fm URL: https://ask.fm/rodmail212 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:a400:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash da88285c61176d8e66b1b28428160e0569db1b1af8f5a0eb6d27db8439e4a169 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id NiSyyh_n27u0HjLF3e5aoUf20HjK30zk via 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront) last-modified Fri, 03 Jul 2020 21:57:29 GMT server AmazonS3 age 57910 etag "04495b2c68fb666740eaaa2db1bcaf46" x-cache Hit from cloudfront content-type image/jpeg x-amz-storage-class REDUCED_REDUNDANCY date Thu, 19 Aug 2021 21:05:31 GMT x-amz-cf-pop FRA2-C1 accept-ranges bytes content-length 2433 x-amz-cf-id FHBTldoYk17X9PtGjuQHCVH0wqUpgcgkz50uTtZGvH2Q7xpegy2dDQ==
GET H2	200	134214.jpg dbq8hrmshvuto.cloudfront.net/e2e/b65af/58f6/4284/9cdd/03fae401c9cc/normal/	44 KB 45 KB	31ms 29ms	Image image/jpeg	2600:9000:20eb:a400:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/e2e/b65af/58f6/4284/9cdd/03fae401c9cc/normal/134214.jpg Requested by Host: ask.fm URL: https://ask.fm/rodmail212 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:a400:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c697c12e44d27f32263903a040a5fa6fd9da509e4a90a79cf0969d9a67d8f32b Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id o3d1yjluXSBJ4JLyRfx5VFrCj688wRZL via 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront) last-modified Sun, 03 Jul 2016 20:37:39 GMT server AmazonS3 age 40745 etag "f1a872b9fbe90d81456b65da5adfec81" x-cache Hit from cloudfront content-type image/jpeg x-amz-storage-class REDUCED_REDUNDANCY date Fri, 20 Aug 2021 01:51:36 GMT x-amz-cf-pop FRA2-C1 accept-ranges bytes content-length 45496 x-amz-cf-id JW1b0TyOPywN1Yg3FShruNLLY6SUmDpFdGhc0aWVYHOeeFcCswb6vg==
GET H2	200	168399.jpg dbq8hrmshvuto.cloudfront.net/38c/831e3/0e92/4549/bbdb/a0178f4951ca/thumb/	4 KB 4 KB	73ms 71ms	Image image/jpeg	2600:9000:20eb:a400:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/38c/831e3/0e92/4549/bbdb/a0178f4951ca/thumb/168399.jpg Requested by Host: ask.fm URL: https://ask.fm/rodmail212 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:a400:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 79915b6cc348a70fcd7460ac5e6bf756d2ef884825d588396fed6e64c44d91ae Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 12:18:24 GMT via 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront) last-modified Mon, 24 Aug 2020 16:23:51 GMT server AmazonS3 age 3137 etag "0b871461131fc3cb2ea33b474427c361" x-cache Hit from cloudfront x-amz-version-id YeSFbvEqW6pXgXoclFsDmklnLafo0hs1 x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 3860 x-amz-cf-id pr1A-K9bfvGqnMMNuhqhn2UCb9_tW7OZwwAcyjpSs8wYuWN1tK-AHA==
GET H2	200	58745.jpg dbq8hrmshvuto.cloudfront.net/29d/e82c1/75a3/40dc/8bc9/132f5b90628c/thumb/	3 KB 3 KB	38ms 36ms	Image image/jpeg	2600:9000:20eb:a400:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/29d/e82c1/75a3/40dc/8bc9/132f5b90628c/thumb/58745.jpg Requested by Host: ask.fm URL: https://ask.fm/rodmail212 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:a400:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b613b786b7d563cb1f03cd6f0ab3b3ce04ebb27e1934d401f1e7473ab92858ad Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 11:56:07 GMT via 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront) last-modified Sun, 10 May 2020 15:51:39 GMT server AmazonS3 age 4474 etag "457d4cfd096bc1e35fd7f119dfca2aa1" x-cache Hit from cloudfront x-amz-version-id OwXCWV8FqYwvyDczV0U09EFFtqyhf9UE x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 2941 x-amz-cf-id dW0jk9w_XOjGAyzLsQkzKgKXYNufXQCy-Pfkl8MHJ-EQuutLcZcyUg==
GET H2	200	104976.jpg dbq8hrmshvuto.cloudfront.net/21d/de1b0/46ba/49bf/94b7/75417f3dd225/thumb/	2 KB 3 KB	30ms 28ms	Image image/jpeg	2600:9000:20eb:a400:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/21d/de1b0/46ba/49bf/94b7/75417f3dd225/thumb/104976.jpg Requested by Host: ask.fm URL: https://ask.fm/rodmail212 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:a400:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ebebdce52838560c3853a515b5a6ec6e14e751becec199ad03a459914453a0b8 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id PVNZoKMgolvmNRpuzvVS4CASHn0Ws_oH via 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront) last-modified Sat, 22 May 2021 20:27:43 GMT server AmazonS3 age 79089 etag "430487d2642e488a2e5c8b64c971e40a" x-cache Hit from cloudfront content-type image/jpeg x-amz-storage-class REDUCED_REDUNDANCY date Thu, 19 Aug 2021 15:12:32 GMT x-amz-cf-pop FRA2-C1 accept-ranges bytes content-length 2353 x-amz-cf-id FBBSdLcaY7fJbCoOp5ryf1t8eAa-CME9eRQLgdTRuQUf14aQN9dN_g==
GET H2	200	110748.jpg dbq8hrmshvuto.cloudfront.net/a04/261b1/35b3/4c64/9fa7/f2cfd8ed78ac/thumb/	5 KB 5 KB	37ms 35ms	Image image/jpeg	2600:9000:20eb:a400:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/a04/261b1/35b3/4c64/9fa7/f2cfd8ed78ac/thumb/110748.jpg Requested by Host: ask.fm URL: https://ask.fm/rodmail212 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:a400:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b4edc3fe1bdb97b36c8afc9a5a54d435ed98cbb8e2aa72a30cfe4b4a4ac6eef4 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 19 Aug 2021 19:09:28 GMT via 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront) last-modified Sat, 22 May 2021 15:42:19 GMT server AmazonS3 age 64873 etag "f6efc504972e0c840ad376cc315d6ce0" x-cache Hit from cloudfront x-amz-version-id cj8O2jIvOTfyZ7HnlWRQ6m9nmiJ7Cot2 x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 4879 x-amz-cf-id GNE4FU48uFw1hcCMrq79Q9ZdRKUH-SaNsbrVWvA1NShk9lllw19upQ==
GET H2	200	145854.jpg d16vsmxl4d5tw1.cloudfront.net/dc2/874b4/23df/4e20/8623/d97be0cef7fe/thumb/	4 KB 5 KB	63ms 22ms	Image image/jpeg	2600:9000:21f3:6200:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/dc2/874b4/23df/4e20/8623/d97be0cef7fe/thumb/145854.jpg Requested by Host: ask.fm URL: https://ask.fm/rodmail212 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:6200:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c274d03c573422752521fd4985991bd3ad94d2df0928b30f9037fe1a4c44ed25 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 12:18:24 GMT via 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront) last-modified Sat, 04 Nov 2017 21:40:49 GMT server AmazonS3 age 3137 etag "7ae64453874dd57ae930c9a842f6c7f1" x-cache Hit from cloudfront x-amz-version-id ouPHjxgsm4yS97UOhwGsv8j8bzt8zX_8 x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C2 accept-ranges bytes content-type image/jpeg content-length 4395 x-amz-cf-id SY3hefvv5McBMvJAeWA1Sg4G02HMMQM8dbHlbYHtCWAvIBYGKTNPJg==
GET H2	200	3344697.jpg d16vsmxl4d5tw1.cloudfront.net/6d6/7fbcf/98b4/4dd5/ba04/8509d9c9c0ed/thumb/	3 KB 3 KB	17ms 16ms	Image image/jpeg	2600:9000:21f3:6200:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/6d6/7fbcf/98b4/4dd5/ba04/8509d9c9c0ed/thumb/3344697.jpg Requested by Host: ask.fm URL: https://ask.fm/rodmail212 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:6200:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash eb68431f7dcdc4e63f324a13eac5ef38be04218d9f851a019a6c9cc276105f08 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 12:55:13 GMT via 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront) last-modified Wed, 30 Aug 2017 20:58:44 GMT server AmazonS3 age 928 etag "493464ac9570dc2814ea9f44ec33d46d" x-cache Hit from cloudfront x-amz-version-id SQBD.4Y5Hjz8Uy_XrB3Z_3T6PE1ptRJp x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C2 accept-ranges bytes content-type image/jpeg content-length 2658 x-amz-cf-id NTymikE7EOw6A_zUY09_CG-4XDZFOkbEeuFjsdAWKCY9sdPXKfaejQ==
GET H2	200	134679.jpg d16vsmxl4d5tw1.cloudfront.net/af6/2c75f/c0ca/4ada/8f08/3d2d43f188ae/thumb/	4 KB 5 KB	19ms 17ms	Image image/jpeg	2600:9000:21f3:6200:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/af6/2c75f/c0ca/4ada/8f08/3d2d43f188ae/thumb/134679.jpg Requested by Host: ask.fm URL: https://ask.fm/rodmail212 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:6200:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1fb9d7b4a03330166d733576c1c2fd17419329f9a4a4ff42db2d183e1d9a004a Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 19 Aug 2021 20:31:22 GMT via 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront) last-modified Thu, 13 Jun 2019 08:49:14 GMT server AmazonS3 age 59959 etag "307fd8c56c54231deb0dc3ed305c5094" x-cache Hit from cloudfront x-amz-version-id fNpn8eBMeax5CSEYdkbGdtqhVX2RFGb7 x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C2 accept-ranges bytes content-type image/jpeg content-length 4455 x-amz-cf-id 2BYTJ1LNEkxVAzI4o1sUD6GWH4nH7fOQ6bt1q1SOzsKaqm-VPe1DtQ==
GET H2	200	122414.jpg dbq8hrmshvuto.cloudfront.net/649/ba180/49a7/4152/83bd/bbd93bbf12ae/thumb/	3 KB 3 KB	439ms 437ms	Image image/jpeg	2600:9000:20eb:a400:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/649/ba180/49a7/4152/83bd/bbd93bbf12ae/thumb/122414.jpg Requested by Host: ask.fm URL: https://ask.fm/rodmail212 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:a400:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash dcb23893eb0fb03b8753aa094f76127e059010f2985ff3f089e34294f59ce42d Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 13:10:42 GMT via 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront) last-modified Thu, 05 Aug 2021 04:46:55 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 etag "543f4cb4c282cc2d31847381b41fb71c" x-cache Miss from cloudfront x-amz-version-id Upn0Onq2M_440Q_WzAl0V0teZADGmxvX x-amz-storage-class REDUCED_REDUNDANCY accept-ranges bytes content-type image/jpeg content-length 2672 x-amz-cf-id Dowx6f9U2FLGKq4ggUX8gkNyt7v7seLgv__w0Osv8IzJb1a2KWKCEg==
GET H2	200	file.jpg dbq8hrmshvuto.cloudfront.net/assets2/129/361/556/992/normal/	89 KB 90 KB	70ms 68ms	Image image/jpeg	2600:9000:20eb:a400:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/assets2/129/361/556/992/normal/file.jpg Requested by Host: ask.fm URL: https://ask.fm/rodmail212 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:a400:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e643ab2c5fa6cf44ca2cb8558bad4f90b32fe957d12966d2f00c48374d5146f5 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 05 Aug 2021 21:45:08 GMT via 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront) last-modified Wed, 14 Oct 2015 19:10:12 GMT server AmazonS3 age 1265133 etag "b01fc3eefefbf38a5a6d516f09a65967" x-cache Hit from cloudfront x-amz-version-id null x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 91352 x-amz-cf-id -3FC9zHLdIHR8iEho_adXFcroXpAj3wwmbWbIvTd0Kh5qm3ltX-CJQ== expires Mon, 01 Jan 2024 00:00:00 GMT
GET H2	200	102355.jpg d16vsmxl4d5tw1.cloudfront.net/c7a/eb923/20cb/40b0/a0dc/0fea4b7de58e/thumb/	4 KB 4 KB	16ms 14ms	Image image/jpeg	2600:9000:21f3:6200:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/c7a/eb923/20cb/40b0/a0dc/0fea4b7de58e/thumb/102355.jpg Requested by Host: ask.fm URL: https://ask.fm/rodmail212 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:6200:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 48b08016397bcaad272f9ecf8ffdcd5c1cabd09c81c284ebc8a268b6812d3cf6 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 19 Aug 2021 21:44:34 GMT via 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront) last-modified Wed, 07 Aug 2019 14:14:08 GMT server AmazonS3 age 55567 etag "61c21f60e0e263c1f0b053a7b7991179" x-cache Hit from cloudfront x-amz-version-id i2judLW6EQx72_vzXJw8SV_YiQcVnoPM x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C2 accept-ranges bytes content-type image/jpeg content-length 3811 x-amz-cf-id EoAZPjnK_my1Xncruc85lEED6JtQRmk3aV6sKi3h9enGJ2zmx7_mjg==
GET H2	200	348452.jpg d16vsmxl4d5tw1.cloudfront.net/aa2/0089f/ab1a/42cf/b5eb/7dea1b19c43e/thumb/	1 KB 2 KB	19ms 18ms	Image image/jpeg	2600:9000:21f3:6200:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/aa2/0089f/ab1a/42cf/b5eb/7dea1b19c43e/thumb/348452.jpg Requested by Host: ask.fm URL: https://ask.fm/rodmail212 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:6200:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6b5447905968e60ff619e858df3e75c351564bc27f0fffc4b42acfca23d7504a Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 12:30:10 GMT via 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront) last-modified Thu, 22 Mar 2018 23:42:35 GMT server AmazonS3 age 2431 etag "552dc0aa6153f411389a2542f14a5279" x-cache Hit from cloudfront x-amz-version-id Fa9NGdKqEZw6EwV9YE5_qVp6rfFwh1lH x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C2 accept-ranges bytes content-type image/jpeg content-length 1409 x-amz-cf-id -EOcisQrwXKB1FTyGYSUTTVBdQB1bWvCDNNvz0y1s_VJUUHmiQWV0w==
GET H2	200	107569.jpg d16vsmxl4d5tw1.cloudfront.net/466/9c3b3/3538/41d8/88d9/6fc5da5106d5/thumb/	3 KB 4 KB	18ms 16ms	Image image/jpeg	2600:9000:21f3:6200:13:811c:e440:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d16vsmxl4d5tw1.cloudfront.net/466/9c3b3/3538/41d8/88d9/6fc5da5106d5/thumb/107569.jpg Requested by Host: ask.fm URL: https://ask.fm/rodmail212 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:6200:13:811c:e440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1f8c20ae069a15648f26bf9671e15b4b8ce05bebb85e5bf9e2ce39921bf8da4a Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id rlLom0RP6u.omDdbvZWVATSIX0gzsVt5 via 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront) last-modified Sun, 03 Mar 2019 03:27:18 GMT server AmazonS3 age 10982 etag "e971085349fd56b24b9b10f6cadd02d0" x-cache Hit from cloudfront content-type image/jpeg x-amz-storage-class REDUCED_REDUNDANCY date Fri, 20 Aug 2021 10:07:39 GMT x-amz-cf-pop FRA2-C2 accept-ranges bytes content-length 3461 x-amz-cf-id eWt8OsCtgj3mw51qx_x44ZS_YI9jeIlW27gJb5AABCUktJBrYBWx3A==
GET H2	200	avatar.jpg dbq8hrmshvuto.cloudfront.net/assets2/058/892/591/360/normal/	68 KB 69 KB	55ms 54ms	Image image/jpeg	2600:9000:20eb:a400:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/assets2/058/892/591/360/normal/avatar.jpg Requested by Host: ask.fm URL: https://ask.fm/rodmail212 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:a400:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 81e1a5fde82f5492d264391f603e0273677e901952d496234749de2416a3fa80 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 17:56:43 GMT via 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront) last-modified Sat, 25 Oct 2014 08:00:00 GMT server AmazonS3 age 155638 etag "e5a18f6c3dfe9a84e978cce342fcbb5b" x-cache Hit from cloudfront x-amz-version-id null x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 69774 x-amz-cf-id EaRJhbMUkh8vJ44dk9OsZPcZLV3SGvNbn7JrjgZ_zjxA-uf50qyZ1w== expires Mon, 01 Jan 2024 00:00:00 GMT
GET H2	200	81611.jpg dbq8hrmshvuto.cloudfront.net/bb8/92b68/86d5/426a/94bd/023a64f716a7/thumb/	3 KB 4 KB	72ms 70ms	Image image/jpeg	2600:9000:20eb:a400:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/bb8/92b68/86d5/426a/94bd/023a64f716a7/thumb/81611.jpg Requested by Host: ask.fm URL: https://ask.fm/rodmail212 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:a400:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ca86b3ae79f20a5cd2b7755504c9b8581912251c1c254f28a38d5c0a5c0243f6 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 12:53:48 GMT via 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront) last-modified Tue, 18 May 2021 17:35:46 GMT server AmazonS3 age 1012 etag "9a48f27b437ac1df39c3269d604e02ed" x-cache Hit from cloudfront x-amz-version-id kBtZT76UxID58qdWwxHKbY6A1Ty4zEnl x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 3257 x-amz-cf-id 6Sn8G8Seme-M_JrxUud-4Cu9Ox5BhRRcZQfNdCYlpR0CGVVByr9CGg==
GET H2	200	Giantravenreadytograb236890.jpg dbq8hrmshvuto.cloudfront.net/assets2/142/743/404/544/normal/	124 KB 125 KB	60ms 59ms	Image image/jpeg	2600:9000:20eb:a400:c:d85b:b300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dbq8hrmshvuto.cloudfront.net/assets2/142/743/404/544/normal/Giantravenreadytograb236890.jpg Requested by Host: ask.fm URL: https://ask.fm/rodmail212 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:a400:c:d85b:b300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 91091b8174e85461034dc248922ff5abbfc388ce5c847b486df421078919f483 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 17:56:34 GMT via 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront) last-modified Sat, 09 Jan 2016 12:45:26 GMT server AmazonS3 age 155646 etag "c2f853dc3cb060ee4bc69b497f229b12" x-cache Hit from cloudfront x-amz-version-id null x-amz-storage-class REDUCED_REDUNDANCY x-amz-cf-pop FRA2-C1 accept-ranges bytes content-type image/jpeg content-length 127190 x-amz-cf-id 0NFPa-kAvk2BGz_ETCcP9xVoIxEjClP56suDOo2W3wB-JMFVlF80Tg== expires Mon, 01 Jan 2024 00:00:00 GMT
GET H2	200	fontello-4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316.woff2 d3r6ceqp4shltl.cloudfront.net/assets/	17 KB 18 KB	42ms 13ms	Font application/font-woff2	2600:9000:21f3:f800:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/fontello-4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316.woff2 Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:f800:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Origin https://ask.fm Referer https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 29 Apr 2021 07:03:25 GMT via 1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront) vary Accept-Encoding,Origin age 9785235 x-cache Hit from cloudfront strict-transport-security max-age=63072000 content-length 17880 last-modified Thu, 29 Apr 2021 05:41:49 GMT server Ask.FM Web Service etag "608a471d-45d8" access-control-max-age 3000 access-control-allow-methods GET content-type application/font-woff2 access-control-allow-origin https://ask.fm cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA2-C2 accept-ranges bytes x-amz-cf-id H1hN6fTaDsLkihfRz_bo5fpa7Q673NOMjZGqJLEOYskrZ4im2B_zEQ== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	proximanova-semibold-41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401.woff2 d3r6ceqp4shltl.cloudfront.net/assets/	25 KB 25 KB	42ms 13ms	Font application/font-woff2	2600:9000:21f3:f800:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/proximanova-semibold-41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401.woff2 Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:f800:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Origin https://ask.fm Referer https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 25 Feb 2021 11:14:43 GMT via 1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront) vary Accept-Encoding,Origin age 15213357 x-cache Hit from cloudfront strict-transport-security max-age=63072000 content-length 25400 last-modified Wed, 06 Sep 2017 12:36:34 GMT server Ask.FM Web Service etag "59afebd2-6338" access-control-max-age 3000 access-control-allow-methods GET content-type application/font-woff2 access-control-allow-origin https://ask.fm cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA2-C2 accept-ranges bytes x-amz-cf-id gEbTsyag4vsB6tFw9RnTOWWhPumMS20GKSEI5MjCRX-6fwaj8ZEi9g== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	proximanovareg-98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f.woff2 d3r6ceqp4shltl.cloudfront.net/assets/	51 KB 52 KB	42ms 13ms	Font application/font-woff2	2600:9000:21f3:f800:11:3771:2e40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3r6ceqp4shltl.cloudfront.net/assets/proximanovareg-98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f.woff2 Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:f800:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 Request headers Origin https://ask.fm Referer https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-de6f8c5d7eae2dfdd63d784e2fc4f103a7793156b2830855e44aee458e94dbb7.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 17 Apr 2021 07:55:47 GMT via 1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront) vary Accept-Encoding,Origin age 10818893 x-cache Hit from cloudfront strict-transport-security max-age=63072000 content-length 52204 last-modified Wed, 02 Aug 2017 08:00:22 GMT server Ask.FM Web Service etag "59818696-cbec" access-control-max-age 3000 access-control-allow-methods GET content-type application/font-woff2 access-control-allow-origin https://ask.fm cache-control public, max-age=315360000, immutable content-security-policy frame-ancestors 'self' https://askfm.adspirit.de x-amz-cf-pop FRA2-C2 accept-ranges bytes x-amz-cf-id fRJZEGSCPLHiTqPV98LT86wEiaEqhGMDyQpmLVfjqRIcMq3mjWsLOA== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	400	sync_cookie_image_decide mc.yandex.com/ Redirect Chain https://mc.yandex.com/sync_cookie_image_check https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9371.raXden5Pv8IbSEUbEMv93l7H01KwHHQGS6LSdS04o5zHG-olO4sh8zP2CtV9zkly.n4MQ1U6VbTPuDLxgw7a1_cjg4mY%2C https://mc.yandex.com/sync_cookie_image_decide?token=9371.SaHFyMCwv0DMujOgEjbmIaZBFI69Rz5uAgMGjmb-1VszXG0UN06FjgMCJN9k-VDeas-RTxwUplNEH4-SKCsn2w%2C%2C.5azUu0brLtJ4wdUOM2QgQJVwQhQ%2C	75 B 75 B	54ms 53ms	Image text/html	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/sync_cookie_image_decide?token=9371.SaHFyMCwv0DMujOgEjbmIaZBFI69Rz5uAgMGjmb-1VszXG0UN06FjgMCJN9k-VDeas-RTxwUplNEH4-SKCsn2w%2C%2C.5azUu0brLtJ4wdUOM2QgQJVwQhQ%2C Requested by Host: ask.fm URL: https://ask.fm/rodmail212 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 13:10:41 GMT strict-transport-security max-age=31536000 content-length 75 x-xss-protection 1; mode=block content-type text/html; charset=utf-8 Redirect headers location https://mc.yandex.com/sync_cookie_image_decide?token=9371.SaHFyMCwv0DMujOgEjbmIaZBFI69Rz5uAgMGjmb-1VszXG0UN06FjgMCJN9k-VDeas-RTxwUplNEH4-SKCsn2w%2C%2C.5azUu0brLtJ4wdUOM2QgQJVwQhQ%2C date Fri, 20 Aug 2021 13:10:41 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
GET H2	200	advert.gif mc.yandex.com/metrika/	43 B 160 B	52ms 50ms	Image image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/metrika/advert.gif Requested by Host: ask.fm URL: https://ask.fm/rodmail212 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 13:10:41 GMT last-modified Fri, 20 Aug 2021 11:31:50 GMT etag "611f849d-2b" strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes content-length 43 expires Fri, 20 Aug 2021 14:10:41 GMT
GET H2	200	1 Show response mc.yandex.com/watch/48953915/ Redirect Chain https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Frodmail212&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A768%3Afu%3A0%3Aen%3Autf-8%3Ala... https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Frodmail212&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A768%3Afu%3A0%3Aen%3Autf-8%3A...	368 B 450 B	57ms 57ms	XHR application/json	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Frodmail212&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A768%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A621%3Acn%3A1%3Adp%3A0%3Als%3A1491077795723%3Ahid%3A919121401%3Az%3A120%3Ai%3A202108201501041%3Aet%3A1629465041%3Ac%3A1%3Arn%3A224694019%3Au%3A16294650411004662656%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629465040094%3Ads%3A1%2C345%2C180%2C4%2C0%2C0%2C%2C105%2C7%2C%2C%2C%2C635%3Adsn%3A1%2C345%2C181%2C3%2C0%2C0%2C%2C105%2C7%2C%2C%2C%2C636%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629465041%3At%3AAccount%20Suspended%20-%20Ask.fm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash cadecf9501b03fa11e91f3ae863c53eff05b580a6c2db5e4ac51efa53ed78b42 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 20 Aug 2021 13:10:41 GMT x-content-type-options nosniff last-modified Fri, 20-Aug-2021 13:10:41 GMT strict-transport-security max-age=31536000 content-type application/json; charset=utf-8 access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 368 x-xss-protection 1; mode=block expires Fri, 20-Aug-2021 13:10:41 GMT Redirect headers pragma no-cache date Fri, 20 Aug 2021 13:10:41 GMT last-modified Fri, 20-Aug-2021 13:10:41 GMT location /watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Frodmail212&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A768%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A621%3Acn%3A1%3Adp%3A0%3Als%3A1491077795723%3Ahid%3A919121401%3Az%3A120%3Ai%3A202108201501041%3Aet%3A1629465041%3Ac%3A1%3Arn%3A224694019%3Au%3A16294650411004662656%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629465040094%3Ads%3A1%2C345%2C180%2C4%2C0%2C0%2C%2C105%2C7%2C%2C%2C%2C635%3Adsn%3A1%2C345%2C181%2C3%2C0%2C0%2C%2C105%2C7%2C%2C%2C%2C636%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629465041%3At%3AAccount%20Suspended%20-%20Ask.fm strict-transport-security max-age=31536000 access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Fri, 20-Aug-2021 13:10:41 GMT
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	3 KB 2 KB	6ms 6ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 755bfebe05eb825c226dd35a61f0cc59c64c9f15f3012806ea3c9c49a2b8b8b9 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 W1h3WiQ1en4q5cFowEUP2w== cross-origin-resource-policy cross-origin expires Fri, 20 Aug 2021 13:28:32 GMT alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 1687 x-fb-rlafr 0 x-fb-debug vRA6RlJpGZE0Mpq+sT27bdiBtaKxKt9ZF6apjHKC+9NqVA6RrUAX20aW8gALI3+nzmaDfbwZrjp+hWDOtJ4Fdg== x-fb-trip-id 686109401 x-fb-content-md5 d8245bd7374316768410bdc1ad25931a cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Fri, 20 Aug 2021 13:10:41 GMT x-frame-options DENY report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=1200,stale-while-revalidate=3600 etag "57f486b2908156f91616d8bcc57bac76" timing-allow-origin * priority u=3,i access-control-expose-headers X-FB-Content-MD5
GET H2	200	gtm.js Show response www.googletagmanager.com/	90 KB 36 KB	22ms 21ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NDJVZHZ Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c2e8262d491ec6db694c11f7c816c69a86ff82f67118e4274d07d8ccf89900c0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 13:10:41 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36435 x-xss-protection 0 last-modified Fri, 20 Aug 2021 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 20 Aug 2021 13:10:41 GMT
GET H2	200	3eb3366e-65c3-4a24-90f5-0026136a4131.min.js Show response cmp.optad360.io/items/	2 B 349 B	57ms 12ms	Script application/javascript	2600:9000:21f3:4000:6:b871:4f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.optad360.io/items/3eb3366e-65c3-4a24-90f5-0026136a4131.min.js Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:4000:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 12:32:29 GMT via 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront) last-modified Wed, 28 Apr 2021 09:49:58 GMT server AmazonS3 age 2293 etag "99914b932bd37a50b983c5e7c90ae93b" x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=3600 x-amz-cf-pop FRA2-C2 accept-ranges bytes content-length 2 x-amz-cf-id UaLCFRNJ2C7RFmC-5uph7-mg-2K-cpGcsbudhH7ZTHKQ483gTefpUQ==
GET H2	200	plugin.min.js Show response get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/	222 KB 49 KB	50ms 13ms	Script application/javascript	2600:9000:21f3:2600:11:a4de:2580:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js Requested by Host: d3r6ceqp4shltl.cloudfront.net URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-bb85c67f79c2a6a60bc46126e2223a10141b81b2c76ecc4e863052a591d92477.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:2600:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 523f7c911bad399274fd6b5344f416d976335ea365a709e7400335a1b8a29d59 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 12:13:12 GMT content-encoding gzip last-modified Tue, 17 Aug 2021 15:08:20 GMT server AmazonS3 age 3450 etag W/"4f6443b257506669739f71e2a9030d1b" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront) cache-control public, max-age=3600 x-amz-cf-pop FRA2-C2 x-amz-cf-id cWk4xOl1QpdI3eyYD6bEARdLd4Ss2tA1frq6sXcv4J8Jkv-yTw70cA==
GET H3-29	200	sdk.js Show response connect.facebook.net/en_US/	230 KB 67 KB	8ms 7ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js?hash=c6ba6fb3126a1c83950b1161a60d942b Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash ef8a5d0d64d7de8632d485cd1fd0df55b66a3bd6cd47975966ff3640fb0cfe75 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 iLfYxfJ06jrHzYNouFdraw== cross-origin-resource-policy cross-origin expires Sat, 20 Aug 2022 10:54:55 GMT alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 68284 x-fb-rlafr 0 x-fb-debug Dv941vFlCQ+RQSWV7aCGFcbDsc6QSSa04SmkECJwBvFOxYlYNYsDDBmbqcJbDPOHBcvnFCQlmqh7OtgghOZypA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-content-md5 6f248b3e62680d5a4d4897681e898a41 cross-origin-opener-policy same-origin-allow-popups date Fri, 20 Aug 2021 13:10:41 GMT x-frame-options DENY report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable etag "f441c5388718cbf2af32577971dd871a" timing-allow-origin * priority u=3,i access-control-expose-headers X-FB-Content-MD5
GET H2	200	/ www.facebook.com/tr/	44 B 251 B	6ms 6ms	Image image/gif	2a03:2880:f11c:8083:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=129215213762342&ev=fb_page_view&dl=https%3A%2F%2Fask.fm%2Frodmail212&rl=&if=false&ts=1629465041353&sw=1600&sh=1200&at= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 13:10:41 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Fri, 20 Aug 2021 13:10:41 GMT
GET H2	200	prebid5.2.0.js Show response get.optad360.io/sf/	437 KB 135 KB	13ms 12ms	Script application/javascript	2600:9000:21f3:2600:11:a4de:2580:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://get.optad360.io/sf/prebid5.2.0.js Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:2600:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a923230515fe265da1f93fcd02d41e37ef4e6bc157358768313d7cb9e5efb7a6 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Aug 2021 00:45:24 GMT content-encoding gzip last-modified Fri, 25 Jun 2021 12:08:33 GMT server AmazonS3 age 908718 etag W/"3f120fb160292782175c18b2de386caf" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront) cache-control public, max-age=360000000 x-amz-cf-pop FRA2-C2 x-amz-cf-id -BVouKXIXl7snA1QxgxVaVw7YOMf2DujLHrSLTIjVqkbdsnB7Uz0Iw==
OPTIONS H2	200	json gum.criteo.com/sid/ Frame	0 0	68ms 22ms	Preflight application/json	2a02:2638::1c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1 Protocol H2 Server 2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin https://ask.fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache content-type application/json; charset=utf-8 expires 0 strict-transport-security max-age=31536000 access-control-allow-origin https://ask.fm access-control-allow-headers content-type access-control-allow-credentials true access-control-allow-methods GET server-processing-duration-in-ticks 1463 date Fri, 20 Aug 2021 13:10:41 GMT content-encoding gzip vary Accept-Encoding
OPTIONS H2	200	openrtb adx.adform.net/adx/ Frame	0 0	112ms 36ms	Preflight	37.157.6.241 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/openrtb Protocol H2 Server 37.157.6.241 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://ask.fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers server nginx date Fri, 20 Aug 2021 13:10:41 GMT content-length 0 cache-control private access-control-allow-origin https://ask.fm access-control-allow-credentials true access-control-allow-methods GET, POST access-control-allow-headers Content-Type, Cache-Control, Accept-Encoding, X-Requested-With access-control-max-age 86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" strict-transport-security max-age=31536000; includeSubDomains
GET H2	200	latest.json Show response cdn.jsdelivr.net/gh/prebid/currency-file@1/	2 KB 1 KB	18ms 6ms	XHR application/json	2a04:4e42:3::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210820 Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 8c044d70ab6ffb1b29c0c798a827d4220981eae1e8cb7339494bafc2aa48cc7f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 35866 x-jsd-version 1.0.1074 x-cache HIT cross-origin-resource-policy cross-origin content-length 938 etag W/"69a-nBpt6K70E48JXlB1qGi8uHZJdnc" x-served-by cache-fra19178-FRA x-jsd-version-type version date Fri, 20 Aug 2021 13:10:41 GMT vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H2	200	sid Show response mug.criteo.com/ Redirect Chain https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1 https://mug.criteo.com/sid?cpp=nmFO9nwyNTQwcEtqMzNsOHlNWTdEQUptcW50ZjdKcHFMSWM0U0NEWjdnWXJUUDBHcmVkVjhsVVM5aHE0aGJxNE1HQVMzOHRxN1EwMnp1ai8zK3JwOWRPcjdFOWJXYlZ2OTlFU0FHQ1pDSkE1R2piWlh6bEQ3YzRQUGthcl...	326 B 589 B	97ms 35ms	XHR application/json	178.250.2.146 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=nmFO9nwyNTQwcEtqMzNsOHlNWTdEQUptcW50ZjdKcHFMSWM0U0NEWjdnWXJUUDBHcmVkVjhsVVM5aHE0aGJxNE1HQVMzOHRxN1EwMnp1ai8zK3JwOWRPcjdFOWJXYlZ2OTlFU0FHQ1pDSkE1R2piWlh6bEQ3YzRQUGthcld0ZFA0K2x5US9zSmhOb0R4Y3BIcDVyaDZFQU95ZnpVdHY4TE9CNDJ0aW5mZ3dwTVUrUDVsK1lxUUpuWExMOVJrdW44M2RxQ1VrcnhZVzdIVitBNFVEYTdsSTAvVitRPT18&cppv=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash 71621b1813f9dcf8088c6ed0110277c468c7243427574cfe86bb8b2e2964a537 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 content-encoding gzip date Fri, 20 Aug 2021 13:10:41 GMT vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin null cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 2442 expires 0 Redirect headers pragma no-cache strict-transport-security max-age=31536000 date Fri, 20 Aug 2021 13:10:41 GMT location https://mug.criteo.com/sid?cpp=nmFO9nwyNTQwcEtqMzNsOHlNWTdEQUptcW50ZjdKcHFMSWM0U0NEWjdnWXJUUDBHcmVkVjhsVVM5aHE0aGJxNE1HQVMzOHRxN1EwMnp1ai8zK3JwOWRPcjdFOWJXYlZ2OTlFU0FHQ1pDSkE1R2piWlh6bEQ3YzRQUGthcld0ZFA0K2x5US9zSmhOb0R4Y3BIcDVyaDZFQU95ZnpVdHY4TE9CNDJ0aW5mZ3dwTVUrUDVsK1lxUUpuWExMOVJrdW44M2RxQ1VrcnhZVzdIVitBNFVEYTdsSTAvVitRPT18&cppv=2 access-control-allow-methods GET content-type text/html; charset=utf-8 access-control-allow-origin https://ask.fm cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 1866 content-length 455 expires 0
POST H2	204	openrtb Show response adx.adform.net/adx/	0 402 B	179ms 109ms	XHR text/plain	37.157.6.241 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/openrtb Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.241 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json Response headers pragma no-cache date Fri, 20 Aug 2021 13:10:41 GMT server nginx access-control-max-age 86400 access-control-allow-methods GET, POST p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin https://ask.fm cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers Content-Type, Cache-Control, Accept-Encoding, X-Requested-With expires -1
POST H2	200	c Show response prebid.a-mo.net/a/	861 B 781 B	385ms 167ms	XHR application/json	147.75.38.124 PACKET
General Check archive.org Show headers Download Go to Full URL https://prebid.a-mo.net/a/c Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash a4b61a05df1b1a16d59ce522aa349bcf9afe1c656a21f084678b13695cfa46c3 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Fri, 20 Aug 2021 13:10:41 GMT content-encoding gzip server envoy vary origin, accept-encoding content-type application/json; charset=utf-8 access-control-allow-origin https://ask.fm cache-control max-age=0, private, must-revalidate access-control-allow-credentials true x-envoy-upstream-service-time 58 content-length 357
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	144 B 1 KB	110ms 44ms	XHR application/json	185.33.221.88 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 358a91412a13aeb7e5d745cb5bd31940cee5443c02df0b7b5f65d8dce9be3a6e Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Fri, 20 Aug 2021 13:10:41 GMT X-Proxy-Origin 89.187.189.215; 89.187.189.215; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 32aff802-6fce-410c-8554-d6ceb857a215 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://ask.fm Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 144 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	cygnus Show response htlb.casalemedia.com/	24 B 365 B	89ms 38ms	XHR application/json	184.31.84.150 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://htlb.casalemedia.com/cygnus?s=425272&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%227ee3138f9b6ea5%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fask.fm%2Frodmail212%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.2.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%228a1588626dab9a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%228a1588626dab9a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22750x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A750%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%228a1588626dab9a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-31-84-150.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 3f655a17db1e9ab9cf9d36fc107718bd5c35b4bc49c8ab3f0a7f63777519aff2 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 20 Aug 2021 13:10:41 GMT content-encoding gzip x-ak-initial-geo CC:[CZ], RC:[], CN:[EU], CIP:[89.187.189.215], XFF:[] server Apache vary Is-Traffic-Invalid,Accept-Encoding content-type application/json access-control-allow-origin https://ask.fm x-cs-client-geo 09 cache-control max-age=0, no-cache, no-store access-control-allow-credentials true content-length 44 x-ak-client-geo 09 expires Fri, 20 Aug 2021 13:10:41 GMT
POST H2	200	prebid-request Show response onetag-sys.com/	15 B 362 B	91ms 31ms	XHR application/json	51.89.9.252 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/prebid-request Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip252.ip-51-89-9.eu Software / Resource Hash 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=15552000 content-encoding gzip p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' access-control-allow-origin https://ask.fm cache-control no-transform, no-cache access-control-allow-credentials true content-type application/json access-control-allow-headers content-type, origin, referer, user-agent content-length 41
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	145 B 1 KB	109ms 46ms	XHR application/json	185.33.221.88 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 326fb905926cfcc487051d258e8f0cec1f6798ea09ba4f2e928dcc68c3f3e97f Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Fri, 20 Aug 2021 13:10:41 GMT X-Proxy-Origin 89.187.189.215; 89.187.189.215; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 64836ad4-c095-455d-9cc8-086bc7b11dce Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://ask.fm Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 145 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	204	apacdex Show response useast.quantumdex.io/auction/	0 620 B	219ms 204ms	XHR text/plain	2606:4700:20::681a:34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://useast.quantumdex.io/auction/apacdex Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Fri, 20 Aug 2021 13:10:41 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-allow-methods POST, GET access-control-allow-origin https://ask.fm report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J0IU6lPXke1fMiOxc03f0TLUsIf3Y1iWHLSGbRIy9f1ZxCKontf63M5IntwZbvtZ7cb%2FaYJO4GNoCEDTop9UGp8wfpc0sA0R1Ee6Fkvhnsa%2Fo3MIcBFVOx%2BYBq%2F38YWvPDWvuIWxGjmg8RZoBxb8mPuM"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 681bdcfeaebf2b16-FRA
OPTIONS H2	200	sid mug.criteo.com/ Frame	0 0	98ms 32ms	Preflight application/json	178.250.2.146 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=nmFO9nwyNTQwcEtqMzNsOHlNWTdEQUptcW50ZjdKcHFMSWM0U0NEWjdnWXJUUDBHcmVkVjhsVVM5aHE0aGJxNE1HQVMzOHRxN1EwMnp1ai8zK3JwOWRPcjdFOWJXYlZ2OTlFU0FHQ1pDSkE1R2piWlh6bEQ3YzRQUGthcld0ZFA0K2x5US9zSmhOb0R4Y3BIcDVyaDZFQU95ZnpVdHY4TE9CNDJ0aW5mZ3dwTVUrUDVsK1lxUUpuWExMOVJrdW44M2RxQ1VrcnhZVzdIVitBNFVEYTdsSTAvVitRPT18&cppv=2 Protocol H2 Server 178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin null User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache content-type application/json; charset=utf-8 expires 0 strict-transport-security max-age=31536000 access-control-allow-origin null access-control-allow-headers content-type access-control-allow-credentials true access-control-allow-methods GET server-processing-duration-in-ticks 1026 date Fri, 20 Aug 2021 13:10:41 GMT content-encoding gzip vary Accept-Encoding
POST H2	200	48953915 Show response mc.yandex.com/webvisor/	43 B 145 B	99ms 99ms	XHR image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=919121401&page-url=https%3A%2F%2Fask.fm%2Frodmail212&rn=581876542&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1629465044%3Aw%3A1600x1200%3Av%3A621%3Az%3A120%3Ai%3A202108201501043%3Au%3A16294650411004662656%3Avf%3A25rt5xty9edhsiwwad%3Awe%3A1%3Ati%3A2%3Ast%3A1629465044 Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 20 Aug 2021 13:10:43 GMT last-modified Fri, 20-Aug-2021 13:10:43 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Fri, 20-Aug-2021 13:10:43 GMT
POST H2	200	48953915 Show response mc.yandex.com/webvisor/	43 B 73 B	105ms 105ms	XHR image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=919121401&page-url=https%3A%2F%2Fask.fm%2Frodmail212&rn=609841991&wv-type=5&browser-info=gdpr%3A14%3Aet%3A1629465044%3Aw%3A1600x1200%3Av%3A621%3Az%3A120%3Ai%3A202108201501043%3Au%3A16294650411004662656%3Avf%3A25rt5xty9edhsiwwad%3Awe%3A1%3Ati%3A2%3Ast%3A1629465044 Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 20 Aug 2021 13:10:43 GMT last-modified Fri, 20-Aug-2021 13:10:43 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Fri, 20-Aug-2021 13:10:43 GMT
OPTIONS H2	200	openrtb adx.adform.net/adx/ Frame	0 0	37ms 37ms	Preflight	37.157.6.241 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/openrtb Protocol H2 Server 37.157.6.241 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://ask.fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers server nginx date Fri, 20 Aug 2021 13:10:44 GMT content-length 0 cache-control private access-control-allow-origin https://ask.fm access-control-allow-credentials true access-control-allow-methods GET, POST access-control-allow-headers Content-Type, Cache-Control, Accept-Encoding, X-Requested-With access-control-max-age 86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" strict-transport-security max-age=31536000; includeSubDomains
GET H2	200	optad360.js Show response serving.stat-rock.com/player/	304 KB 95 KB	122ms 50ms	Script application/javascript	144.76.128.227 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://serving.stat-rock.com/player/optad360.js Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.76.128.227 Remscheid, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS ap16.adplayer.pro Software nginx / Resource Hash 3ffd3c012ea6753cd0373b0c79c43ab8a1915dd112e15c821ea654e8b01739ed Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 13:10:44 GMT content-encoding gzip last-modified Fri, 18 Jun 2021 08:28:33 GMT server nginx etag W/"60cc5931-4beb9" vary Accept-Encoding content-type application/javascript cache-control public, max-age=600
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	139 B 811 B	45ms 44ms	XHR application/json	185.33.221.88 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash d2be780dd4a6eada9f60c5308a4c614caf273fa5aa7bdfc4ddda243651c8a305 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Fri, 20 Aug 2021 13:10:44 GMT X-Proxy-Origin 89.187.189.215; 89.187.189.215; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 35a8aa6c-bed5-4d81-9f71-b20f08b0a3cd Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://ask.fm Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 139 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	204	openrtb Show response adx.adform.net/adx/	0 401 B	119ms 119ms	XHR text/plain	37.157.6.241 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/openrtb Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.241 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json Response headers pragma no-cache date Fri, 20 Aug 2021 13:10:44 GMT server nginx access-control-max-age 86400 access-control-allow-methods GET, POST p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin https://ask.fm cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers Content-Type, Cache-Control, Accept-Encoding, X-Requested-With expires -1
POST H2	200	prebid-request Show response onetag-sys.com/	15 B 362 B	47ms 46ms	XHR application/json	51.89.9.252 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/prebid-request Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip252.ip-51-89-9.eu Software / Resource Hash 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=15552000 content-encoding gzip p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' access-control-allow-origin https://ask.fm cache-control no-transform, no-cache access-control-allow-credentials true content-type application/json access-control-allow-headers content-type, origin, referer, user-agent content-length 41
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	139 B 811 B	35ms 34ms	XHR application/json	185.33.221.88 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 11576d1eb43962d5db6604d63ac927d584df636e16f60b4477e82474fac75dd0 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Fri, 20 Aug 2021 13:10:44 GMT X-Proxy-Origin 89.187.189.215; 89.187.189.215; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 47c3a0c7-1a17-4c1c-93fd-76ffd3c50d45 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://ask.fm Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 139 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET DATA	200 OK	truncated /	630 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	410 Gone	Cookie set rodmail212 Show response ask.fm/	11 KB 13 KB	168ms 168ms	XHR text/html	193.138.77.141 ASK-FM
General Check archive.org Show headers Download Go to Full URL https://ask.fm/rodmail212 Requested by Host: serving.stat-rock.com URL: https://serving.stat-rock.com/player/optad360.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.138.77.141 , Latvia, ASN395754 (ASK-FM, US), Reverse DNS Software Ask.FM Web Service / Resource Hash 965bf485a385e8c4c55c6ead4787484a73984680e8120bf478970f6d526e8477 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host ask.fm Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Accept */* Cache-Control no-cache Sec-Fetch-Dest empty Referer https://ask.fm/rodmail212 Connection keep-alive Referer https://ask.fm/rodmail212 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 20 Aug 2021 13:10:44 GMT X-Content-Type-Options nosniff Server Ask.FM Web Service X-Frame-Options SAMEORIGIN Strict-Transport-Security max-age=63072000 Content-Type text/html; charset=utf-8 Status 410 Gone Cache-Control no-cache Transfer-Encoding chunked Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Set-Cookie locale=en; path=/; expires=Sat, 20 Aug 2022 19:10:44 -0000 uuid=b2fe738f-1fb0-46a7-912d-5db0b9563707; path=/; expires=Sat, 20 Aug 2022 19:10:44 -0000; secure; HttpOnly country=CZ; path=/; expires=Sat, 20 Aug 2022 19:10:44 -0000 _m_ask_fm_session=a1dBbGxuaDRFakpwWVRLRHI4SU8yMmVaK0hwZVN6bDZZeVpFbHRacFkvQlBsQkFkTXhyM0VUelgzV3ZWZ2szVDkwVVZuZDlMYjZnWTIyb0RkR0RVZmtEVmh4cjljMmdqckw2cFVOQWY1aFZlMm1qakxZWlN0OUlzbmR0dUhUZ3k5Sml3NC9MV2NmSkVObnFucDhGb0haWnBneTJYWklnRHlsRWZzMDByaHNmenhkNWd2Rk5YVksvNkdpZzVxckZsdDRnMWhIazNJeDdpRUNMdk8rWmZiZnRpSFpJK2lQeHB0c0pGTnM1Z2hrZysrRU5waUJKRTBvU3BuZ09JY3hCbC0tdVc5NGZTY0MxYUxydkV0YlM2S2xCUT09--802bd13f4c7e96636c4df2197e275b8c1ec7ae22; path=/; expires=Mon, 23 Aug 2021 13:10:44 -0000; secure; HttpOnly X-XSS-Protection 1; mode=block
GET H2	200	1 serving.stat-rock.com/v1/log/js/	35 B 163 B	100ms 32ms	Image image/gif	144.76.128.227 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://serving.stat-rock.com/v1/log/js/1?id=1629465044814.6565&type=INIT&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Frodmail212&t=162&v=91&width=400&z=p%3Adf%3Bv%3AinView%3B&r=0.881669122311741 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.76.128.227 Remscheid, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS ap16.adplayer.pro Software nginx / Resource Hash 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540 Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://ask.fm date Fri, 20 Aug 2021 13:10:44 GMT srvf 144.76.128.227 server nginx srvb 127.0.0.1:8082 content-length 35 content-type image/gif
GET H2	200	1 serving.stat-rock.com/v1/log/js/	35 B 162 B	100ms 33ms	Image image/gif	144.76.128.227 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://serving.stat-rock.com/v1/log/js/1?id=1629465044814.6565&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Frodmail212&t=169&v=91&width=400&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.17782965827428954 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.76.128.227 Remscheid, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS ap16.adplayer.pro Software nginx / Resource Hash 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540 Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://ask.fm date Fri, 20 Aug 2021 13:10:44 GMT srvf 144.76.128.227 server nginx srvb 127.0.0.1:8082 content-length 35 content-type image/gif
GET H/1.1	410 Gone	Cookie set rodmail212 Show response ask.fm/	11 KB 12 KB	166ms 166ms	XHR text/html	193.138.77.141 ASK-FM
General Check archive.org Show headers Download Go to Full URL https://ask.fm/rodmail212 Requested by Host: serving.stat-rock.com URL: https://serving.stat-rock.com/player/optad360.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.138.77.141 , Latvia, ASN395754 (ASK-FM, US), Reverse DNS Software Ask.FM Web Service / Resource Hash fb34edbbb443b260df61832ec580fffe6375c3071327f0fad50e6ce5e0470d37 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host ask.fm Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Accept */* Cache-Control no-cache Sec-Fetch-Dest empty Referer https://ask.fm/rodmail212 Cookie locale=en; uuid=b2fe738f-1fb0-46a7-912d-5db0b9563707; country=CZ; _m_ask_fm_session=a1dBbGxuaDRFakpwWVRLRHI4SU8yMmVaK0hwZVN6bDZZeVpFbHRacFkvQlBsQkFkTXhyM0VUelgzV3ZWZ2szVDkwVVZuZDlMYjZnWTIyb0RkR0RVZmtEVmh4cjljMmdqckw2cFVOQWY1aFZlMm1qakxZWlN0OUlzbmR0dUhUZ3k5Sml3NC9MV2NmSkVObnFucDhGb0haWnBneTJYWklnRHlsRWZzMDByaHNmenhkNWd2Rk5YVksvNkdpZzVxckZsdDRnMWhIazNJeDdpRUNMdk8rWmZiZnRpSFpJK2lQeHB0c0pGTnM1Z2hrZysrRU5waUJKRTBvU3BuZ09JY3hCbC0tdVc5NGZTY0MxYUxydkV0YlM2S2xCUT09--802bd13f4c7e96636c4df2197e275b8c1ec7ae22 Connection keep-alive Referer https://ask.fm/rodmail212 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 20 Aug 2021 13:10:45 GMT X-Content-Type-Options nosniff Server Ask.FM Web Service X-Frame-Options SAMEORIGIN Strict-Transport-Security max-age=63072000 Content-Type text/html; charset=utf-8 Status 410 Gone Cache-Control no-cache Transfer-Encoding chunked Content-Security-Policy frame-ancestors 'self' https://askfm.adspirit.de Set-Cookie locale=en; path=/; expires=Sat, 20 Aug 2022 19:10:45 -0000 _m_ask_fm_session=b2hORFhRSW9rQm41RG1ucVgydE1Nc0tJNWN6MXhReFdIbWY1WkR2NHRwWGRWdTIwTUJkbis3ajV3ajJxdTlWcll6dTROQmZXODJ4c1B5bkRQV1JMOUVqWDRCT3hETjlxbHBvWlJhZEd3MTVpNnhpRkRkeE5LSFNoSkE2MktFWUtNQitjbzBnamM3TkJ0dFRxTi82OW1KSVpYRUNyajd5Rm5sU0RSZ3R1RjNJeTV4ZXIwbDdHajZsTXBUMnlWQitSOTBpZWp2WFRBdWFHSndnZ25iVG55TGRBR0RVRW4wd2pzTFpxQy9LSUVxOGpvb2ZiWTZ5NllyT252d2pmRzh4TC0tMkFrWVZ4Z3A4bktVVUszb0dJb2ZRQT09--20bd6f81d9857dfd5b4d3301c87911f5798aea8d; path=/; expires=Mon, 23 Aug 2021 13:10:45 -0000; secure; HttpOnly X-XSS-Protection 1; mode=block
GET H2	200	1 serving.stat-rock.com/v1/log/js/	35 B 162 B	34ms 34ms	Image image/gif	144.76.128.227 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://serving.stat-rock.com/v1/log/js/1?d=1&id=1629465044814.6565&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Frodmail212&t=342&v=91&width=400&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.2765996526439025 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.76.128.227 Remscheid, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS ap16.adplayer.pro Software nginx / Resource Hash 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540 Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://ask.fm date Fri, 20 Aug 2021 13:10:45 GMT srvf 144.76.128.227 server nginx srvb 127.0.0.1:8082 content-length 35 content-type image/gif
GET H2	200	/ Show response onetag-sys.com/usync/ Frame 1BC7	2 KB 823 B	30ms 29ms	Document text/html	51.89.9.252 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/usync/?cb=1629465044559 Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip252.ip-51-89-9.eu Software / Resource Hash 37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers :method GET :authority onetag-sys.com :scheme https :path /usync/?cb=1629465044559 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ask.fm/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers content-type text/html cache-control no-transform, no-cache content-encoding gzip content-length 731 strict-transport-security max-age=15552000
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/dmp/ Frame 2AD3	52 KB 17 KB	92ms 28ms	Document text/html	151.101.13.108 FASTLY
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx/1.13.10 / Resource Hash 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://ask.fm/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers Connection keep-alive Content-Length 17053 Server nginx/1.13.10 Content-Type text/html Last-Modified Wed, 02 Dec 2020 20:56:47 GMT ETag W/"5fc7ff8f-cf34" Expires Fri, 30 Jul 2021 04:43:13 GMT Cache-Control max-age=86402 Access-Control-Allow-Origin * Content-Encoding gzip Via 1.1 varnish, 1.1 varnish Accept-Ranges bytes Date Fri, 20 Aug 2021 13:10:45 GMT Age 30334 X-Served-By cache-lga21936-LGA, cache-fra19161-FRA X-Cache HIT, HIT X-Cache-Hits 1, 240685 X-Timer S1629465045.175827,VS0,VE0 Vary Accept-Encoding
GET H/1.1	200 OK	ixmatch.html Show response js-sec.indexww.com/um/ Frame E896	2 KB 1 KB	73ms 23ms	Document text/html	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://js-sec.indexww.com/um/ixmatch.html Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c Request headers Host js-sec.indexww.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://ask.fm/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers Server Apache Last-Modified Thu, 11 Feb 2021 16:12:45 GMT ETag "e20015-90b-5bb11ca420f07" Accept-Ranges bytes P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type text/html; charset=UTF-8 Vary Accept-Encoding Content-Encoding gzip Content-Length 1151 Date Fri, 20 Aug 2021 13:10:45 GMT Connection keep-alive
GET H2	200	apacdex Show response sync.quantumdex.io/usersync/ Frame 7A1E	3 KB 1 KB	157ms 147ms	Document text/html	2606:4700:20::681a:34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sync.quantumdex.io/usersync/apacdex Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2c89de468b73bc4fdcf7975e800eee0504784b0e4b497457828afd7c5f9660b5 Request headers :method GET :authority sync.quantumdex.io :scheme https :path /usersync/apacdex pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ask.fm/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers date Fri, 20 Aug 2021 13:10:45 GMT content-type text/html set-cookie uid=07b8f933-18fe-4066-89ef-b399fdf1a60a; expires=Thu, 09 Sep 2021 13:10:45 GMT; domain=quantumdex.io; path=/; secure; SameSite=None cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ae38cVSB%2FU7%2B9RAbQNv3Bj4%2Bls5zCGdJNH6CPXPBb7JdUiSmOGVHHyi%2FPXODHY41J4lXVc2u1PLiJE14hrNu7p2J9UivzqKHS5UWwOinyPy1UmKNzWpxfwkd5vksMKWymZBQwOdkCsfEoa4LsQrDFQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 681bdd13e9892b16-FRA content-encoding br
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/dmp/ Frame 922C	52 KB 17 KB	90ms 29ms	Document text/html	151.101.13.108 FASTLY
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx/1.13.10 / Resource Hash 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://ask.fm/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers Connection keep-alive Content-Length 17053 Server nginx/1.13.10 Content-Type text/html Last-Modified Wed, 02 Dec 2020 20:56:47 GMT ETag W/"5fc7ff8f-cf34" Expires Fri, 30 Jul 2021 04:43:13 GMT Cache-Control max-age=86402 Access-Control-Allow-Origin * Content-Encoding gzip Via 1.1 varnish, 1.1 varnish Accept-Ranges bytes Date Fri, 20 Aug 2021 13:10:45 GMT Age 30334 X-Served-By cache-lga21936-LGA, cache-fra19123-FRA X-Cache HIT, HIT X-Cache-Hits 1, 248168 X-Timer S1629465045.175343,VS0,VE0 Vary Accept-Encoding
GET H2	200	/ Show response onetag-sys.com/usync/ Frame 1FFC	2 KB 823 B	30ms 29ms	Document text/html	51.89.9.252 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/usync/?cb=1629465041777 Requested by Host: get.optad360.io URL: https://get.optad360.io/sf/prebid5.2.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip252.ip-51-89-9.eu Software / Resource Hash 37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers :method GET :authority onetag-sys.com :scheme https :path /usync/?cb=1629465041777 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ask.fm/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ask.fm/ Response headers content-type text/html cache-control no-transform, no-cache content-encoding gzip content-length 731 strict-transport-security max-age=15552000
GET H2	204	/ onetag-sys.com/usync/	0 52 B	75ms 73ms	Image text/plain	51.89.9.252 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/usync/?tag=img Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip252.ip-51-89-9.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000 cache-control no-cache, no-transform
GET H2	204	setuid prebid.a-mo.net/ Redirect Chain https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da72d4891-075f-480d-8358-d663d3a8c873%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da72d4891-075f-480d-8358-d663d3a8c873%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID https://prebid.a-mo.net/setuid?A=a72d4891-075f-480d-8358-d663d3a8c873&D=&bidder=pubmatic&uid=93CAF91F-E979-4128-B38F-DBA086DC6759	0 121 B	113ms 113ms	Image text/plain	147.75.38.124 PACKET
General Check archive.org Show headers Download Go to Show image Full URL https://prebid.a-mo.net/setuid?A=a72d4891-075f-480d-8358-d663d3a8c873&D=&bidder=pubmatic&uid=93CAF91F-E979-4128-B38F-DBA086DC6759 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 13:10:44 GMT cache-control max-age=0, private, must-revalidate x-envoy-upstream-service-time 4 server envoy vary Accept-Encoding Redirect headers location https://prebid.a-mo.net/setuid?A=a72d4891-075f-480d-8358-d663d3a8c873&D=&bidder=pubmatic&uid=93CAF91F-E979-4128-B38F-DBA086DC6759 date Fri, 20 Aug 2021 13:10:45 GMT cache-control no-store, no-cache, private server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H2	204	setuid prebid.a-mo.net/ Redirect Chain https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da72d4891-075f-480d-8358-d663d3a8c873%26D%3D%26bidder%3Dindex_rtb%26uid%3D https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da72d4891-075f-480d-8358-d663d3a8c873%26D%3D%26bidder%3Dindex_rtb%26uid%3D&s=191503&C=1 https://prebid.a-mo.net/setuid?A=a72d4891-075f-480d-8358-d663d3a8c873&D=&bidder=index_rtb&uid=YR.p1QTdEnblU2IzOPKGowAA%261136	0 142 B	115ms 115ms	Image text/plain	147.75.38.124 PACKET
General Check archive.org Show headers Download Go to Show image Full URL https://prebid.a-mo.net/setuid?A=a72d4891-075f-480d-8358-d663d3a8c873&D=&bidder=index_rtb&uid=YR.p1QTdEnblU2IzOPKGowAA%261136 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 13:10:45 GMT cache-control max-age=0, private, must-revalidate x-envoy-upstream-service-time 4 server envoy vary Accept-Encoding Redirect headers Pragma no-cache Date Fri, 20 Aug 2021 13:10:45 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://prebid.a-mo.net/setuid?A=a72d4891-075f-480d-8358-d663d3a8c873&D=&bidder=index_rtb&uid=YR.p1QTdEnblU2IzOPKGowAA%261136 Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 321 Expires Fri, 20 Aug 2021 13:10:45 GMT
GET H2	204	verizon_video prebid.a-mo.net/setuid/ Redirect Chain https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=a72d4891-075f-480d-8358-d663d3a8c873 https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=a72d4891-075f-480d-8358-d663d3a8c873&verify=true https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=a72d4891-075f-480d-8358-d663d3a8c873&apid=UP0773ea3e-01b8-11ec-87e8-06463838ddb8 https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=a72d4891-075f-480d-8358-d663d3a8c873&apid=UP0773ea3e-01b8-11ec-87e8-06463838ddb8&verify=true https://prebid.a-mo.net/setuid/verizon_video?uid=UP0773ea3e-01b8-11ec-87e8-06463838ddb8&gdpr=0&gdpr_consent=	0 127 B	113ms 113ms	Image text/plain	147.75.38.124 PACKET
General Check archive.org Show headers Download Go to Show image Full URL https://prebid.a-mo.net/setuid/verizon_video?uid=UP0773ea3e-01b8-11ec-87e8-06463838ddb8&gdpr=0&gdpr_consent= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 13:10:45 GMT cache-control max-age=0, private, must-revalidate x-envoy-upstream-service-time 3 server envoy vary Accept-Encoding Redirect headers Date Fri, 20 Aug 2021 13:10:45 GMT Server ATS/7.1.2.138 Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Location https://prebid.a-mo.net/setuid/verizon_video?uid=UP0773ea3e-01b8-11ec-87e8-06463838ddb8&gdpr=0&gdpr_consent= Connection keep-alive Content-Length 0
GET H2	204	setuid prebid.a-mo.net/ Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da72d4891-075f-480d-8358-d663d3a8c873%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253Da72d4891-075f-480d-8358-d663d3a8c873%2526D%253D%2526bidder%253Dappnexus%2526uid%253D%2524UID https://prebid.a-mo.net/setuid?A=a72d4891-075f-480d-8358-d663d3a8c873&D=&bidder=appnexus&uid=2318151539258726895	0 154 B	110ms 110ms	Image text/plain	147.75.38.124 PACKET
General Check archive.org Show headers Download Go to Show image Full URL https://prebid.a-mo.net/setuid?A=a72d4891-075f-480d-8358-d663d3a8c873&D=&bidder=appnexus&uid=2318151539258726895 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 13:10:44 GMT cache-control max-age=0, private, must-revalidate x-envoy-upstream-service-time 2 server envoy vary Accept-Encoding Redirect headers Pragma no-cache Date Fri, 20 Aug 2021 13:10:45 GMT X-Proxy-Origin 89.187.189.215; 89.187.189.215; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 1efb8487-3c37-4b17-a202-7e75632b89d2 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://prebid.a-mo.net/setuid?A=a72d4891-075f-480d-8358-d663d3a8c873&D=&bidder=appnexus&uid=2318151539258726895 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	204	setuid prebid.a-mo.net/ Redirect Chain https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da72d4891-075f-480d-8358-d663d3a8c873%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Da72d4891-075f-480d-8358-d663d3a8c873%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true https://prebid.a-mo.net/setuid?A=a72d4891-075f-480d-8358-d663d3a8c873&D=&bidder=sovrn&uid=e46024ad4757de0a02a3cf02	0 116 B	114ms 114ms	Image text/plain	147.75.38.124 PACKET
General Check archive.org Show headers Download Go to Show image Full URL https://prebid.a-mo.net/setuid?A=a72d4891-075f-480d-8358-d663d3a8c873&D=&bidder=sovrn&uid=e46024ad4757de0a02a3cf02 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 13:10:44 GMT cache-control max-age=0, private, must-revalidate x-envoy-upstream-service-time 4 server envoy vary Accept-Encoding Redirect headers Date Fri, 20 Aug 2021 13:10:45 GMT Server nginx Location https://prebid.a-mo.net/setuid?A=a72d4891-075f-480d-8358-d663d3a8c873&D=&bidder=sovrn&uid=e46024ad4757de0a02a3cf02 Access-Control-Allow-Methods GET, POST, DELETE, PUT Access-Control-Allow-Origin * Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap6ams1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 0
GET H2	200	1 serving.stat-rock.com/v1/log/js/	35 B 162 B	33ms 32ms	Image image/gif	144.76.128.227 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://serving.stat-rock.com/v1/log/js/1?id=1629465044814.6565&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Frodmail212&t=514&v=91&width=400&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.37784636589354914 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.76.128.227 Remscheid, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS ap16.adplayer.pro Software nginx / Resource Hash 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540 Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://ask.fm date Fri, 20 Aug 2021 13:10:45 GMT srvf 144.76.128.227 server nginx srvb 127.0.0.1:8082 content-length 35 content-type image/gif
GET H2	200	1 serving.stat-rock.com/v1/log/js/	35 B 162 B	33ms 32ms	Image image/gif	144.76.128.227 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://serving.stat-rock.com/v1/log/js/1?d=1&id=1629465044814.6565&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Frodmail212&t=514&v=91&width=400&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.703506216937152 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 144.76.128.227 Remscheid, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS ap16.adplayer.pro Software nginx / Resource Hash 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540 Request headers Origin https://ask.fm Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://ask.fm date Fri, 20 Aug 2021 13:10:45 GMT srvf 144.76.128.227 server nginx srvb 127.0.0.1:8082 content-length 35 content-type image/gif
GET H/1.1	200 OK	Cookie set usermatch Show response ssum-sec.casalemedia.com/ Frame D0C4	2 KB 3 KB	85ms 36ms	Document text/html	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/um/ixmatch.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash e298d608235d396b56c40a42530f091ca2c0a47cddb8a83adda723a73a5343d0 Request headers Host ssum-sec.casalemedia.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://js-sec.indexww.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie CMID=YR.p1QTdEnblU2IzOPKGowAA; CMPS=5150; CMPRO=1136; CMST=YR+p1WEfqdUA Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://js-sec.indexww.com/ Response headers Server Apache Content-Type text/html Dropped-Udsids 241|45|230|39|190|64|40|191 P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Vary Is-Traffic-Usersync Content-Length 1754 Expires Fri, 20 Aug 2021 13:10:45 GMT Cache-Control max-age=0, no-cache, no-store Pragma no-cache Date Fri, 20 Aug 2021 13:10:45 GMT Connection keep-alive Set-Cookie CMID=YR.p1QTdEnblU2IzOPKGowAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 20 Aug 2022 13:10:45 GMT CMPS=5150;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 18 Nov 2021 13:10:45 GMT CMPRO=1136;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 18 Nov 2021 13:10:45 GMT CMRUM3=40611fa9d505a0&f1611fa9d505a0&be611fa9d505a0&2d611fa9d505a0&27611fa9d50b40&bf611fa9d505a0&28611fa9d505a00&e6611fa9d52760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 20 Aug 2022 13:10:45 GMT
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame 2AD3	0 733 B	37ms 37ms	Script text/html	185.33.221.88 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 20 Aug 2021 13:10:45 GMT X-Proxy-Origin 89.187.189.215; 89.187.189.215; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid c6f81894-98c4-4d07-8554-5515c63146fb Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame 922C	0 733 B	56ms 55ms	Script text/html	185.33.221.88 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 20 Aug 2021 13:10:45 GMT X-Proxy-Origin 89.187.189.215; 89.187.189.215; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 69202af7-373c-4802-8ea5-fc0af3d5e119 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200	1.gif id5-sync.com/c/495/0/0/ Frame 7A1E Redirect Chain https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=	43 B 1 KB	33ms 33ms	Image image/gif	51.89.42.88 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent= Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.89.42.88 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS p27.id5-sync.com Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 20 Aug 2021 13:10:32 GMT Transfer-Encoding chunked Content-Type image/gif;charset=UTF-8 Strict-Transport-Security max-age=63072000; includeSubDomains; preload P3P CP="CAO PSA OUR" Redirect headers Location https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent= Date Fri, 20 Aug 2021 13:10:32 GMT Transfer-Encoding chunked Strict-Transport-Security max-age=63072000; includeSubDomains; preload P3P CP="CAO PSA OUR"
GET H2	200	setuid sync.quantumdex.io/ Frame 7A1E Redirect Chain https://ups.analytics.yahoo.com/ups/58424/occ https://ups.analytics.yahoo.com/ups/58424/occ?verify=true https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-lY10lplE2uHPf5Ka.6OI_e3XKns.HULnPgYrarA-~A	43 B 480 B	250ms 250ms	Image image/gif	2606:4700:20::681a:34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-lY10lplE2uHPf5Ka.6OI_e3XKns.HULnPgYrarA-~A Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 13:10:45 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzGmz4VdX4dO%2FUl%2Bujglf7PMjjmDrFIzpqiKy6zfkQTstBleegjtoZisSoJ3csGqiAX%2Bu50ixwIBr1O%2B9apO%2Fo7VCAygyKcv%2F0rBEMio1RvlvN7cP5clczI2JYgDJJqZpNGxaj5HIE9ey0u2QJAwDg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 681bdd161dc62b16-FRA content-length 43 Redirect headers Date Fri, 20 Aug 2021 13:10:45 GMT Server ATS/7.1.2.138 Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Location https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-lY10lplE2uHPf5Ka.6OI_e3XKns.HULnPgYrarA-~A Connection keep-alive Content-Length 0
GET H2	200	setuid sync.quantumdex.io/ Frame 7A1E Redirect Chain https://ms.quantumdex.io/user/sync/quantumdex https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=d25bd7a5-6a68-4d79-aed7-447a98693b25	43 B 323 B	138ms 138ms	Image image/gif	2606:4700:20::681a:34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=d25bd7a5-6a68-4d79-aed7-447a98693b25 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 13:10:45 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=otnqqNmu%2BO7uxwqZyONnHLy2fTrTECdTb0UXDIGLeOXgh4s1WvuuL7nlsKgoZofQ3pLupcR8qobUers6oZ8WJ2DiufbmsT1Vu3wwDMM9qCymGmq2H8YNN2zKU%2BLGyLFY4mkzDxeMrsBm2EnKutsLlw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 681bdd15fda12b16-FRA content-length 43 Redirect headers date Fri, 20 Aug 2021 13:10:45 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m4IQTwjgPCGFw0fcpZGjXkCGx9n3SKr4t0ZZ5LXWMfDDFtgJ85q6WitCKUv2xf%2F0IA4c7y%2BCGWnX5vn9eXIgrt0%2FttwJIAVk9P737H6K0RdAr0og87e9pq5YsUWcXTPihwKevlCiaWJJtOPb8q0%3D"}],"group":"cf-nel","max_age":604800} location https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=d25bd7a5-6a68-4d79-aed7-447a98693b25 cf-ray 681bdd154c232b16-FRA content-length 0
GET H2	200	setuid sync.quantumdex.io/ Frame 7A1E Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2318151539258726895	43 B 324 B	151ms 150ms	Image image/gif	2606:4700:20::681a:34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2318151539258726895 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 13:10:45 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FunxmNKdtdWXdpInJkv5heZFNUCkx%2BEeTkndsMrn2c452zI9m6EfVWnWgNbQd7myd6gHOVGIPsi5BbsZQRBcrEgQUh27bjWC6GIpk5he7lsYnd5UwlusUIiL9jOfiwrrirs%2BFBm2vKR6EGmT7ZOScQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 681bdd158cdc2b16-FRA content-length 43 Redirect headers Pragma no-cache Date Fri, 20 Aug 2021 13:10:45 GMT X-Proxy-Origin 89.187.189.215; 89.187.189.215; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 8be173d6-d455-483f-a73c-06ebc4e36456 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2318151539258726895 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	setuid sync.quantumdex.io/ Frame 7A1E Redirect Chain https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP0773ea3e-01b8-11ec-87e8-06463838ddb8 https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP0773ea3e-01b8-11ec-87e8-06463838ddb8&verify=true https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP0773ea3e-01b8-11ec-87e8-06463838ddb8	43 B 360 B	241ms 241ms	Image image/gif	2606:4700:20::681a:34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP0773ea3e-01b8-11ec-87e8-06463838ddb8 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 13:10:45 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2Bd%2Beam0eDrfg0erRpnYMwkjczoLGHMbwZoq9EtEXI7GrzZDIl2%2BmuqoX7SS0Hnv75yVVGQjbDh%2BDubtv%2BXeX6TGWDOUXq3%2FCIr0XM3OFjsA3notLsPdeL%2BOItbUamLwqZ%2F%2BVeRy2%2BhMN9uyUFLfxg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 681bdd162deb2b16-FRA content-length 43 Redirect headers Date Fri, 20 Aug 2021 13:10:45 GMT Server ATS/7.1.2.138 Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Location https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP0773ea3e-01b8-11ec-87e8-06463838ddb8 Connection keep-alive Content-Length 0
GET H/1.1	200 OK	us sync.go.sonobi.com/ Frame 7A1E	0 474 B	145ms 34ms	Image text/plain	178.162.133.149 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-sync.go.sonobi.com Software sonobi-go / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 20 Aug 2021 13:10:45 GMT Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-9 P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache, no-store, private Tcn Choice Content-Type text/plain; charset=utf8 Content-Length 0 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT
GET H2	200	setuid sync.quantumdex.io/ Frame 7A1E Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2318151539258726895	43 B 348 B	132ms 131ms	Image image/gif	2606:4700:20::681a:34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2318151539258726895 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 13:10:45 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZHLY%2FKxDC9tAaXd%2FL%2FaQG%2B4Wj9Luy4H2gkXQefVGHL2XZQuOTKHkOtgv9YmnqEBP8jVsLxDvhZMm85%2BcMtoToq1lIdWEgch6eXK59jCwthOL4SdJao3%2FZ%2F9J7huY%2FBKKyEVXD1gMPr3hWyxJ0%2Bu1%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 681bdd158cda2b16-FRA content-length 43 Redirect headers Pragma no-cache Date Fri, 20 Aug 2021 13:10:45 GMT X-Proxy-Origin 89.187.189.215; 89.187.189.215; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid ccacf9cc-2a9a-42e4-adac-2fdbf0a2511f Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2318151539258726895 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	setuid sync.quantumdex.io/ Frame 7A1E Redirect Chain https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=27e8f049-2199-4e53-9ce3-823994b802a9	43 B 324 B	139ms 139ms	Image image/gif	2606:4700:20::681a:34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=27e8f049-2199-4e53-9ce3-823994b802a9 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 13:10:45 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y2KXYM8ucT4vJY2%2FuB70XOIcGDJtIf9UMcFi35ekshkxO4aplTtutBY%2FiC7VX1GS5FwznXgYlu9IyiIZxdX2rumIxrhFdORsDk2jnmVTbCUjLneUXikGPd25JPat%2B6dtWMUshh12yG1Z8gdBNDWirQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 681bdd15fda02b16-FRA content-length 43 Redirect headers location https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=27e8f049-2199-4e53-9ce3-823994b802a9 date Fri, 20 Aug 2021 13:10:45 GMT content-length 0
GET H2	200	setuid sync.quantumdex.io/ Frame 7A1E Redirect Chain https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID https://sync.quantumdex.io/setuid?bidder=sovrn&uid=e46024ad4757de0a02a3cf02	43 B 325 B	138ms 137ms	Image image/gif	2606:4700:20::681a:34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=sovrn&uid=e46024ad4757de0a02a3cf02 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://sync.quantumdex.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 13:10:45 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=en7gm8hLV0gjiXVnbdoIkch9rxcy1RUzlewLU3eBNhNaHHOm%2BnLUnOlj6nLwI9aYUyTCXVrbdxiv5PjN%2FFJ83vviwA8WzfL3jQeb%2BzTeDDXYU8gFdrsUo5eYw7eiG2hbhjJDkeHFQHXgpYKXN0Z6SA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 681bdd158cde2b16-FRA content-length 43 Redirect headers Date Fri, 20 Aug 2021 13:10:45 GMT Server nginx Location https://sync.quantumdex.io/setuid?bidder=sovrn&uid=e46024ad4757de0a02a3cf02 Access-Control-Allow-Methods GET, POST, DELETE, PUT Access-Control-Allow-Origin * Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap6ams1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 0
GET H2	200	/ Show response onetag-sys.com/usync/ Frame 4591	2 KB 823 B	30ms 30ms	Document text/html	51.89.9.252 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/usync/?pubId=2bb78272a859ca6 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip252.ip-51-89-9.eu Software / Resource Hash 37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers :method GET :authority onetag-sys.com :scheme https :path /usync/?pubId=2bb78272a859ca6 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://sync.quantumdex.io/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://sync.quantumdex.io/ Response headers content-type text/html cache-control no-transform, no-cache content-encoding gzip content-length 731 strict-transport-security max-age=15552000
GET H/1.1	200 OK	Cookie set usermatch Show response ssum-sec.casalemedia.com/ Frame 1CD6	2 KB 3 KB	36ms 33ms	Document text/html	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 9d824f0e593ebeb855466ac1a176f36d21c05974036c2459d1b0c202730c6078 Request headers Host ssum-sec.casalemedia.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://sync.quantumdex.io/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie CMID=YR.p1QTdEnblU2IzOPKGowAA; CMPS=5150; CMPRO=1136; CMST=YR+p1WEfqdUA Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://sync.quantumdex.io/ Response headers Server Apache Content-Type text/html Dropped-Udsids 39|230|241|45|3|221|190|90 P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Vary Is-Traffic-Usersync Content-Length 1901 Expires Fri, 20 Aug 2021 13:10:45 GMT Cache-Control max-age=0, no-cache, no-store Pragma no-cache Date Fri, 20 Aug 2021 13:10:45 GMT Connection keep-alive Set-Cookie CMID=YR.p1QTdEnblU2IzOPKGowAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 20 Aug 2022 13:10:45 GMT CMPS=5150;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 18 Nov 2021 13:10:45 GMT CMPRO=1136;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 18 Nov 2021 13:10:45 GMT CMRUM3=27611fa9d50b40&be611fa9d505a0&2d611fa9d505a0&dd611fa9d52760&e6611fa9d52760&f1611fa9d505a0&5a611fa9d505a0&03611fa9d505a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 20 Aug 2022 13:10:45 GMT
GET H2	200	user_sync.html Show response ads.pubmatic.com/AdServer/js/ Frame BCD5	14 KB 5 KB	74ms 24ms	Document text/html	2.18.233.180 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-233-180.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba Request headers :method GET :authority ads.pubmatic.com :scheme https :path /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://sync.quantumdex.io/ accept-encoding gzip, deflate, br accept-language en-US cookie KTPCACOOKIE=true; KADUSERCOOKIE=93CAF91F-E979-4128-B38F-DBA086DC6759 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://sync.quantumdex.io/ Response headers last-modified Tue, 15 Jun 2021 06:08:03 GMT etag "1300708-3945-5c4c7cc02bd56" server Apache/2.2.15 (CentOS) accept-ranges bytes content-encoding gzip p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 5054 content-type text/html; charset=UTF-8 cache-control max-age=136411 expires Sun, 22 Aug 2021 03:04:16 GMT date Fri, 20 Aug 2021 13:10:45 GMT vary Accept-Encoding
GET H/1.1	200 OK	Cookie set uc.html Show response sync.go.sonobi.com/ Frame 8157	43 B 551 B	135ms 34ms	Document text/html	178.162.133.149 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2 Requested by Host: sync.quantumdex.io URL: https://sync.quantumdex.io/usersync/apacdex Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-sync.go.sonobi.com Software sonobi-go / Resource Hash bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25 Security Headers Name Value X-Xss-Protection 0 Request headers Host sync.go.sonobi.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://sync.quantumdex.io/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://sync.quantumdex.io/ Response headers Date Fri, 20 Aug 2021 13:10:45 GMT Content-Type text/html Transfer-Encoding chunked Expires Sat, 26 Jul 1997 05:00:00 GMT Cache-Control no-cache, no-store, private P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Pragma no-cache Tcn Choice Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-9 X-Xss-Protection 0 Content-Encoding gzip Server sonobi-go Set-Cookie HAPLB5S=s579|YR+p2; path=/; domain=.go.sonobi.com
GET H/1.1	200 OK	dcm s.amazon-adsystem.com/ Frame D0C4 Redirect Chain https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YR-p1QTdEnblU2IzOPKGowAABHAAAAIB https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YR-p1QTdEnblU2IzOPKGowAABHAAAAIB&dcc=t	43 B 645 B	122ms 122ms	Image image/gif	209.54.178.82 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YR-p1QTdEnblU2IzOPKGowAABHAAAAIB&dcc=t Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 20 Aug 2021 13:10:45 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid EH7VF10SWT6DZKT8RZ38 Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 20 Aug 2021 13:10:45 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid H17D2SZWRTQVG9E12D1Q Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YR-p1QTdEnblU2IzOPKGowAABHAAAAIB&dcc=t Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame D0C4 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YR.p1QTdEnblU2IzOPKGowAA https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YR.p1QTdEnblU2IzOPKGowAA&google_tc= https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPAbiUascQ9kCvljmm_B67E&google_cver=1&gdpr=1&google_hm=2	43 B 1 KB	37ms 36ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPAbiUascQ9kCvljmm_B67E&google_cver=1&gdpr=1&google_hm=2 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 20 Aug 2021 13:10:45 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Fri, 20 Aug 2021 13:10:45 GMT Redirect headers pragma no-cache date Fri, 20 Aug 2021 13:10:45 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPAbiUascQ9kCvljmm_B67E&google_cver=1&gdpr=1&google_hm=2 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 341 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	usermatchredir ssum-sec.casalemedia.com/ Frame D0C4 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YR-p1QTdEnblU2IzOPKGowAABHAAAAIB&gdpr_consent=&us_privacy=&gdpr=1 https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YR-p1QTdEnblU2IzOPKGowAABHAAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPXA3zSkTnpj_u5KVUceUKw&google_cver=1	43 B 315 B	36ms 36ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPXA3zSkTnpj_u5KVUceUKw&google_cver=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 20 Aug 2021 13:10:45 GMT Server Apache Vary Is-Traffic-Usersync Content-Type image/gif Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 43 Expires Fri, 20 Aug 2021 13:10:45 GMT Redirect headers pragma no-cache date Fri, 20 Aug 2021 13:10:45 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPXA3zSkTnpj_u5KVUceUKw&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 343 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	casale match.adsrvr.org/track/cmf/ Frame D0C4	70 B 265 B	163ms 52ms	Image image/gif	13.248.242.197 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YR.p1QTdEnblU2IzOPKGowAA&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.248.242.197 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a97adde81b00f2ca4.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 20 Aug 2021 13:10:45 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H/1.1	400 Request failed due to privacy signals	getuid ib.adnxs.com/ Frame D0C4	0 0	34ms 33ms	Image text/html	185.33.221.88 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame D0C4 Redirect Chain https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1632057045	43 B 997 B	29ms 29ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1632057045 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 20 Aug 2021 13:10:45 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Fri, 20 Aug 2021 13:10:45 GMT Redirect headers pragma no-cache date Fri, 20 Aug 2021 13:10:45 GMT server AC1.1 p3p CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1632057045 cache-control max-age=0,no-cache,no-store content-length 0 expires Tue, 11 Oct 1977 12:34:56 GMT
GET H2	200	index dmp.brand-display.com/cm/api/ Frame D0C4	43 B 253 B	214ms 148ms	Image image/gif	35.241.40.233 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 233.40.241.35.bc.googleusercontent.com Software nginx/1.21.1 / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 20 Aug 2021 13:10:45 GMT via 1.1 google last-modified Fri, 20 Aug 2021 13:10:45 GMT server nginx/1.21.1 content-type image/gif cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 alt-svc clear content-length 43 expires Fri, 20 Aug 2021 13:10:46 GMT
GET H/1.1	200 OK	htw-pixel.gif js-sec.indexww.com/ht/ Frame D0C4	43 B 425 B	23ms 23ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://js-sec.indexww.com/ht/htw-pixel.gif?YR.p1QTdEnblU2IzOPKGowAA%261136 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 20 Aug 2021 13:10:45 GMT Last-Modified Tue, 24 Jan 2017 19:36:04 GMT Server Apache ETag "902a3d-2b-546dc3a097100" P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=3342 Connection keep-alive Accept-Ranges bytes Content-Type image/gif Content-Length 43 Expires Fri, 20 Aug 2021 14:06:27 GMT
GET H2	200	cs&eq_cc=1 Show response um2.eqads.com/um/ Frame D0D7 Redirect Chain https://um2.eqads.com/um/cs https://um2.eqads.com/um/cs&eq_cc=1	186 B 370 B	116ms 115ms	Document text/html	18.233.75.25 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://um2.eqads.com/um/cs&eq_cc=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.233.75.25 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-233-75-25.compute-1.amazonaws.com Software / Resource Hash f54a8dcbd2bf3112cced47cf805eed3df74325f616f1d64aec46a0d66ec79589 Request headers :method GET :authority um2.eqads.com :scheme https :path /um/cs&eq_cc=1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ssum-sec.casalemedia.com/ accept-encoding gzip, deflate, br accept-language en-US cookie EQUser=UID=b2f3dab3-effd-46ef-8f21-5474d3cf3ce5 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ssum-sec.casalemedia.com/ Response headers date Fri, 20 Aug 2021 13:10:45 GMT content-type text/html; charset=utf-8 content-length 186 cache-control no-cache, must-revalidate expires Sat, 6 May 1995 12:00:00 GMT last-modified Fri, 20 Aug 2021 13:10:45 GMT pragma no-cache Redirect headers date Fri, 20 Aug 2021 13:10:45 GMT content-type text/html; charset=utf-8 content-length 41 location /um/cs&eq_cc=1 set-cookie EQUser=UID=b2f3dab3-effd-46ef-8f21-5474d3cf3ce5; Path=/; Domain=eqads.com; Expires=Sat, 20 Nov 2021 13:10:45 GMT; Secure; SameSite=None
GET H2	200	casale match.adsrvr.org/track/cmf/ Frame 1CD6	70 B 264 B	126ms 52ms	Image image/gif	13.248.242.197 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YR.p1QTdEnblU2IzOPKGowAA&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.248.242.197 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a97adde81b00f2ca4.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 20 Aug 2021 13:10:45 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H/1.1	200 OK	usermatchredir ssum-sec.casalemedia.com/ Frame 1CD6 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YR-p1QTdEnblU2IzOPKGowAABHAAAAIB&gdpr_consent=&us_privacy=&gdpr=1 https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YR-p1QTdEnblU2IzOPKGowAABHAAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEN9s1W2XKJsUMHjp92TMwN8&google_cver=1	43 B 315 B	27ms 27ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEN9s1W2XKJsUMHjp92TMwN8&google_cver=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 20 Aug 2021 13:10:45 GMT Server Apache Vary Is-Traffic-Usersync Content-Type image/gif Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 43 Expires Fri, 20 Aug 2021 13:10:45 GMT Redirect headers pragma no-cache date Fri, 20 Aug 2021 13:10:45 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEN9s1W2XKJsUMHjp92TMwN8&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 343 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	dcm s.amazon-adsystem.com/ Frame 1CD6 Redirect Chain https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YR-p1QTdEnblU2IzOPKGowAABHAAAAIB https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YR-p1QTdEnblU2IzOPKGowAABHAAAAIB&dcc=t	43 B 645 B	123ms 123ms	Image image/gif	209.54.178.82 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YR-p1QTdEnblU2IzOPKGowAABHAAAAIB&dcc=t Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 20 Aug 2021 13:10:45 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid XPCWRTTQG709XSXETG8C Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 20 Aug 2021 13:10:45 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid MSB6G74WMTDPNFBG3R1S Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YR-p1QTdEnblU2IzOPKGowAABHAAAAIB&dcc=t Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame 1CD6 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YR.p1QTdEnblU2IzOPKGowAA https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED7KZ9nuevxrpNn3-ygI-3A&google_cver=1&gdpr=1&google_hm=2	43 B 1 KB	60ms 40ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED7KZ9nuevxrpNn3-ygI-3A&google_cver=1&gdpr=1&google_hm=2 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 20 Aug 2021 13:10:45 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Fri, 20 Aug 2021 13:10:45 GMT Redirect headers pragma no-cache date Fri, 20 Aug 2021 13:10:45 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED7KZ9nuevxrpNn3-ygI-3A&google_cver=1&gdpr=1&google_hm=2 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 341 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame 1CD6 Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=6501611f-a9d5-4e00-a221-c664ad4438a7&gdpr=1&gdpr_consent=	43 B 1008 B	36ms 36ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=6501611f-a9d5-4e00-a221-c664ad4438a7&gdpr=1&gdpr_consent= Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 20 Aug 2021 13:10:45 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Fri, 20 Aug 2021 13:10:45 GMT Redirect headers Date Fri, 20 Aug 2021 13:10:04 GMT Server MT3 3853 9552a83 master cdg-pixel-x13 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=6501611f-a9d5-4e00-a221-c664ad4438a7&gdpr=1&gdpr_consent= Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Fri, 20 Aug 2021 13:10:03 GMT
GET H2	200	tpid=YR.p1QTdEnblU2IzOPKGowAA%261136 bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame 1CD6 Redirect Chain https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YR.p1QTdEnblU2IzOPKGowAA%261136?gdpr_consent=&us_privacy=&gdpr=1 https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YR.p1QTdEnblU2IzOPKGowAA%261136?gdpr_consent=&us_privacy=&gdpr=1	49 B 740 B	62ms 62ms	Image image/gif	52.209.129.133 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YR.p1QTdEnblU2IzOPKGowAA%261136?gdpr_consent=&us_privacy=&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.209.129.133 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-129-133.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 20 Aug 2021 13:10:45 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.45.15.105 content-type image/gif content-length 49 expires 0 Redirect headers pragma no-cache date Fri, 20 Aug 2021 13:10:45 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV location https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YR.p1QTdEnblU2IzOPKGowAA%261136?gdpr_consent=&us_privacy=&gdpr=1 cache-control no-cache x-server 10.45.16.34 content-length 0 expires 0
GET H/1.1	400 Request failed due to privacy signals	getuid ib.adnxs.com/ Frame 1CD6	0 0	38ms 37ms	Image text/html	185.33.221.88 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	204	no_match_opted_out um.simpli.fi/ Frame 1CD6 Redirect Chain https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 https://um.simpli.fi/no_match_opted_out	0 272 B	28ms 27ms	Image text/plain	159.253.128.188 SOFTLAYER
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/no_match_opted_out Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US), Reverse DNS bc.80.fd9f.ip4.static.sl-reverse.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Fri, 20 Aug 2021 13:10:45 GMT x-content-type-options nosniff access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type strict-transport-security max-age=63072000; includeSubdomains; preload access-control-allow-methods GET, POST, OPTIONS Redirect headers date Fri, 20 Aug 2021 13:10:45 GMT x-content-type-options nosniff server nginx location /no_match_opted_out strict-transport-security max-age=63072000; includeSubdomains; preload access-control-allow-methods GET, POST, OPTIONS content-type text/html access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 154 expires Thu, 19 Aug 2021 13:10:45 GMT
GET H2	200	setuid sync.quantumdex.io/ Frame 1CD6	43 B 331 B	130ms 129ms	Image image/gif	2606:4700:20::681a:34e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.quantumdex.io/setuid?bidder=ix&uid=YR-p1QTdEnblU2IzOPKGowAABHAAAAIB Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 13:10:45 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yub6JUVu1I37MvmSv%2FK%2BgAFxv%2F%2Fu1ic5qIVkV7vJGa7lu4zKW3CsYwaLx0oW5mR1kZdNoXzKW%2B79vUAlFQ1cgDVJslJxgRPFH68LubWlTXUT2U%2BcE9gD1JkPTCirWCG8mn3ABMKIKYpejJ%2FpKKssTg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 681bdd15dd652b16-FRA content-length 43
GET H2	200	PugMaster Show response image6.pubmatic.com/AdServer/ Frame BCD5	0 42 B	110ms 34ms	Script text/plain	185.64.189.115 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=46539798&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 13:10:45 GMT content-length 0
POST H2	200	48953915 Show response mc.yandex.com/webvisor/	43 B 145 B	202ms 104ms	XHR image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=2&wv-hit=919121401&page-url=https%3A%2F%2Fask.fm%2Frodmail212&rn=974394270&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1629465046%3Aw%3A1600x1200%3Av%3A621%3Az%3A120%3Ai%3A202108201501045%3Au%3A16294650411004662656%3Avf%3A25rt5xty9edhsiwwad%3Awe%3A1%3Ati%3A2%3Ast%3A1629465046 Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://ask.fm/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 20 Aug 2021 13:10:46 GMT last-modified Fri, 20-Aug-2021 13:10:46 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://ask.fm cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Fri, 20-Aug-2021 13:10:46 GMT
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame D0D7	43 B 1 KB	35ms 34ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=b2f3dab3-effd-46ef-8f21-5474d3cf3ce5&expiration=1637413845 Requested by Host: um2.eqads.com URL: https://um2.eqads.com/um/cs&eq_cc=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://um2.eqads.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 20 Aug 2021 13:10:45 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Fri, 20 Aug 2021 13:10:45 GMT
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame 2AD3	0 733 B	107ms 42ms	Script text/html	185.33.221.88 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 20 Aug 2021 13:10:46 GMT X-Proxy-Origin 89.187.189.215; 89.187.189.215; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid c3b2f7d8-aaeb-4ca9-adaa-cfc2a9449f42 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame 922C	0 733 B	136ms 74ms	Script text/html	185.33.221.88 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 20 Aug 2021 13:10:46 GMT X-Proxy-Origin 89.187.189.215; 89.187.189.215; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 16ddb2bf-7024-4ea2-a2fd-70b2e0ea502a Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT