ask.fm Open in urlscan Pro
193.138.77.141 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ask.fm/bagelchard71034
Submission: On August 02 via manual (August 2nd 2021, 10:46:21 am UTC) from US

Summary HTTP 89 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 32 IPs in 11 countries across 36 domains to perform 89 HTTP transactions. The main IP is 193.138.77.141, located in Latvia and belongs to ASK-FM, US. The main domain is ask.fm.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on July 30th 2020. Valid for: a year.

This is the only time ask.fm was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	193.138.77.141 193.138.77.141	395754 (ASK-FM) (ASK-FM)
9	2600:9000:219... 2600:9000:2190:cc00:11:3771:2e40:21	16509 (AMAZON-02) (AMAZON-02)
3 11	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:219... 2600:9000:2190:5000:6:b871:4f00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:206... 2600:9000:206f:2e00:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	95.217.231.160 95.217.231.160	24940 (HETZNER-AS) (HETZNER-AS)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	184.31.84.150 184.31.84.150	16625 (AKAMAI-AS) (AKAMAI-AS)
6 10	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
4	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
3	2606:4700:10:... 2606:4700:10::6816:37ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.157.2.235 37.157.2.235	198622 (ADFORM) (ADFORM)
1	147.75.38.124 147.75.38.124	54825 (PACKET) (PACKET)
1 12	2606:4700:20:... 2606:4700:20::ac43:47f1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.13.108 151.101.13.108	54113 (FASTLY) (FASTLY)
5 16	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	35.157.177.200 35.157.177.200	16509 (AMAZON-02) (AMAZON-02)
3 4	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 1	35.158.223.21 35.158.223.21	16509 (AMAZON-02) (AMAZON-02)
2	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 2	51.75.146.200 51.75.146.200	16276 (OVH) (OVH)
2 2	72.251.249.14 72.251.249.14	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	3.217.109.237 3.217.109.237	14618 (AMAZON-AES) (AMAZON-AES)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
6 6	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 4	209.54.176.128 209.54.176.128	16509 (AMAZON-02) (AMAZON-02)
2	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
2 2	2a02:fa8:8806... 2a02:fa8:8806:20::2040	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	54.171.173.220 54.171.173.220	16509 (AMAZON-02) (AMAZON-02)
2 3	104.111.242.53 104.111.242.53	16625 (AKAMAI-AS) (AKAMAI-AS)
1	38.91.45.7 38.91.45.7	398989 (DEEPINTENT) (DEEPINTENT)
2 2	3.123.143.157 3.123.143.157	16509 (AMAZON-02) (AMAZON-02)
89	32

4 193.138.77.141 (Latvia)

ASN395754 (ASK-FM, US)

ask.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:2190:cc00:11:3771:2e40:21 (United States)

ASN16509 (AMAZON-02, US)

d3r6ceqp4shltl.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:5000:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:2e00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 95.217.231.160 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: ap11.adplayer.pro

serving.stat-rock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 37.252.173.22 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:37ce (United States)

ASN13335 (CLOUDFLARENET, US)

i.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-eu.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.235 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::ac43:47f1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

useast.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ms.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2.18.234.21 (Frankfurt am Main, Germany) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.177.200 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-177-200.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.126.56.137 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.223.21 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-223-21.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.162.133.149 (Madrid, Spain)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.75.146.200 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: p11.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.14 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.217.109.237 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

nep.advangelists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.162 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 209.54.176.128 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:20::2040 (United States) 2 redirects

ASN41041 (VCLK-EU-SE, US)

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.173.220 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-173-220.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.242.53 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.143.157 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	casalemedia.com 5 redirects htlb.casalemedia.com ssum-sec.casalemedia.com dsum-sec.casalemedia.com dsum.casalemedia.com	15 KB
12	quantumdex.io 1 redirects useast.quantumdex.io sync.quantumdex.io ms.quantumdex.io	5 KB
11	adnxs.com 6 redirects ib.adnxs.com acdn.adnxs.com	26 KB
9	yandex.com 2 redirects mc.yandex.com	3 KB
9	cloudfront.net d3r6ceqp4shltl.cloudfront.net	234 KB
6	doubleclick.net 6 redirects cm.g.doubleclick.net	1 KB
6	stat-rock.com serving.stat-rock.com	96 KB
4	amazon-adsystem.com 2 redirects s.amazon-adsystem.com	3 KB
4	yahoo.com 3 redirects ups.analytics.yahoo.com	3 KB
4	onetag-sys.com onetag-sys.com	2 KB
4	criteo.com 1 redirects gum.criteo.com mug.criteo.com	1 KB
4	ask.fm ask.fm	23 KB
3	owneriq.net 2 redirects px.owneriq.net	1 KB
3	connectad.io i.connectad.io cdn.connectad.io sync-eu.connectad.io	1 KB
3	optad360.io cmp.optad360.io get.optad360.io	565 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net	1 KB
2	dotomi.com 2 redirects casale-match.dotomi.com	373 B
2	adsrvr.org match.adsrvr.org	529 B
2	pubmatic.com ads.pubmatic.com image6.pubmatic.com	5 KB
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	id5-sync.com 1 redirects id5-sync.com	3 KB
2	sonobi.com sync.go.sonobi.com	1 KB
2	advertising.com 2 redirects pixel.advertising.com	674 B
2	indexww.com js-sec.indexww.com	2 KB
2	facebook.net connect.facebook.net	69 KB
2	yandex.ru 1 redirects mc.yandex.ru	72 KB
1	deepintent.com match.deepintent.com	44 B
1	advangelists.com 1 redirects nep.advangelists.com	224 B
1	sharethrough.com 1 redirects match.sharethrough.com	240 B
1	a-mo.net prebid.a-mo.net	371 B
1	adform.net adx.adform.net	449 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	facebook.com www.facebook.com	147 B
1	googletagmanager.com www.googletagmanager.com	36 KB
0	adotmob.com Failed sync.adotmob.com Failed
89	36

	Domain	Requested by
10	sync.quantumdex.io	get.optad360.io sync.quantumdex.io ssum-sec.casalemedia.com
10	ib.adnxs.com	6 redirects get.optad360.io acdn.adnxs.com
9	mc.yandex.com	2 redirects ask.fm mc.yandex.ru
9	d3r6ceqp4shltl.cloudfront.net	ask.fm d3r6ceqp4shltl.cloudfront.net
6	dsum-sec.casalemedia.com	3 redirects ssum-sec.casalemedia.com
6	cm.g.doubleclick.net	6 redirects
6	ssum-sec.casalemedia.com	2 redirects sync.quantumdex.io js-sec.indexww.com ssum-sec.casalemedia.com
6	serving.stat-rock.com	get.optad360.io
4	s.amazon-adsystem.com	2 redirects ssum-sec.casalemedia.com
4	ups.analytics.yahoo.com	3 redirects ssum-sec.casalemedia.com
4	onetag-sys.com	get.optad360.io sync.quantumdex.io
4	ask.fm	d3r6ceqp4shltl.cloudfront.net serving.stat-rock.com
3	px.owneriq.net	2 redirects ssum-sec.casalemedia.com
2	pm.w55c.net	2 redirects
2	bcp.crwdcntrl.net	1 redirects ssum-sec.casalemedia.com
2	dsum.casalemedia.com	ssum-sec.casalemedia.com
2	casale-match.dotomi.com	2 redirects
2	match.adsrvr.org	ssum-sec.casalemedia.com
2	ap.lijit.com	2 redirects
2	id5-sync.com	1 redirects sync.quantumdex.io
2	sync.go.sonobi.com	sync.quantumdex.io
2	pixel.advertising.com	2 redirects
2	js-sec.indexww.com	get.optad360.io ssum-sec.casalemedia.com
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	get.optad360.io	d3r6ceqp4shltl.cloudfront.net get.optad360.io
2	connect.facebook.net	d3r6ceqp4shltl.cloudfront.net connect.facebook.net
2	mc.yandex.ru	1 redirects d3r6ceqp4shltl.cloudfront.net
1	match.deepintent.com	ssum-sec.casalemedia.com
1	image6.pubmatic.com	ads.pubmatic.com
1	ads.pubmatic.com	sync.quantumdex.io
1	ms.quantumdex.io	1 redirects
1	nep.advangelists.com	1 redirects
1	match.sharethrough.com	1 redirects
1	sync-eu.connectad.io	cdn.connectad.io
1	acdn.adnxs.com	get.optad360.io
1	cdn.connectad.io	get.optad360.io
1	useast.quantumdex.io	get.optad360.io
1	prebid.a-mo.net	get.optad360.io
1	adx.adform.net	get.optad360.io
1	i.connectad.io	get.optad360.io
1	htlb.casalemedia.com	get.optad360.io
1	cdn.jsdelivr.net	get.optad360.io
1	www.facebook.com
1	cmp.optad360.io	d3r6ceqp4shltl.cloudfront.net
1	www.googletagmanager.com	d3r6ceqp4shltl.cloudfront.net
0	sync.adotmob.com Failed	ssum-sec.casalemedia.com
89	47

This site contains links to these domains. Also see Links.

Domain
about.ask.fm
lap78.ask.fm
safety.ask.fm
support.ask.fm
www.facebook.com
instagram.com
twitter.com
vk.com

Subject Issuer	Validity	Valid
*.ask.fm AlphaSSL CA - SHA256 - G2	`2020-07-30` - `2021-09-27`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.optad360.io Amazon	`2020-12-17` - `2022-01-15`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
serving.stat-rock.com R3	`2021-06-20` - `2021-09-18`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
onetag-sys.com R3	`2021-07-26` - `2021-10-24`	3 months	crt.sh
connectad.io Cloudflare Inc ECC CA-3	`2021-05-16` - `2022-05-15`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.a-mo.net R3	`2021-07-16` - `2021-10-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.id5-sync.com R3	`2021-07-13` - `2021-10-11`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-22` - `2021-09-15`	6 months	crt.sh
*.owneriq.net GeoTrust RSA CA 2018	`2021-01-29` - `2022-02-02`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh

This page contains 12 frames:

Primary Page: https://ask.fm/bagelchard71034
Frame ID: A004B219086C65F613CFC0ED5B2946AD
Requests: 46 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: 87AE35AF1CACB67AD565DA8AE4840B3E
Requests: 11 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: E6779579BD540D8A5041AB0DDAF847C9
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6DB718E7AC0EF638CAED828903A6B662
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1627901166387
Frame ID: 627D1D113C6A6077A3FB4655F7863402
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 22EA087B8A58CBA8A562A5F8C190B7B2
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1
Frame ID: A6D21BD63701AFCC202AC54DEE657D26
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: CEC458D17BDE890FCB290395E1B5E706
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: F5F580051FDD7590BC48DBD5C2D669B5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 9FF0628C86B10DE056ABF1D2E3D5D294
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 1B8DD24FBD60E2E63DB89CC6EDC0B545
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: C90A9B0BE4658FB886895820371430C4
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ruby (Programming Languages) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Page Statistics

89
Requests

99 %
HTTPS

32 %
IPv6

36
Domains

47
Subdomains

32
IPs

11
Countries

1150 kB
Transfer

2280 kB
Size

8
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://about.ask.fm/cookie-policy/?lang=en
Title: Cookies

Search URL Search Domain Scan URL

URL: https://lap78.ask.fm/goto/50aiCfb4fe-ICCd0hnXw948yvxmD4PeOvwz4oOGvwSvHOhsxGJceLAbwkAsALwpvAxPbMOZE4Dg=
Title: https://www.cashforcarsforrestfield.com.au

Search URL Search Domain Scan URL

URL: https://about.ask.fm/?lang=en
Title: About ASKfm

Search URL Search Domain Scan URL

URL: https://about.ask.fm/terms/?lang=en
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://safety.ask.fm/?lang=en
Title: Safety center

Search URL Search Domain Scan URL

URL: https://about.ask.fm/privacy-policy/?lang=en
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://about.ask.fm/transparency-report/?lang=en
Title: Transparency report

Search URL Search Domain Scan URL

URL: https://support.ask.fm/
Title: Help

Search URL Search Domain Scan URL

URL: https://www.facebook.com/askfmpage

Search URL Search Domain Scan URL

URL: https://instagram.com/askfm

Search URL Search Domain Scan URL

URL: https://twitter.com/askfm

Search URL Search Domain Scan URL

URL: https://vk.com/askfm

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9353.b0SI_ElVn_xdRgF-KAStLFbe7zkmMDkrQ8cnCiT28gwMWm1MYQpmn8UPhK9Eu0M8.EyIAZQ81Mnfna8gPXlX3rkammow%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9353.C0GtRK9nw-WbSQ1AbwyEdZ32Q_GRxJif2c0HUfQ8RCeVISIluQGuWGkmdHevPZjn1IlBDGt7sRQhwwSzCck7zw%2C%2C.K8gobvaGyFnKHK1fVZKKX-1aG04%2C

Request Chain 10

https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fbagelchard71034&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A1190%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A608%3Acn%3A1%3Adp%3A0%3Als%3A1451187743831%3Ahid%3A376183186%3Az%3A120%3Ai%3A20210802124602%3Aet%3A1627901163%3Ac%3A1%3Arn%3A175314890%3Au%3A1627901163272064409%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627901161274%3Ads%3A1%2C384%2C211%2C3%2C1%2C0%2C%2C184%2C326%2C%2C%2C%2C792%3Adsn%3A1%2C384%2C210%2C4%2C1%2C0%2C%2C186%2C327%2C%2C%2C%2C791%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627901163%3At%3Athistedziwmunoz%20(%40bagelchard71034)%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm HTTP 302
https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fbagelchard71034&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A1190%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A608%3Acn%3A1%3Adp%3A0%3Als%3A1451187743831%3Ahid%3A376183186%3Az%3A120%3Ai%3A20210802124602%3Aet%3A1627901163%3Ac%3A1%3Arn%3A175314890%3Au%3A1627901163272064409%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627901161274%3Ads%3A1%2C384%2C211%2C3%2C1%2C0%2C%2C184%2C326%2C%2C%2C%2C792%3Adsn%3A1%2C384%2C210%2C4%2C1%2C0%2C%2C186%2C327%2C%2C%2C%2C791%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627901163%3At%3Athistedziwmunoz%20%28%40bagelchard71034%29%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm

Request Chain 26

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=o2Bn4XxqWXlQT0p5Sk5iUkplWVVUY1NsQnJjWFBZemJhOGplMUFiRTlackJTVFVhTEhnSkNZa3JtdlRPR3hNUm1MQlVIYnNoOUcySSs0em1WOXpISXdBV3kvZzY5M0x2MEZhVmtVZkV6Mk1DWEVJRHRpeFh3VVUrNW1udkdaQkRoL0tCcldtTktPTkZxNDVNdjAvdXR0dzhXRDN2aTNrTkltdWlKeUV2U29qYjB2NXE3M0FSS1BFalZmYmZ4dlZuWTczQy9YbllLUjVkVDU4QjlEZGwvSERHNlhMK0M0eVFLdTJOWDVjVXdKUm5wNi9FPXw&cppv=2

Request Chain 52

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2868822715781843326

Request Chain 53

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPd91087d9-f37e-11eb-b96a-02024cce8e0c HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd91087d9-f37e-11eb-b96a-02024cce8e0c

Request Chain 54

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=d9be43e2-e7a2-4149-a482-34813af3fea2

Request Chain 56

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Request Chain 57

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=bdd1330f5e004844a3a233aa

Request Chain 58

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Xflpb5VE2uFGAwsOVz..3NS3khCyVaBL293P7dQ-~A

Request Chain 59

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4860921290102001950

Request Chain 60

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-ab2c2771-bf25-4450-ba0b-5bcfa906bece

Request Chain 61

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=658c1a2c-ae95-4e13-aed8-87a4bbacf0f4

Request Chain 62

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 66

https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 67

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 70

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQfM8cH8jGx33hXuanairAAAAVMAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YQfM8cH8jGx33hXuanairAAAAVMAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFQaVfeQpeaHCoDPUM_EBfc&google_cver=1

Request Chain 71

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQfM8cH8jGx33hXuanairAAAAVMAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQfM8cH8jGx33hXuanairAAAAVMAAAAB&dcc=t

Request Chain 73

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YQfM8XXxP50fsiP3xnXrMQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJKg0VnVhu-srjEnPSkSadA&google_cver=1&gdpr=1

Request Chain 74

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1627987569&gdpr=1

Request Chain 76

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YQfM8cH8jGx33hXuanairAAA%26339?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YQfM8cH8jGx33hXuanairAAA%26339?gdpr_consent=&us_privacy=&gdpr=1

Request Chain 79

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQfM8XXxP50fsiP3xnXrMQAABz4AAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YQfM8XXxP50fsiP3xnXrMQAABz4AAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBc4gGPzE0tasB-tJVrdwcQ&google_cver=1

Request Chain 80

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQfM8XXxP50fsiP3xnXrMQAABz4AAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQfM8XXxP50fsiP3xnXrMQAABz4AAAAB&dcc=t

Request Chain 81

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YQfM8XXxP50fsiP3xnXrMQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJKg0VnVhu-srjEnPSkSadA&google_cver=1&gdpr=1

Request Chain 83

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6811875701309360555&uid=Q6811875701309360555&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 85

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1627987569&gdpr=1

Request Chain 86

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=86FdjCWw1Mavsv5&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=86FdjCWw1Mavsv5&gdpr=1&C=1

Request Chain 88

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

89 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set bagelchard71034 Show response
ask.fm/ 16 KB
6 KB 599ms
211ms Document
text/html 193.138.77.141
ASK-FM

General

Check archive.org

Show headers Download Go to

Full URL

https://ask.fm/bagelchard71034

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.138.77.141 , Latvia, ASN395754 (ASK-FM, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

20febe583cb2a23f617c4d52313a8ca381e2b166b2a2bac90e6ad426f92eb309

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: ask.fm
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Status: 200 OK
Cache-Control: max-age=0, private, must-revalidate
ETag: W/"eba7e70d0de04bc0a054559e5b7fd641"
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Date: Mon, 02 Aug 2021 10:46:01 GMT
Set-Cookie: locale=en; path=/; expires=Tue, 02 Aug 2022 16:46:01 -0000 uuid=04b8f842-716a-461a-a712-a814bea559b0; path=/; expires=Tue, 02 Aug 2022 16:46:01 -0000; secure; HttpOnly country=DK; path=/; expires=Tue, 02 Aug 2022 16:46:01 -0000 traffic_source=organic; path=/; expires=Wed, 04 Aug 2021 10:46:01 -0000 _m_ask_fm_session=L0g3RFpkNU5kWGxlZ2xiL0U0Yy9YNW9VR2pFekwwYkRwalA1OGNZcTM2bjdLVTlRQ1Z0aGxXSXRxaS9QL1hEajJzNWM1S2tYMWQxeU1YNk9PRTdsZ0NEMUZYMzFiOHJVWFoxTzJHNmVYTHdtcGducEZQakhmWWRZMURQUE5QbTQyQ3ppS3p3cXQ4eXJyVGVYNURLd1M2YnpxOHpOck1acWhvU1ljUm5XNDBMajJOZDAxQldHQkpZSHNxRlhCMG5aRWFCeUNZdm95dlErU3J1L2RNZisxUWpNV2JBQUJIMkNWTEpSY3o3dVAyV0xzVWY4Y05TaFBiUXhjQmNrSXg5cS0tU1JxRi9wVW4zck5kSTk5dVI0VzdHZz09--e79a06ae5fb216367db0f464eddab5dd39bc5939; path=/; expires=Thu, 05 Aug 2021 10:46:01 -0000; secure; HttpOnly
Server: Ask.FM Web Service
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security: max-age=63072000

GET
H2 200 application_ltr-4d11292337a744daa241ad119908bb989b3437648f64fd5074f0260cc6cd44c6.css
d3r6ceqp4shltl.cloudfront.net/assets/ 179 KB
39 KB 72ms
15ms Stylesheet
text/css 2600:9000:2190:cc00:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-4d11292337a744daa241ad119908bb989b3437648f64fd5074f0260cc6cd44c6.css

Requested by

Host: ask.fm
URL: https://ask.fm/bagelchard71034

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:cc00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

91bda5e2d381a6cf32cae9ff35027dd135e620acccfc1873295285f436e58808

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 13:05:54 GMT
content-encoding: gzip
age: 250807
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 39006
access-control-allow-origin: https://ask.fm
last-modified: Wed, 28 Jul 2021 10:28:25 GMT
server: Ask.FM Web Service
etag: "61013149-985e"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET
content-type: text/css
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: z1yJjr84EktZiwgbEhKrFfuXubK3v9Gyi4_Hlj9UIWA76vk-XVLJpQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js Show response
d3r6ceqp4shltl.cloudfront.net/assets/ 215 KB
68 KB 82ms
25ms Script
application/javascript 2600:9000:2190:cc00:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js

Requested by

Host: ask.fm
URL: https://ask.fm/bagelchard71034

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:cc00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 13:38:20 GMT
content-encoding: gzip
age: 5951261
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 68515
access-control-allow-origin: https://ask.fm
last-modified: Mon, 24 May 2021 13:24:40 GMT
server: Ask.FM Web Service
etag: "60aba918-10ba3"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: I_v8M2N5EVHYTJKK6xbaiFqFog8KQYcGhfupLBOrFC6QTBHAKPb3og==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 profile-bg-853324ad1cb1a0bbc62244f1854403cfe21ddb5bd45fd2595d018734c80daac7.png
d3r6ceqp4shltl.cloudfront.net/assets/ 24 KB
24 KB 13ms
13ms Image
image/png 2600:9000:2190:cc00:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/profile-bg-853324ad1cb1a0bbc62244f1854403cfe21ddb5bd45fd2595d018734c80daac7.png

Requested by

Host: ask.fm
URL: https://ask.fm/bagelchard71034

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:cc00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

853324ad1cb1a0bbc62244f1854403cfe21ddb5bd45fd2595d018734c80daac7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 01:11:32 GMT
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
age: 4440869
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 24239
last-modified: Wed, 27 Sep 2017 12:11:28 GMT
server: Ask.FM Web Service
etag: "59cb9570-5eaf"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: https://ask.fm
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: Pkzg8BDTQrHUGSUsYqd6KQBwMdve3f6RgcJvHEo5bRt0rVLZ48mJvw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 224 KB
71 KB 141ms
46ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

70f9104f32191ca7f434f01af2eb5e6cb3f126788c4868874c1336c0f6cd2929

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:46:02 GMT
content-encoding: br
last-modified: Thu, 29 Jul 2021 13:16:44 GMT
etag: "61029ac0-11be7"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 72679
expires: Mon, 02 Aug 2021 11:46:02 GMT

GET
H2 200 noAvatar-c233d6098087425dfeea8f690fd936de6b3cb2dc9fda991b0a5051169d334399.png
d3r6ceqp4shltl.cloudfront.net/assets/ 956 B
1 KB 13ms
12ms Image
image/png 2600:9000:2190:cc00:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/noAvatar-c233d6098087425dfeea8f690fd936de6b3cb2dc9fda991b0a5051169d334399.png

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:cc00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

c233d6098087425dfeea8f690fd936de6b3cb2dc9fda991b0a5051169d334399

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 11:15:13 GMT
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
age: 13649449
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 956
last-modified: Wed, 06 Sep 2017 12:36:34 GMT
server: Ask.FM Web Service
etag: "59afebd2-3bc"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: https://ask.fm
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: tRooxlDOVdNrga6lxUg0rCeX1moaieIqG8AFm-AS8iH-otCtHL0x7A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fontello-4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316.woff2
d3r6ceqp4shltl.cloudfront.net/assets/ 17 KB
18 KB 45ms
18ms Font
application/font-woff2 2600:9000:2190:cc00:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/fontello-4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316.woff2

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-4d11292337a744daa241ad119908bb989b3437648f64fd5074f0260cc6cd44c6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:cc00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Origin: https://ask.fm
Referer: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-4d11292337a744daa241ad119908bb989b3437648f64fd5074f0260cc6cd44c6.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 07:03:25 GMT
via: 1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin
age: 8221357
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000
content-length: 17880
last-modified: Thu, 29 Apr 2021 05:41:49 GMT
server: Ask.FM Web Service
etag: "608a471d-45d8"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: https://ask.fm
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: BH55QUIv2qznUyLWf1lCLAUHD4R1oDtYidb1OZC1IL6nMhV1d8RMGA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 proximanova-semibold-41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401.woff2
d3r6ceqp4shltl.cloudfront.net/assets/ 25 KB
25 KB 53ms
26ms Font
application/font-woff2 2600:9000:2190:cc00:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/proximanova-semibold-41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401.woff2

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-4d11292337a744daa241ad119908bb989b3437648f64fd5074f0260cc6cd44c6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:cc00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Origin: https://ask.fm
Referer: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-4d11292337a744daa241ad119908bb989b3437648f64fd5074f0260cc6cd44c6.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 11:14:43 GMT
via: 1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin
age: 13649479
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000
content-length: 25400
last-modified: Wed, 06 Sep 2017 12:36:34 GMT
server: Ask.FM Web Service
etag: "59afebd2-6338"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: https://ask.fm
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: blLHEnjWKhZsTbmCDsiAU3VoHPsiA_t51emgdorx6u9aAF0WhJbkKA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 proximanovareg-98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f.woff2
d3r6ceqp4shltl.cloudfront.net/assets/ 51 KB
52 KB 55ms
30ms Font
application/font-woff2 2600:9000:2190:cc00:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/proximanovareg-98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f.woff2

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-4d11292337a744daa241ad119908bb989b3437648f64fd5074f0260cc6cd44c6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:cc00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Origin: https://ask.fm
Referer: https://d3r6ceqp4shltl.cloudfront.net/assets/application_ltr-4d11292337a744daa241ad119908bb989b3437648f64fd5074f0260cc6cd44c6.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 11:14:43 GMT
via: 1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin
age: 13649479
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000
content-length: 52204
last-modified: Wed, 02 Aug 2017 08:00:22 GMT
server: Ask.FM Web Service
etag: "59818696-cbec"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: https://ask.fm
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: 7lqpmj4rumqZhNO3H65VecwfXj1UvuM11FYIukDwBNxHJcDb65DpRQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9353.b0SI_ElVn_xdRgF-KAStLFbe7zkmMDkrQ8cnCiT28gwMWm1MYQpmn8UPhK9Eu0M8.EyIAZQ81Mnfna8gPXlX3rkammow%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9353.C0GtRK9nw-WbSQ1AbwyEdZ32Q_GRxJif2c0HUfQ8RCeVISIluQGuWGkmdHevPZjn1IlBDGt7sRQhwwSzCck7zw%2C%2C.K8gobvaGyFnKHK1fVZKKX-1aG04%2C

75 B
75 B

47ms
46ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9353.C0GtRK9nw-WbSQ1AbwyEdZ32Q_GRxJif2c0HUfQ8RCeVISIluQGuWGkmdHevPZjn1IlBDGt7sRQhwwSzCck7zw%2C%2C.K8gobvaGyFnKHK1fVZKKX-1aG04%2C

Requested by

Host: ask.fm
URL: https://ask.fm/bagelchard71034

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:46:02 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9353.C0GtRK9nw-WbSQ1AbwyEdZ32Q_GRxJif2c0HUfQ8RCeVISIluQGuWGkmdHevPZjn1IlBDGt7sRQhwwSzCck7zw%2C%2C.K8gobvaGyFnKHK1fVZKKX-1aG04%2C
date: Mon, 02 Aug 2021 10:46:02 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
111 B 48ms
44ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: ask.fm
URL: https://ask.fm/bagelchard71034

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:46:02 GMT
last-modified: Thu, 29 Jul 2021 13:16:44 GMT
etag: "61029ac0-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 02 Aug 2021 11:46:02 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/48953915/
Redirect Chain

https://mc.yandex.com/watch/48953915?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fbagelchard71034&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A1190%3Afu%3A0%3Aen%3Autf-8...
https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fbagelchard71034&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A1190%3Afu%3A0%3Aen%3Autf...

368 B
450 B

45ms
45ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fbagelchard71034&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A1190%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A608%3Acn%3A1%3Adp%3A0%3Als%3A1451187743831%3Ahid%3A376183186%3Az%3A120%3Ai%3A20210802124602%3Aet%3A1627901163%3Ac%3A1%3Arn%3A175314890%3Au%3A1627901163272064409%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627901161274%3Ads%3A1%2C384%2C211%2C3%2C1%2C0%2C%2C184%2C326%2C%2C%2C%2C792%3Adsn%3A1%2C384%2C210%2C4%2C1%2C0%2C%2C186%2C327%2C%2C%2C%2C791%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627901163%3At%3Athistedziwmunoz%20%28%40bagelchard71034%29%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

66edeaea54905149f6b210ded0028955591b3623cc0ca0da4f9487d23e0ea7a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:46:02 GMT
x-content-type-options: nosniff
last-modified: Mon, 02-Aug-2021 10:46:02 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 368
x-xss-protection: 1; mode=block
expires: Mon, 02-Aug-2021 10:46:02 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:46:02 GMT
last-modified: Mon, 02-Aug-2021 10:46:02 GMT
location: /watch/48953915/1?wmode=7&page-url=https%3A%2F%2Fask.fm%2Fbagelchard71034&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A1190%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A608%3Acn%3A1%3Adp%3A0%3Als%3A1451187743831%3Ahid%3A376183186%3Az%3A120%3Ai%3A20210802124602%3Aet%3A1627901163%3Ac%3A1%3Arn%3A175314890%3Au%3A1627901163272064409%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627901161274%3Ads%3A1%2C384%2C211%2C3%2C1%2C0%2C%2C184%2C326%2C%2C%2C%2C792%3Adsn%3A1%2C384%2C210%2C4%2C1%2C0%2C%2C186%2C327%2C%2C%2C%2C791%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627901163%3At%3Athistedziwmunoz%20%28%40bagelchard71034%29%20%E2%80%94%20Ask%20me%20anything%20%7C%20ASKfm
strict-transport-security: max-age=31536000
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 02-Aug-2021 10:46:02 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 10ms
10ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3ebd1d73b47070634d01446d439db12e0da34de7243dbbeb378f3564b2d8a15a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: B/kGxf6uz/fGEm463c4EmQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: Eu+e+B6I8urSCxdik6M3HBqsYPiTMu/e1IbJ6PoPPffwIKSPOSdZYV2fJAY0BBB8QK3Qc4rEoFsMO8Y1wLsnbQ==
x-fb-trip-id: 686109401
x-fb-content-md5: 8a30c93f1915c7c1cd34895a3cf7b2c9
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 02 Aug 2021 10:46:02 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "cfa475f3ddc8dab3ddf9c182579bd10f"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 02 Aug 2021 10:52:40 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 90 KB
36 KB 16ms
14ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NDJVZHZ

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5f7603e550c8e6b1c5558c705e40c5af41e5801900b657521810fd80b1e973e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:46:02 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36274
x-xss-protection: 0
last-modified: Mon, 02 Aug 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 02 Aug 2021 10:46:02 GMT

GET
H2 200 3eb3366e-65c3-4a24-90f5-0026136a4131.min.js Show response
cmp.optad360.io/items/ 2 B
361 B 95ms
9ms Script
application/javascript 2600:9000:2190:5000:6:b871:4f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.optad360.io/items/3eb3366e-65c3-4a24-90f5-0026136a4131.min.js
Requested by: Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:5000:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:22:42 GMT
via: 1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront)
last-modified: Wed, 28 Apr 2021 09:49:58 GMT
server: AmazonS3
age: 1401
etag: "99914b932bd37a50b983c5e7c90ae93b"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 2
x-amz-cf-id: 9jz97i9TXD1T7IGQ3HjhIKdkaY41h6gxzvXK-kdu6tpspJSAUmc_Eg==

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/ 274 KB
72 KB 60ms
12ms Script
application/javascript 2600:9000:206f:2e00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js
Requested by: Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2e00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f56ad273e0204eb8d21346d7116686e717353c0864546a4e66a72b581e594a75

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:18:46 GMT
content-encoding: gzip
last-modified: Mon, 05 Jul 2021 07:03:23 GMT
server: AmazonS3
age: 1637
etag: W/"5736885227fcd00664fbd8eea334a4cc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: chHirt5bMsOWez54OMvHQQI9Grk0_Whs2vRuHR6KNowCAhVCZ5AjIQ==

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 232 KB
68 KB 12ms
10ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=8f39fb2de4d7e6e30a54d2c09b783244

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7c99ae4d1bea4c395749b197ec45efa645ce1586815ca8280a60a35367ed88bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://ask.fm
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: VJi9vgmmbz4pHIUaD0Vryw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 69083
x-fb-rlafr: 0
x-fb-debug: OrO5cpqQM/6sGErzxcBdPEWC761YLGgpcGsWmwa5bV7kb7RYFk2w9kdjBIitj2x397iaMnavBkeXNmy4xrxTig==
x-fb-content-md5: aa34d70cf54860b7fbc4663d4b632841
x-frame-options: DENY
date: Mon, 02 Aug 2021 10:46:02 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "6b4af7a12437c12dac0aaed8cb589a03"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 02 Aug 2022 09:50:54 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 8ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=129215213762342&ev=fb_page_view&dl=https%3A%2F%2Fask.fm%2Fbagelchard71034&rl=&if=false&ts=1627901162956&sw=1600&sh=1200&at=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:46:02 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 02 Aug 2021 10:46:02 GMT

GET
H2 200 prebid4.39.0.js Show response
get.optad360.io/sf/ 492 KB
493 KB 13ms
13ms Script
application/javascript 2600:9000:206f:2e00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid4.39.0.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2e00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 86a90b183aecfa70018125329bdc860971b2f20123c0f40e68bac0a1dcb58645

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 10:27:34 GMT
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
last-modified: Thu, 13 May 2021 10:44:35 GMT
server: AmazonS3
age: 3025110
etag: "e020700f5effdce1f4be56434553da72"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=360000000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 503605
x-amz-cf-id: 4NJIVctHGiuE3wiwakKxm-dBGW8wwefVrFeZJrkKgxARyyQrWYWcHQ==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 22ms
7ms XHR
application/json 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210802

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

852c7c6ef95540307f675837c58d3fa9d1f1aace84e35a69a0190f3a5422bd32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 27347
x-jsd-version: 1.0.1056
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 951
etag: W/"699-73cco/kHZPTohNNMo7bkWkvHAZw"
x-served-by: cache-fra19146-FRA
x-jsd-version-type: version
date: Mon, 02 Aug 2021 10:46:03 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK Cookie set conversion Show response
ask.fm/signup/ 10 KB
4 KB 159ms
159ms XHR
text/html 193.138.77.141
ASK-FM

General

Check archive.org

Show headers Download Go to

Full URL

https://ask.fm/signup/conversion

Requested by

Host: d3r6ceqp4shltl.cloudfront.net
URL: https://d3r6ceqp4shltl.cloudfront.net/assets/application-89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.138.77.141 , Latvia, ASN395754 (ASK-FM, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

45d4e6a4c530d2a348585ded6e0649e885207776f12e9d748b6d9499d07004e9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: ask.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: locale=en; uuid=04b8f842-716a-461a-a712-a814bea559b0; country=DK; traffic_source=organic; _m_ask_fm_session=L0g3RFpkNU5kWGxlZ2xiL0U0Yy9YNW9VR2pFekwwYkRwalA1OGNZcTM2bjdLVTlRQ1Z0aGxXSXRxaS9QL1hEajJzNWM1S2tYMWQxeU1YNk9PRTdsZ0NEMUZYMzFiOHJVWFoxTzJHNmVYTHdtcGducEZQakhmWWRZMURQUE5QbTQyQ3ppS3p3cXQ4eXJyVGVYNURLd1M2YnpxOHpOck1acWhvU1ljUm5XNDBMajJOZDAxQldHQkpZSHNxRlhCMG5aRWFCeUNZdm95dlErU3J1L2RNZisxUWpNV2JBQUJIMkNWTEpSY3o3dVAyV0xzVWY4Y05TaFBiUXhjQmNrSXg5cS0tU1JxRi9wVW4zck5kSTk5dVI0VzdHZz09--e79a06ae5fb216367db0f464eddab5dd39bc5939; _ym_uid=1627901163272064409; _ym_d=1627901163; _ym_isad=2; _ym_visorc=w
Connection: keep-alive
Referer: https://ask.fm/bagelchard71034
Accept: */*
Referer: https://ask.fm/bagelchard71034
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 02 Aug 2021 10:46:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Ask.FM Web Service
ETag: W/"f9f4494df9ccf1de34aa94ca60e3499f"
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Status: 200 OK
Set-Cookie: locale=en; path=/; expires=Tue, 02 Aug 2022 16:46:04 -0000 tutm=utm_medium%3Dconversion_desktop_default_63; path=/; expires=Wed, 04 Aug 2021 10:46:04 -0000 _m_ask_fm_session=akZQTzFPbTQ2ellrV2VZVzhQQjY1VVZYMHJPT0hheWo1aVhSd3ZURXlCNllsVEJvV1ZmOXQ0WW1QWFl1S0NLS252anVkT2JtZTgwRndaenZCZFJQQzJhdkZHT0JHL05JSzdqVW4yZmdxUjJldURYR09JQ1JFMVp1b0dlMzFZdjBYaGtSZ3NOQWxkV283aHFWeVRDYTNuc2M1akdZQURuNGttN1E3Y1BSR21WVFNuZ0JoTzVFUmhPYnNjWUUzTkFnQkFqYXBpZnpjMnJHdEI1RytCMXAxRVNhcnJpRCsrRkxCNmlCdkVTQ3o1Q0JwY29ha0tDcCtpamF3MHBjazNqNXRaTVRUOFhINU1RNXEvTU1wcjhHREdzZGVvK0RVWTU0NWNud2QvYjNGQ2M9LS04VzhybVhqa0RwazJzZytESGNBK0NBPT0%3D--395accd01c16266aa706816679b2dfd94c09a95a; path=/; expires=Thu, 05 Aug 2021 10:46:04 -0000; secure; HttpOnly
Cache-Control: max-age=0, private, must-revalidate
Transfer-Encoding: chunked
Content-Security-Policy: frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security: max-age=63072000
X-XSS-Protection: 1; mode=block

GET
H2 200 button_app_store-3929e571584ac404ba32c11166c577244729dbd1e4189320e124126366224f08.png
d3r6ceqp4shltl.cloudfront.net/assets/ 2 KB
3 KB 13ms
13ms Image
image/png 2600:9000:2190:cc00:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/button_app_store-3929e571584ac404ba32c11166c577244729dbd1e4189320e124126366224f08.png

Requested by

Host: ask.fm
URL: https://ask.fm/bagelchard71034

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:cc00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

3929e571584ac404ba32c11166c577244729dbd1e4189320e124126366224f08

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 11:15:05 GMT
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
age: 13649458
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 2309
last-modified: Wed, 28 Oct 2020 11:38:17 GMT
server: Ask.FM Web Service
etag: "5f995829-905"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: https://ask.fm
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: VhJuSgC3MXJoZkyo_v1DpFeMXdgS4cAqyhcI34UaTurzNPZEcH5eKA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 button_google_play-467206f00105224e1a448a4ac9950cf1ad03988d92f95a03100b64c6feb17999.png
d3r6ceqp4shltl.cloudfront.net/assets/ 3 KB
4 KB 14ms
13ms Image
image/png 2600:9000:2190:cc00:11:3771:2e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d3r6ceqp4shltl.cloudfront.net/assets/button_google_play-467206f00105224e1a448a4ac9950cf1ad03988d92f95a03100b64c6feb17999.png

Requested by

Host: ask.fm
URL: https://ask.fm/bagelchard71034

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:cc00:11:3771:2e40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

467206f00105224e1a448a4ac9950cf1ad03988d92f95a03100b64c6feb17999

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 11:14:52 GMT
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
age: 13649472
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 3404
last-modified: Wed, 28 Oct 2020 11:38:17 GMT
server: Ask.FM Web Service
etag: "5f995829-d4c"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: https://ask.fm
cache-control: public, max-age=315360000, immutable
content-security-policy: frame-ancestors 'self' https://askfm.adspirit.de
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: SzJGZHc4NAEQ28QvpKB1QWi85BHZt-D52doGfw2iqaCZUeE2jx1hTw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 48953915 Show response
mc.yandex.com/webvisor/ 43 B
73 B 135ms
134ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=376183186&page-url=https%3A%2F%2Fask.fm%2Fbagelchard71034&rn=727095873&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1627901166%3Aw%3A1600x1200%3Av%3A608%3Az%3A120%3Ai%3A20210802124605%3Au%3A1627901163272064409%3Avf%3A4uzkmd4e35cd16k0n%3Awe%3A1%3Ati%3A2%3Ast%3A1627901166

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:46:05 GMT
last-modified: Mon, 02-Aug-2021 10:46:05 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 02-Aug-2021 10:46:05 GMT

POST
H2 200 48953915 Show response
mc.yandex.com/webvisor/ 43 B
145 B 130ms
130ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=1&wv-hit=376183186&page-url=https%3A%2F%2Fask.fm%2Fbagelchard71034&rn=99411136&wv-type=5&browser-info=gdpr%3A14%3Aet%3A1627901166%3Aw%3A1600x1200%3Av%3A608%3Az%3A120%3Ai%3A20210802124605%3Au%3A1627901163272064409%3Avf%3A4uzkmd4e35cd16k0n%3Awe%3A1%3Ati%3A2%3Ast%3A1627901166

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:46:05 GMT
last-modified: Mon, 02-Aug-2021 10:46:05 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 02-Aug-2021 10:46:05 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 61ms
16ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1

Protocol

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://ask.fm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://ask.fm
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1401
date: Mon, 02 Aug 2021 10:46:05 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 optad360.js Show response
serving.stat-rock.com/player/ 304 KB
95 KB 153ms
47ms Script
application/javascript 95.217.231.160
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://serving.stat-rock.com/player/optad360.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/477093ba-acef-11e8-a82b-06048607e8f8/plugin.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.217.231.160 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ap11.adplayer.pro
Software: nginx /
Resource Hash: 3ffd3c012ea6753cd0373b0c79c43ab8a1915dd112e15c821ea654e8b01739ed

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:46:06 GMT
content-encoding: gzip
last-modified: Fri, 18 Jun 2021 08:28:33 GMT
server: nginx
etag: W/"60cc5931-4beb9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=600

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fask.fm%2F&domain=ask.fm&cw=1
https://mug.criteo.com/sid?cpp=o2Bn4XxqWXlQT0p5Sk5iUkplWVVUY1NsQnJjWFBZemJhOGplMUFiRTlackJTVFVhTEhnSkNZa3JtdlRPR3hNUm1MQlVIYnNoOUcySSs0em1WOXpISXdBV3kvZzY5M0x2MEZhVmtVZkV6Mk1DWEVJRHRpeFh3VVUrNW1udk...

331 B
589 B

152ms
58ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=o2Bn4XxqWXlQT0p5Sk5iUkplWVVUY1NsQnJjWFBZemJhOGplMUFiRTlackJTVFVhTEhnSkNZa3JtdlRPR3hNUm1MQlVIYnNoOUcySSs0em1WOXpISXdBV3kvZzY5M0x2MEZhVmtVZkV6Mk1DWEVJRHRpeFh3VVUrNW1udkdaQkRoL0tCcldtTktPTkZxNDVNdjAvdXR0dzhXRDN2aTNrTkltdWlKeUV2U29qYjB2NXE3M0FSS1BFalZmYmZ4dlZuWTczQy9YbllLUjVkVDU4QjlEZGwvSERHNlhMK0M0eVFLdTJOWDVjVXdKUm5wNi9FPXw&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

b4d41a3ea8d68b6345c05e0679a4a9ccb6d4edd35e008d72d4c21db95e021683

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 02 Aug 2021 10:46:05 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2096
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 02 Aug 2021 10:46:06 GMT
location: https://mug.criteo.com/sid?cpp=o2Bn4XxqWXlQT0p5Sk5iUkplWVVUY1NsQnJjWFBZemJhOGplMUFiRTlackJTVFVhTEhnSkNZa3JtdlRPR3hNUm1MQlVIYnNoOUcySSs0em1WOXpISXdBV3kvZzY5M0x2MEZhVmtVZkV6Mk1DWEVJRHRpeFh3VVUrNW1udkdaQkRoL0tCcldtTktPTkZxNDVNdjAvdXR0dzhXRDN2aTNrTkltdWlKeUV2U29qYjB2NXE3M0FSS1BFalZmYmZ4dlZuWTczQy9YbllLUjVkVDU4QjlEZGwvSERHNlhMK0M0eVFLdTJOWDVjVXdKUm5wNi9FPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ask.fm
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2108
content-length: 482
expires: 0

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 24 B
365 B 161ms
71ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=425272&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221328cf5d51d633%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fask.fm%2Fbagelchard71034%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.39.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2223f11eb03f6ae6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2223f11eb03f6ae6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22750x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A750%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2223f11eb03f6ae6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22425272%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: bc2a25d72ba454ec22b0970fe517e75b4a5447d1ae2e82fe2858c49998a1d8a7

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:46:06 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DK], RC:[], CN:[EU], CIP:[37.120.194.221], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ask.fm
x-cs-client-geo: 10
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 44
x-ak-client-geo: 10
expires: Mon, 02 Aug 2021 10:46:06 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 260 B
1 KB 141ms
62ms XHR
application/json 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

ea7f6fbe0940238ee31146d14df07b15e668e0efa440900070e663a98b7451ff

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 10:46:06 GMT
X-Proxy-Origin: 37.120.194.221; 37.120.194.221; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: bbc5d515-2365-4c6a-b225-d23897fc5e04
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 260
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 259 B
1 KB 149ms
72ms XHR
application/json 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

d3fecd9cd6838b1e49ade94842e328d26ed087a372244537b5b61507c6e53e57

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 10:46:06 GMT
X-Proxy-Origin: 37.120.194.221; 37.120.194.221; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: fdf6590e-331d-41fc-b99f-f6cadef154fa
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ask.fm
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 259
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
362 B 145ms
48ms XHR
application/json 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://ask.fm
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 v2 Show response
i.connectad.io/api/ 0
359 B 86ms
54ms XHR
text/plain 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 02 Aug 2021 10:46:06 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://ask.fm
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 6786b8711ed996aa-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 / Show response
adx.adform.net/adx/ 10 B
449 B 234ms
150ms XHR
application/json 37.157.2.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTg2NTI1MyZ0cmFuc2FjdGlvbklkPWM2OTAzOTBiLTg5YmItNGQxNy1hYjExLTJlOTkxMWJiMDc2YyZyY3VyPVBMTg%3D%3D&bWlkPTgwMjYyMCZ0cmFuc2FjdGlvbklkPTU3YWU4MTU1LWNhYTEtNDFkMC05MjYyLTRhMGRjMmM3YzhiZSZyY3VyPVBMTg%3D%3D&pt=gross&stid=998bc68b-cdd9-491d-b2ac-992460ba821e&gdpr=0&gdpr_consent=undefined&fd=1

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:46:06 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ask.fm
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 10
expires: -1

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
371 B 323ms
110ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ask.fm
date: Mon, 02 Aug 2021 10:46:05 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 1
vary: origin, Accept-Encoding

POST
H2 204 apacdex Show response
useast.quantumdex.io/auction/ 0
609 B 199ms
171ms XHR
text/plain 2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/apacdex
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 02 Aug 2021 10:46:06 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://ask.fm
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F0TOo8A3L2lQjz5XZl3y8NXwAlo0Dczsxk6ymhMsQl40rEmealcPsuq66HcrfTdhyMnrAq3uSndX7DhL9rtQVh7DErlvR8IMY%2FVDhNvriFT2LAhU5T%2FA1y8%2FDozCCwq5L%2Bv13V%2B1nhVS%2Fh77TFJzi4Q4"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 6786b87128ed05b7-FRA

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 147ms
51ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1294
date: Mon, 02 Aug 2021 10:46:05 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 630 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK Cookie set bagelchard71034 Show response
ask.fm/ 16 KB
6 KB 221ms
221ms XHR
text/html 193.138.77.141
ASK-FM

General

Check archive.org

Show headers Download Go to

Full URL

https://ask.fm/bagelchard71034

Requested by

Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/optad360.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.138.77.141 , Latvia, ASN395754 (ASK-FM, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

1053ed3b1bbb74cf97f3b3f448728797c80c93783658b69728702f20e4c4f48d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: ask.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://ask.fm/bagelchard71034
Cookie: _pbjs_userid_consent_data=6683316680106290; cto_bidid=3l051F8lMkZ3JTJCYzA4diUyQkJnQkJSV1lBVzJlWHJNblVEdzZ1bURwNjZWQnRWV2NqZWc1WVYlMkZwRzVBVE9iRjVSUTE3aVBVQzNUZ2dDaktXbTAyc1BXJTJCSEhaSDh0R0ElM0QlM0Q; cto_bundle=8ThbtV9vNFVVODhZQyUyRlZhekhma2NnamElMkZobGpWUkQwT09tUVlOZGxyWmNtSWw3JTJGblhzRG1kdGtuVGRoNXB4SyUyRk1IRDNxVzFBRGU5S1VJV0tybVk5ZHNMMllNdkR6aVNFb1JQcm03cjkwZ3VYYWt3JTNE
Connection: keep-alive
Referer: https://ask.fm/bagelchard71034
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 02 Aug 2021 10:46:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Ask.FM Web Service
ETag: W/"887138318df83a4dd85fe6c61f88ab08"
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Status: 200 OK
Set-Cookie: locale=en; path=/; expires=Tue, 02 Aug 2022 16:46:06 -0000 uuid=f58b6930-2342-4b65-90a5-0cadbfe10a47; path=/; expires=Tue, 02 Aug 2022 16:46:06 -0000; secure; HttpOnly country=DK; path=/; expires=Tue, 02 Aug 2022 16:46:06 -0000 traffic_source=internal; path=/; expires=Wed, 04 Aug 2021 10:46:07 -0000 _m_ask_fm_session=aDF3UUg5clNYTWpzcXdXQlNQVnd4SGJTS3pJVW9KamJkSkdrYXFPVktzbW9yQTcrZnhRL3lJNHBma2QrRUtwbDlUdjNMbHdVd2NtY3g1UWVuQzdsdS9FbFBBUmZWdE14TUJMK290Y01TV0VucmZFZm5SSGlZQlFReG5pYWhTUnVERUFuR0FFZXN1d0NrVjdCeG8rSVVkL1hoUjZmQjdxUEg0ZDNTcnVQTHFlTFJzZ2d1VUpEdlpZSDNDOTg2Mm4wYk9jaUdSVjlTV0ZqSHRmNXk4YnpiRXVvczBmWE1OK01CRzlYYXBoaGNRdlNKZzVoZy9oYlZqaGRUNkQxOXA4US0tcHp1VE5MYlluYVJTRktzNXNmeWZHQT09--b2566cea44e12c21f0142ee315c7f3af445ca172; path=/; expires=Thu, 05 Aug 2021 10:46:07 -0000; secure; HttpOnly
Cache-Control: max-age=0, private, must-revalidate
Transfer-Encoding: chunked
Content-Security-Policy: frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security: max-age=63072000
X-XSS-Protection: 1; mode=block

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
163 B 166ms
48ms Image
image/gif 95.217.231.160
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?id=1627901166833.4146&type=INIT&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fbagelchard71034&t=415&v=91&width=528&z=p%3Adf%3Bv%3AinView%3B&r=0.6742080527492729
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.217.231.160 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ap11.adplayer.pro
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: https://ask.fm
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ask.fm
date: Mon, 02 Aug 2021 10:46:07 GMT
srvf: 95.217.231.160
server: nginx
srvb: 127.0.0.1:8082
content-length: 35
content-type: image/gif

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
162 B 167ms
48ms Image
image/gif 95.217.231.160
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?id=1627901166833.4146&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fbagelchard71034&t=426&v=91&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.4459639406762548
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.217.231.160 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ap11.adplayer.pro
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: https://ask.fm
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ask.fm
date: Mon, 02 Aug 2021 10:46:07 GMT
srvf: 95.217.231.160
server: nginx
srvb: 127.0.0.1:8082
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK Cookie set bagelchard71034 Show response
ask.fm/ 16 KB
6 KB 195ms
194ms XHR
text/html 193.138.77.141
ASK-FM

General

Check archive.org

Show headers Download Go to

Full URL

https://ask.fm/bagelchard71034

Requested by

Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/optad360.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.138.77.141 , Latvia, ASN395754 (ASK-FM, US),

Reverse DNS

Software

Ask.FM Web Service /

Resource Hash

5aa6f80a1c0ea58684bbb5b6b6cd11cfb924006200b4ad8ef1fd339035cd1366

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: ask.fm
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://ask.fm/bagelchard71034
Cookie: _pbjs_userid_consent_data=6683316680106290; cto_bidid=3l051F8lMkZ3JTJCYzA4diUyQkJnQkJSV1lBVzJlWHJNblVEdzZ1bURwNjZWQnRWV2NqZWc1WVYlMkZwRzVBVE9iRjVSUTE3aVBVQzNUZ2dDaktXbTAyc1BXJTJCSEhaSDh0R0ElM0QlM0Q; cto_bundle=8ThbtV9vNFVVODhZQyUyRlZhekhma2NnamElMkZobGpWUkQwT09tUVlOZGxyWmNtSWw3JTJGblhzRG1kdGtuVGRoNXB4SyUyRk1IRDNxVzFBRGU5S1VJV0tybVk5ZHNMMllNdkR6aVNFb1JQcm03cjkwZ3VYYWt3JTNE; locale=en; uuid=f58b6930-2342-4b65-90a5-0cadbfe10a47; country=DK; traffic_source=internal; _m_ask_fm_session=aDF3UUg5clNYTWpzcXdXQlNQVnd4SGJTS3pJVW9KamJkSkdrYXFPVktzbW9yQTcrZnhRL3lJNHBma2QrRUtwbDlUdjNMbHdVd2NtY3g1UWVuQzdsdS9FbFBBUmZWdE14TUJMK290Y01TV0VucmZFZm5SSGlZQlFReG5pYWhTUnVERUFuR0FFZXN1d0NrVjdCeG8rSVVkL1hoUjZmQjdxUEg0ZDNTcnVQTHFlTFJzZ2d1VUpEdlpZSDNDOTg2Mm4wYk9jaUdSVjlTV0ZqSHRmNXk4YnpiRXVvczBmWE1OK01CRzlYYXBoaGNRdlNKZzVoZy9oYlZqaGRUNkQxOXA4US0tcHp1VE5MYlluYVJTRktzNXNmeWZHQT09--b2566cea44e12c21f0142ee315c7f3af445ca172
Connection: keep-alive
Referer: https://ask.fm/bagelchard71034
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 02 Aug 2021 10:46:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Ask.FM Web Service
ETag: W/"6c4ef76c7a9289c023418ce1ca2fba40"
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Status: 200 OK
Set-Cookie: locale=en; path=/; expires=Tue, 02 Aug 2022 16:46:07 -0000 _m_ask_fm_session=QjlkMmhsT3JSVlNSZUhKWVQ4YWo2c0RHcWdKUzNMRHduSVFCbjE2cDNhaDB4ZEpkVHM2UVdhVDZHZ3QrcXRCeTByM1VrYjFNRHJRSkZMdUZIT3IyQS9SR3BhYytpanoxRmZXOFdlVmF2ckpOOUNPT01INllZTXlGamdyN1BxYjdTcTMxcnp1WllxOFdQdXhhRzFYL0x1RjNHWXBHTDg3STBWWHpydXBLemtTMkJiQlRNeDh5V3JncGQ2bTViVkpTZ3RhQWFjOWU5NkFhRThXN0lwMUtjeGlvVnNKdWovRW96YTFBWW4rUmI3cXNoWG5TbmZEbU0wT2RhcU5aZjBLKy0tSkgwWTRmRXlaVHREQ1E1djM1ajhpdz09--bc63ebe0c1b374c7cd42c83f1d0d5490f47f94bb; path=/; expires=Thu, 05 Aug 2021 10:46:07 -0000; secure; HttpOnly
Cache-Control: max-age=0, private, must-revalidate
Transfer-Encoding: chunked
Content-Security-Policy: frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security: max-age=63072000
X-XSS-Protection: 1; mode=block

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
162 B 48ms
48ms Image
image/gif 95.217.231.160
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?d=1&id=1627901166833.4146&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fbagelchard71034&t=651&v=91&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.7398598567346304
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.217.231.160 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ap11.adplayer.pro
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: https://ask.fm
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ask.fm
date: Mon, 02 Aug 2021 10:46:07 GMT
srvf: 95.217.231.160
server: nginx
srvb: 127.0.0.1:8082
content-length: 35
content-type: image/gif

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
162 B 48ms
48ms Image
image/gif 95.217.231.160
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?id=1627901166833.4146&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fbagelchard71034&t=850&v=91&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.3876612201353402
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.217.231.160 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ap11.adplayer.pro
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: https://ask.fm
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ask.fm
date: Mon, 02 Aug 2021 10:46:07 GMT
srvf: 95.217.231.160
server: nginx
srvb: 127.0.0.1:8082
content-length: 35
content-type: image/gif

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
162 B 48ms
48ms Image
image/gif 95.217.231.160
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?d=1&id=1627901166833.4146&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fask.fm%2Fbagelchard71034&t=850&v=91&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.6474174838076108
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.217.231.160 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ap11.adplayer.pro
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: https://ask.fm
Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ask.fm
date: Mon, 02 Aug 2021 10:46:07 GMT
srvf: 95.217.231.160
server: nginx
srvb: 127.0.0.1:8082
content-length: 35
content-type: image/gif

POST
H2 200 48953915 Show response
mc.yandex.com/webvisor/ 43 B
145 B 131ms
44ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=2&wv-hit=376183186&page-url=https%3A%2F%2Fask.fm%2Fbagelchard71034&rn=130927341&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1627901168%3Aw%3A1600x1200%3Av%3A608%3Az%3A120%3Ai%3A20210802124607%3Au%3A1627901163272064409%3Avf%3A4uzkmd4e35cd16k0n%3Awe%3A1%3Ati%3A2%3Ast%3A1627901168

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:46:07 GMT
last-modified: Mon, 02-Aug-2021 10:46:07 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 02-Aug-2021 10:46:07 GMT

GET
H2 200 apacdex Show response
sync.quantumdex.io/usersync/ Frame 87AE 3 KB
1 KB 130ms
127ms Document
text/html 2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/apacdex
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c95dfbb5a79a7f340398f30c90fd0d05992509535e3e268d7614f31184401e4d

Request headers

:method: GET
:authority: sync.quantumdex.io
:scheme: https
:path: /usersync/apacdex
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ask.fm/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ask.fm/

Response headers

date: Mon, 02 Aug 2021 10:46:09 GMT
content-type: text/html
set-cookie: uid=be7b9aaf-9188-4acb-bf41-6d9795535297; expires=Sun, 22 Aug 2021 10:46:09 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jPEevZmagL3ZlKQIQN1ekn0bIGPzlvl8t3uzSsFtak1gO6Wd1HexGQFlGFQLdXwssGDq8yWnU1cJMWPVdWhgGoScp7EcynM%2FTWSclFwqiL%2BsmxqImp7IZz082s49n%2Bj8ZrY9mqYTaBUcpofq5bTYBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6786b885cd2205b7-FRA
content-encoding: br

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame E677 1 KB
749 B 55ms
53ms Document
text/html 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

:method: GET
:authority: cdn.connectad.io
:scheme: https
:path: /connectmyusers.php?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ask.fm/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ask.fm/

Response headers

date: Mon, 02 Aug 2021 10:46:09 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6786b885c9ac96aa-FRA
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 6DB7 52 KB
17 KB 113ms
36ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ask.fm/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ask.fm/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Fri, 30 Jul 2021 04:43:13 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 02 Aug 2021 10:46:09 GMT
Age: 21770
X-Served-By: cache-lga13624-LGA, cache-fra19152-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 201878
X-Timer: S1627901170.660607,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 627D 2 KB
823 B 42ms
42ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1627901166387

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?cb=1627901166387
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ask.fm/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ask.fm/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 22EA 2 KB
1 KB 124ms
43ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ask.fm/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ask.fm/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Mon, 02 Aug 2021 10:46:09 GMT
Connection: keep-alive

GET
H2 204 /
onetag-sys.com/usync/ 0
52 B 43ms
42ms Image
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform

GET
H2 204 1
sync-eu.connectad.io/syncer/ Frame A6D2 0
0 23ms
21ms Document
text/plain 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-eu.connectad.io/syncer/1
Requested by: Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: sync-eu.connectad.io
:scheme: https
:path: /syncer/1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.connectad.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: cadsync
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cdn.connectad.io/

Response headers

date: Mon, 02 Aug 2021 10:46:09 GMT
set-cookie: id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control: no-cache, private
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6786b88629f796aa-FRA

GET
H2

200

setuid
sync.quantumdex.io/ Frame 87AE
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2868822715781843326

43 B
326 B

135ms
130ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2868822715781843326
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:46:09 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2FfZnAM6OQrxv6fTbORi12fC2TDA3Z9OCS1DELLaT5QtPMIrX03Ihv14ZCCCSa5Xfi%2BGNgDQv5EuGOgVhaaJcflDTOcstM2Ply2%2BCWR1jVd10Q8D%2BUErAE1M7eh45P6V315O87rGwbcdgz3LgxNdIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6786b887791a05b7-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 10:46:09 GMT
X-Proxy-Origin: 37.120.194.221; 37.120.194.221; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: f63b2340-6521-45d9-b9a5-1c2f0125a7c1
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2868822715781843326
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 87AE
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPd91087d9-f37e-11eb-b96a-02024cce8e0c
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd91087d9-f37e-11eb-b96a-02024cce8e0c

43 B
326 B

128ms
128ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd91087d9-f37e-11eb-b96a-02024cce8e0c
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:46:10 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D8DjGBb2IA6A6sMpRaoYjO8CJdPU3ztKEyiVMVunaj4cvqv1RtRNth0WsWq7m%2B843jgP1BG3Wu7AIoLbmPxo7az%2FzUTGO324i6l1kn9mIU3h%2FSKYE%2B2ESshIqGDiU3dTIKxWK1l3MIgSJCcjR4sxjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6786b8881aaf05b7-FRA
content-length: 43

Redirect headers

Date: Mon, 02 Aug 2021 10:46:09 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd91087d9-f37e-11eb-b96a-02024cce8e0c
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 87AE
Redirect Chain

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=d9be43e2-e7a2-4149-a482-34813af3fea2

43 B
324 B

139ms
138ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=d9be43e2-e7a2-4149-a482-34813af3fea2
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:46:09 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fiteCOO7zlmZkE0DD3ahWDh8W3lLqn8LOeoLQRW1aBn%2FG0QxrNFWrgBWuzHr7snhpmVzXTu5%2FN6YuNfHsBw2WgQVyn2DfPbgta%2BulWFliCA%2B9WaWcMRC6Fceou7Kfnel8UpnrVisZzbf3JJv6Vgdcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6786b887790805b7-FRA
content-length: 43

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=d9be43e2-e7a2-4149-a482-34813af3fea2
date: Mon, 02 Aug 2021 10:46:09 GMT
content-length: 0

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 87AE 0
474 B 159ms
37ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 10:46:09 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200

1.gif
id5-sync.com/c/495/0/0/ Frame 87AE
Redirect Chain

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

43 B
1 KB

58ms
57ms

Image
image/gif

51.75.146.200
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.75.146.200 , France, ASN16276 (OVH, FR),

Reverse DNS

p11.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 02 Aug 2021 10:46:09 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

Location: https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date: Mon, 02 Aug 2021 10:46:09 GMT
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H2

200

setuid
sync.quantumdex.io/ Frame 87AE
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=bdd1330f5e004844a3a233aa

43 B
347 B

149ms
140ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=bdd1330f5e004844a3a233aa
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:46:10 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Anpt3WviHjS8f7pMvU4ciUt6FMcODedl0K1PpJt%2F8gtkEYMGLjmFIElQImHxuDA3rxY%2B5aTEbqud7T6FUS1zU5ovoefDs4GTJurSaXxhHFoBeKdIIhGffYEIOdtmWBvOiBBS%2Fdz13tDmxflws1DdBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6786b887da0405b7-FRA
content-length: 43

Redirect headers

Date: Mon, 02 Aug 2021 10:46:09 GMT
Server: nginx
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=bdd1330f5e004844a3a233aa
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 87AE
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Xflpb5VE2uFGAwsOVz..3NS3khCyVaBL293P7dQ-~A

43 B
470 B

132ms
132ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Xflpb5VE2uFGAwsOVz..3NS3khCyVaBL293P7dQ-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:46:10 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nDXexIJnrd%2Fwmm%2B5AhO%2Bu5m3%2FWDKRpIzR%2BqlK4jRlysqZWwW4wpsKPahYRWyIPgYV4wT4kTdLM0vm1LG9OQZjJwAue1jvfnNPKzG3DCBIcUdaxMDjQ7%2BGN2Thmp%2Fh4YMegNkELw7PG9S8zak98eW9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6786b887fa4b05b7-FRA
content-length: 43

Redirect headers

Date: Mon, 02 Aug 2021 10:46:09 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Xflpb5VE2uFGAwsOVz..3NS3khCyVaBL293P7dQ-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 87AE
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4860921290102001950

43 B
337 B

139ms
131ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4860921290102001950
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:46:09 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yWaWhKgYOUue3RVavKQvnrTzSyookHlFN%2FujFxyO9Q4WrOK7WShxFM6OhaK6Izp6ikC3pJuJYtIyo5Ve8HgJfKPNkjvFySDNWNC0HpiOKRqFmMZaAKb1Y9PzTEXAnbnA4CTFlCTeZYXj%2FBAdy7Omwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6786b887285e05b7-FRA
content-length: 43

Redirect headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 10:46:09 GMT
X-Proxy-Origin: 37.120.194.221; 37.120.194.221; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 0c61490d-4bac-4de0-a53a-e7a7201e81cd
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=4860921290102001950
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 87AE
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-ab2c2771-bf25-4450-ba0b-5bcfa906bece

43 B
332 B

133ms
133ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-ab2c2771-bf25-4450-ba0b-5bcfa906bece
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:46:10 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ouyJ0nmb3x3r9OJrBSPtzt4F0eOX7YDUm1keCZqZS8ReM4Z3BnfV%2Fhj%2BWaFzLVgSzUM4W5I6%2FZf%2ByeSmowk24UO7Hi7yenPTrT3GbIinMOxK0LMFnuny2wnqkzJKA8dGWn0AqzKgH%2FbaAzZ%2FQ3%2Fwvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6786b888fc5705b7-FRA
content-length: 43

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-ab2c2771-bf25-4450-ba0b-5bcfa906bece
date: Mon, 02 Aug 2021 10:46:10 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 87AE
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=658c1a2c-ae95-4e13-aed8-87a4bbacf0f4

43 B
326 B

128ms
128ms

Image
image/gif

2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=658c1a2c-ae95-4e13-aed8-87a4bbacf0f4
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:46:10 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QW2LercUQX%2F8M4x9XXZNuSR20Mx%2F4QVVXPOs7uPmEIDr3rTbawO00topKSbIwZBjyk4WtmoIyUjutkXaWz3VjYCuYqsX%2FkYvef1oaGnQyAgoZrCCUtHVhlpEwpELi9SppSzbbcoa5SXgATSMh4PVzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6786b887fa4a05b7-FRA
content-length: 43

Redirect headers

date: Mon, 02 Aug 2021 10:46:09 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mb%2Bz%2BUV4DdCxvCi3VAOd7JA8apkoqaFro1vqjgBgg%2B4jgR0I3rydeDmblY4%2FdGnXMVsYMvbbNTZFW3oJyCyj%2B6uyxHIq6jx6Q%2BI4KK%2FcMJJwuA01YStQ8aoODKKyKytXb7Mk1kXsa4zmI0W5dVg%3D"}],"group":"cf-nel","max_age":604800}
location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=658c1a2c-ae95-4e13-aed8-87a4bbacf0f4
cf-ray: 6786b886af4005b7-FRA
content-length: 0

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame CEC4
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
3 KB

70ms
69ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5be836f43e9ae7a32f0237541180ca35e432576f4b16bc025a1cff6302e5447a

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMPS=647; CMID=YQfM8cH8jGx33hXuanairAAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 230|241|39|45|65|13|221|206
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1945
Expires: Mon, 02 Aug 2021 10:46:09 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 02 Aug 2021 10:46:09 GMT
Connection: keep-alive
Set-Cookie: CMID=YQfM8cH8jGx33hXuanairAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 02 Aug 2022 10:46:09 GMT CMPS=647;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 31 Oct 2021 10:46:09 GMT CMPRO=339;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 31 Oct 2021 10:46:09 GMT CMST=YQfM8WEHzPEA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 03 Aug 2021 10:46:09 GMT CMRUM3=276107ccf10b40&2d6107ccf105a0&416107ccf105a0&0d6107ccf105a0&dd6107ccf12760&ce6107ccf105a0&f16107ccf105a0&e66107ccf12760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 02 Aug 2022 10:46:09 GMT

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Mon, 02 Aug 2021 10:46:09 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 02 Aug 2021 10:46:09 GMT
Connection: keep-alive
Set-Cookie: CMID=YQfM8cH8jGx33hXuanairAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 02 Aug 2022 10:46:09 GMT CMPS=647;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 31 Oct 2021 10:46:09 GMT

GET
H/1.1 200
OK Cookie set uc.html Show response
sync.go.sonobi.com/ Frame F5F5 43 B
551 B 154ms
36ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

Date: Mon, 02 Aug 2021 10:46:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s579|YQfM9; path=/; domain=.go.sonobi.com

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 9FF0 14 KB
5 KB 128ms
39ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=111502
expires: Tue, 03 Aug 2021 17:44:31 GMT
date: Mon, 02 Aug 2021 10:46:09 GMT
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 1B8D 2 KB
823 B 44ms
42ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2bb78272a859ca6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame C90A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

79ms
79ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 23b4dc200f26d550a93813c146722222c25a57ec6b2d0cd25c8d8e7bed77ae09

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YQfM8XXxP50fsiP3xnXrMQAA; CMPS=647
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 230|241|45|39|31|176|65|47
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1811
Expires: Mon, 02 Aug 2021 10:46:09 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 02 Aug 2021 10:46:09 GMT
Connection: keep-alive
Set-Cookie: CMID=YQfM8XXxP50fsiP3xnXrMQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 02 Aug 2022 10:46:09 GMT CMPS=647;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 31 Oct 2021 10:46:09 GMT CMPRO=1854;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 31 Oct 2021 10:46:09 GMT CMRUM3=2d6107ccf105a0&416107ccf105a0&276107ccf10b40&b06107ccf105a00&f16107ccf105a0&e66107ccf12760&2f6107ccf105a0&1f6107ccf105a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 02 Aug 2022 10:46:09 GMT CMST=YQfM8WEHzPEA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 03 Aug 2021 10:46:09 GMT

Redirect headers

Server: Apache
Content-Length: 329
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Mon, 02 Aug 2021 10:46:09 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 02 Aug 2021 10:46:09 GMT
Connection: keep-alive
Set-Cookie: CMID=YQfM8XXxP50fsiP3xnXrMQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 02 Aug 2022 10:46:09 GMT CMPS=647;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 31 Oct 2021 10:46:09 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 6DB7
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
805 B

49ms
43ms

Script
text/html

37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 10:46:09 GMT
X-Proxy-Origin: 37.120.194.221; 37.120.194.221; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: f00f7899-2be5-4055-af4f-cc6b042b8c78
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 10:46:09 GMT
X-Proxy-Origin: 37.120.194.221; 37.120.194.221; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 6d2c35e6-6abe-4339-96d9-6838e30b6492
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 9FF0 0
42 B 139ms
44ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=2433080&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:46:09 GMT
content-length: 0

POST
H2 200 48953915 Show response
mc.yandex.com/webvisor/ 43 B
176 B 48ms
43ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/48953915?wmode=0&wv-part=3&wv-hit=376183186&page-url=https%3A%2F%2Fask.fm%2Fbagelchard71034&rn=652393082&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1627901170%3Aw%3A1600x1200%3Av%3A608%3Az%3A120%3Ai%3A20210802124609%3Au%3A1627901163272064409%3Avf%3A4uzkmd4e35cd16k0n%3Awe%3A1%3Ati%3A2%3Ast%3A1627901170

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ask.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:46:09 GMT
last-modified: Mon, 02-Aug-2021 10:46:09 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://ask.fm
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 02-Aug-2021 10:46:09 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame CEC4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQfM8cH8jGx33hXuanairAAAAVMAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YQfM8cH8jGx33hXuanairAAAAVMAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFQaVfeQpeaHCoDPUM_EBfc&google_cver=1

43 B
315 B

49ms
49ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFQaVfeQpeaHCoDPUM_EBfc&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 10:46:10 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Mon, 02 Aug 2021 10:46:10 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:46:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEFQaVfeQpeaHCoDPUM_EBfc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame CEC4
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQfM8cH8jGx33hXuanairAAAAVMAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQfM8cH8jGx33hXuanairAAAAVMAAAAB&dcc=t

43 B
645 B

258ms
130ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQfM8cH8jGx33hXuanairAAAAVMAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 10:46:10 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: FECVE1YN60EBRNN4D44N
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 10:46:10 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 0WVSES95C5763NPZ02JX
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQfM8cH8jGx33hXuanairAAAAVMAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame CEC4 70 B
264 B 157ms
51ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YQfM8cH8jGx33hXuanairAAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:46:10 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame CEC4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YQfM8XXxP50fsiP3xnXrMQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJKg0VnVhu-srjEnPSkSadA&google_cver=1&gdpr=1

43 B
1000 B

57ms
56ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJKg0VnVhu-srjEnPSkSadA&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 10:46:10 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 02 Aug 2021 10:46:10 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:46:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJKg0VnVhu-srjEnPSkSadA&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame CEC4
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1627987569&gdpr=1

43 B
315 B

131ms
48ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1627987569&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 10:46:10 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Mon, 02 Aug 2021 10:46:10 GMT

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1627987569&gdpr=1
pragma: no-cache
date: Mon, 02 Aug 2021 10:46:09 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET indexexchange
sync.adotmob.com/cookie/ Frame CEC4 0
0

GET
H2

200

tpid=YQfM8cH8jGx33hXuanairAAA%26339
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame CEC4
Redirect Chain

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YQfM8cH8jGx33hXuanairAAA%26339?gdpr_consent=&us_privacy=&gdpr=1
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YQfM8cH8jGx33hXuanairAAA%26339?gdpr_consent=&us_privacy=&gdpr=1

49 B
735 B

68ms
68ms

Image
image/gif

54.171.173.220
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YQfM8cH8jGx33hXuanairAAA%26339?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.173.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-173-220.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:46:10 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.0.62
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:46:10 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YQfM8cH8jGx33hXuanairAAA%26339?gdpr_consent=&us_privacy=&gdpr=1
cache-control: no-cache
x-server: 10.45.14.94
content-length: 0
expires: 0

GET
H/1.1 204
No Content sync
ups.analytics.yahoo.com/ups/55940/ Frame CEC4 0
234 B 45ms
40ms Image
text/plain 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YQfM8cH8jGx33hXuanairAAAAVMAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 02 Aug 2021 10:46:09 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 setuid
sync.quantumdex.io/ Frame CEC4 43 B
327 B 138ms
132ms Image
image/gif 2606:4700:20::ac43:47f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YQfM8cH8jGx33hXuanairAAAAVMAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:46:10 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A4satoIAECHOxXyOWRP01v6Gg4u%2F44Q5Kd80qn3kUgRowy7SJqCkbzJ8OggdPmj12CtOo17GuOCDFX3rl5dD7Ek1Kj7Zg0Z7OhvtgeaI1H%2BY%2BNIDO95vgq32Jn%2BOHmtR3bs%2BPwz60wNwenv6Ebnc4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 6786b8884af505b7-FRA
content-length: 43

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame C90A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YQfM8XXxP50fsiP3xnXrMQAABz4AAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YQfM8XXxP50fsiP3xnXrMQAABz4AAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBc4gGPzE0tasB-tJVrdwcQ&google_cver=1

43 B
315 B

66ms
61ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBc4gGPzE0tasB-tJVrdwcQ&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 10:46:10 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Mon, 02 Aug 2021 10:46:10 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:46:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEBc4gGPzE0tasB-tJVrdwcQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame C90A
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQfM8XXxP50fsiP3xnXrMQAABz4AAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQfM8XXxP50fsiP3xnXrMQAABz4AAAAB&dcc=t

43 B
645 B

243ms
126ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQfM8XXxP50fsiP3xnXrMQAABz4AAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 10:46:10 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: KNBW1SEQCSVDZ7QFS2T6
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 10:46:10 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: PV8FD23G6HGWFMXH4255
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YQfM8XXxP50fsiP3xnXrMQAABz4AAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame C90A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YQfM8XXxP50fsiP3xnXrMQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJKg0VnVhu-srjEnPSkSadA&google_cver=1&gdpr=1

43 B
1000 B

59ms
58ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJKg0VnVhu-srjEnPSkSadA&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 10:46:10 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 02 Aug 2021 10:46:10 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:46:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJKg0VnVhu-srjEnPSkSadA&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame C90A 70 B
265 B 154ms
51ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YQfM8XXxP50fsiP3xnXrMQAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Aug 2021 10:46:10 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame C90A
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6811875701309360555&uid=Q6811875701309360555&ref=%2Feucm%2Fp%2Fcc
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

42ms
41ms

Image
image/gif

104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 02 Aug 2021 10:46:10 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/5.3.3
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Mon, 02 Aug 2021 10:46:10 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 200 113
match.deepintent.com/usersync/ Frame C90A 0
44 B 395ms
131ms Image
text/plain 38.91.45.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/113
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:46:09 GMT
content-length: 0
server: a

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame C90A
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1627987569&gdpr=1

43 B
315 B

179ms
47ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1627987569&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 10:46:10 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Mon, 02 Aug 2021 10:46:10 GMT

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1627987569&gdpr=1
pragma: no-cache
date: Mon, 02 Aug 2021 10:46:09 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame C90A
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=86FdjCWw1Mavsv5&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=86FdjCWw1Mavsv5&gdpr=1&C=1

43 B
1001 B

50ms
49ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=86FdjCWw1Mavsv5&gdpr=1&C=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 10:46:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 02 Aug 2021 10:46:11 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 10:46:11 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=86FdjCWw1Mavsv5&gdpr=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 290
Expires: Mon, 02 Aug 2021 10:46:11 GMT

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame C90A 43 B
425 B 40ms
37ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YQfM8XXxP50fsiP3xnXrMQAA%261854
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://ask.fm/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 02 Aug 2021 10:46:09 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=1520
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 02 Aug 2021 11:11:29 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 6DB7
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
805 B

52ms
49ms

Script
text/html

37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 10:46:10 GMT
X-Proxy-Origin: 37.120.194.221; 37.120.194.221; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: d7ed7872-a9d6-4570-af46-afd934451d95
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 02 Aug 2021 10:46:10 GMT
X-Proxy-Origin: 37.120.194.221; 37.120.194.221; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: c411f181-533e-49b8-ac24-759cc8753911
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.adotmob.com
URL: https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ask.fm/	1970-01-19 20:12:53	Name: _ym_isad Value: 2
.ask.fm/	1970-01-20 04:57:17	Name: _ym_d Value: 1627901163
.ask.fm/	1970-01-20 04:57:17	Name: _ym_uid Value: 1627901163272064409
ask.fm/	1970-01-19 20:16:00	Name: _m_ask_fm_session Value: L0g3RFpkNU5kWGxlZ2xiL0U0Yy9YNW9VR2pFekwwYkRwalA1OGNZcTM2bjdLVTlRQ1Z0aGxXSXRxaS9QL1hEajJzNWM1S2tYMWQxeU1YNk9PRTdsZ0NEMUZYMzFiOHJVWFoxTzJHNmVYTHdtcGducEZQakhmWWRZMURQUE5QbTQyQ3ppS3p3cXQ4eXJyVGVYNURLd1M2YnpxOHpOck1acWhvU1ljUm5XNDBMajJOZDAxQldHQkpZSHNxRlhCMG5aRWFCeUNZdm95dlErU3J1L2RNZisxUWpNV2JBQUJIMkNWTEpSY3o3dVAyV0xzVWY4Y05TaFBiUXhjQmNrSXg5cS0tU1JxRi9wVW4zck5kSTk5dVI0VzdHZz09--e79a06ae5fb216367db0f464eddab5dd39bc5939
ask.fm/	1970-01-20 04:57:38	Name: country Value: DK
ask.fm/	1970-01-20 04:57:38	Name: uuid Value: 04b8f842-716a-461a-a712-a814bea559b0
ask.fm/	1970-01-19 20:14:33	Name: traffic_source Value: organic
ask.fm/	1970-01-20 04:57:38	Name: locale Value: en

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://askfm.adspirit.de
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ads.pubmatic.com
adx.adform.net
ap.lijit.com
ask.fm
bcp.crwdcntrl.net
casale-match.dotomi.com
cdn.connectad.io
cdn.jsdelivr.net
cm.g.doubleclick.net
cmp.optad360.io
connect.facebook.net
d3r6ceqp4shltl.cloudfront.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
get.optad360.io
gum.criteo.com
htlb.casalemedia.com
i.connectad.io
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
js-sec.indexww.com
match.adsrvr.org
match.deepintent.com
match.sharethrough.com
mc.yandex.com
mc.yandex.ru
ms.quantumdex.io
mug.criteo.com
nep.advangelists.com
onetag-sys.com
pixel.advertising.com
pm.w55c.net
prebid.a-mo.net
px.owneriq.net
s.amazon-adsystem.com
serving.stat-rock.com
ssum-sec.casalemedia.com
sync-eu.connectad.io
sync.adotmob.com
sync.go.sonobi.com
sync.quantumdex.io
ups.analytics.yahoo.com
useast.quantumdex.io
www.facebook.com
www.googletagmanager.com
sync.adotmob.com
104.111.242.53
142.250.186.162
147.75.38.124
151.101.13.108
178.162.133.149
178.250.0.157
184.31.84.150
185.64.190.78
193.138.77.141
2.18.233.180
2.18.234.21
209.54.176.128
2600:9000:206f:2e00:11:a4de:2580:93a1
2600:9000:2190:5000:6:b871:4f00:93a1
2600:9000:2190:cc00:11:3771:2e40:21
2606:4700:10::6816:37ce
2606:4700:20::ac43:47f1
2a00:1450:4001:82b::2008
2a02:2638:1::13
2a02:6b8::1:119
2a02:fa8:8806:20::2040
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::485
3.123.143.157
3.126.56.137
3.217.109.237
35.157.177.200
35.158.223.21
37.157.2.235
37.252.173.22
38.91.45.7
51.75.146.200
51.89.9.253
54.171.173.220
72.251.249.14
76.223.111.131
95.217.231.160
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
1053ed3b1bbb74cf97f3b3f448728797c80c93783658b69728702f20e4c4f48d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
20febe583cb2a23f617c4d52313a8ca381e2b166b2a2bac90e6ad426f92eb309
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
23b4dc200f26d550a93813c146722222c25a57ec6b2d0cd25c8d8e7bed77ae09
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3929e571584ac404ba32c11166c577244729dbd1e4189320e124126366224f08
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3ebd1d73b47070634d01446d439db12e0da34de7243dbbeb378f3564b2d8a15a
3ffd3c012ea6753cd0373b0c79c43ab8a1915dd112e15c821ea654e8b01739ed
41a55cdd25020bd53d2d10843f29a3c8bda5bc8c6f09df2bd76323eccc294401
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45d4e6a4c530d2a348585ded6e0649e885207776f12e9d748b6d9499d07004e9
467206f00105224e1a448a4ac9950cf1ad03988d92f95a03100b64c6feb17999
4e36c9dbc9b69c7203e62bda33f4825bd8cdadfdd3d873b481b6d81dd0d80316
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5aa6f80a1c0ea58684bbb5b6b6cd11cfb924006200b4ad8ef1fd339035cd1366
5be836f43e9ae7a32f0237541180ca35e432576f4b16bc025a1cff6302e5447a
5f7603e550c8e6b1c5558c705e40c5af41e5801900b657521810fd80b1e973e3
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66edeaea54905149f6b210ded0028955591b3623cc0ca0da4f9487d23e0ea7a8
70f9104f32191ca7f434f01af2eb5e6cb3f126788c4868874c1336c0f6cd2929
78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3
7c99ae4d1bea4c395749b197ec45efa645ce1586815ca8280a60a35367ed88bf
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
852c7c6ef95540307f675837c58d3fa9d1f1aace84e35a69a0190f3a5422bd32
853324ad1cb1a0bbc62244f1854403cfe21ddb5bd45fd2595d018734c80daac7
86a90b183aecfa70018125329bdc860971b2f20123c0f40e68bac0a1dcb58645
89ddacf8bc7e764f058d75b6d079ea41844030e63696cb44d85abcfd6adc07c8
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
91bda5e2d381a6cf32cae9ff35027dd135e620acccfc1873295285f436e58808
98d048f69aad37fdb9e3ce5953919266995ecf527eee4a8b4257790bf330f42f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4d41a3ea8d68b6345c05e0679a4a9ccb6d4edd35e008d72d4c21db95e021683
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2
bc2a25d72ba454ec22b0970fe517e75b4a5447d1ae2e82fe2858c49998a1d8a7
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c233d6098087425dfeea8f690fd936de6b3cb2dc9fda991b0a5051169d334399
c95dfbb5a79a7f340398f30c90fd0d05992509535e3e268d7614f31184401e4d
d3fecd9cd6838b1e49ade94842e328d26ed087a372244537b5b61507c6e53e57
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea7f6fbe0940238ee31146d14df07b15e668e0efa440900070e663a98b7451ff
f56ad273e0204eb8d21346d7116686e717353c0864546a4e66a72b581e594a75

ask.fm Open in urlscan Pro 193.138.77.141 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

89 Requests

99 %HTTPS

32 %IPv6

36 Domains

47 Subdomains

32 IPs

11 Countries

1150 kBTransfer

2280 kBSize

8 Cookies

12 Outgoing links

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

ask.fm Open in urlscan Pro
193.138.77.141 Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

99 %
HTTPS

32 %
IPv6

36
Domains

47
Subdomains

32
IPs

11
Countries

1150 kB
Transfer

2280 kB
Size

8
Cookies

89 HTTP transactions
1 data transactions