www.folkd.com Open in urlscan Pro
2606:4700:3035::ac43:caae  Public Scan

13 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

• https://mc.yandex.com/sync_cookie_image_check HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9390.5noI4h7EYvTB924vRmju9dDU8YJ_OjYIiNFLasCG-wH1aZJCJcgRuShDnnddWFLs.2BXHl8UssaHyE37BXy6hQODR-_o%2C HTTP 302
• https://mc.yandex.com/sync_cookie_image_decide?token=9390.N_a6yQUnxv62vnti3rrvxaCowwuzFxIXLw8zIp6uItrxZnAdeX8oq6T7nPfYSRmsvgN8ugmPATPRZCYNX-r2BQ%2C%2C.yQ4O0SDZEZPvMqGSsmDuLeHt-yU%2C

Request Chain 37

• https://cm.g.doubleclick.net/pixel?google_nid=easymedia&google_cm HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=easymedia&google_cm=&google_tc= HTTP 302
• https://brain.rvty.net/RTB/GoogleMatch?google_gid=CAESEIdhU5OkRCNW8_LpYN-irH8&google_cver=1

Request Chain 38

• https://mc.yandex.com/watch/71239210?wmode=7&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A236%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A783575783570%3Ahid%3A593722424%3Az%3A120%3Ai%3A20210908065304%3Aet%3A1631076785%3Ac%3A1%3Arn%3A488413890%3Au%3A163107678547609850%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1631076784057%3Ads%3A7%2C16%2C106%2C1%2C0%2C0%2C%2C336%2C1%2C%2C%2C%2C470%3Adsn%3A7%2C16%2C106%2C1%2C0%2C0%2C%2C337%2C0%2C%2C%2C%2C470%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631076785%3At%3Avieclambienhoadongnai%20%7C%20user%20details%20%7C%20folkd.com HTTP 302
• https://mc.yandex.com/watch/71239210/1?wmode=7&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A236%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A783575783570%3Ahid%3A593722424%3Az%3A120%3Ai%3A20210908065304%3Aet%3A1631076785%3Ac%3A1%3Arn%3A488413890%3Au%3A163107678547609850%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1631076784057%3Ads%3A7%2C16%2C106%2C1%2C0%2C0%2C%2C336%2C1%2C%2C%2C%2C470%3Adsn%3A7%2C16%2C106%2C1%2C0%2C0%2C%2C337%2C0%2C%2C%2C%2C470%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631076785%3At%3Avieclambienhoadongnai%20%7C%20user%20details%20%7C%20folkd.com

Request Chain 40

• https://ad8.ad-srv.net/request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=68b7f0c83a&subid=&uid=272ceaaa7363148b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fbrain.rvty.net%2FRTB%2FClick%3Fx%3DEASY-X-COORDINATE%26y%3DEASY-Y-COORDINATE%26s%3D1567140%26a%3D146060%26t%3D1631076784797%26l%3D-875671883%26p%3D17%26appid%3D%26aa%3Dc5052b90fcd0443da26cfb3b36e9a8d1%26gdpr%3D0%26gdpr_consent%3D%26dest%3D&documentReferer=https%3A%2F%2Fwww.folkd.com%2F&ancestorOrigins=https%3A%2F%2Fwww.folkd.com%2Chttps%3A%2F%2Fwww.folkd.com&random=3044312585084&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
• https://ad8.ad-srv.net/request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=68b7f0c83a&subid=&uid=272ceaaa7363148b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fbrain.rvty.net%2FRTB%2FClick%3Fx%3DEASY-X-COORDINATE%26y%3DEASY-Y-COORDINATE%26s%3D1567140%26a%3D146060%26t%3D1631076784797%26l%3D-875671883%26p%3D17%26appid%3D%26aa%3Dc5052b90fcd0443da26cfb3b36e9a8d1%26gdpr%3D0%26gdpr_consent%3D%26dest%3D&documentReferer=https%3A%2F%2Fwww.folkd.com%2F&ancestorOrigins=https%3A%2F%2Fwww.folkd.com%2Chttps%3A%2F%2Fwww.folkd.com&random=3044312585084&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 41

• https://www.awin1.com/cshow.php?s=2470169&v=11354&q=371933&r=278235&pv=1&pref1=14101300027621401324219011711008&gdpr=&gdpr_consent= HTTP 302
• https://www.zenaps.com/cshow.php?pvr=a7411d50-1060-11ec-855b-692d0ae1a3be&v=11354&r=278235&q=371933&s=2470169&viewref=14101300027621401324219011711008&pv=1&gdpr=&gdpr_consent= HTTP 302
• https://www.conrad.de/ztpv.php?awc=11354_278235_1631076785_a7411d50-1060-11ec-855b-692d0ae1a3be&insert=AW

Request Chain 45

• https://www.awin1.com/cshow.php?s=2470169&v=11354&q=371933&r=278235&pref1=14101300027621401324219011711008&gdpr=&gdpr_consent= HTTP 302
• https://www.zenaps.com/cshow.php?pvr=a744ede0-1060-11ec-a85c-692d033a3c28&v=11354&r=278235&q=371933&s=2470169&viewref=14101300027621401324219011711008&gdpr=&gdpr_consent= HTTP 302
• https://asset.conrad.com/media10/isa/160267/c1/-/de/Schulanfang_160x600?format=gif

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request vieclambienhoadongnai Show response www.folkd.com/user/	33 KB 8 KB	130ms 106ms	Document text/html	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.folkd.com/user/vieclambienhoadongnai Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 29028192946e0b21440426c5b008f1ed8ffd365b838fcedf1011bda086f3fa5b Request headers :method GET :authority www.folkd.com :scheme https :path /user/vieclambienhoadongnai pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 04:53:04 GMT content-type text/html; charset=utf-8 set-cookie PHPSESSID=2q7cuj3sbug9v2rnkt9umh1ia4; path=/ expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache vary Accept-Encoding cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dqZo3kL7rY%2FPpIPjwmgCzRHWVOPzmVkz5GkDCgDdD63%2BBxBcmbVjgojQTuHicL7AiHonl2EU6vBXKilyr1lO%2BTiw%2F4qmWzV650IYSIAhIpuLZRAezKN%2FVd%2Fmhr4vAci2a3JabhVfGqVEax6J"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 68b5922c8d9505d4-FRA content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3-29	200	folkd.css www.folkd.com/styles/	39 KB 10 KB	29ms 18ms	Stylesheet text/css	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.folkd.com/styles/folkd.css?v=1.20 Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3db2e09adb3a038fa2efa016ef16f84ec56aed13a118201d01ed6b4fedbac56c Request headers :path /styles/folkd.css?v=1.20 pragma no-cache cookie PHPSESSID=2q7cuj3sbug9v2rnkt9umh1ia4 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority www.folkd.com referer https://www.folkd.com/user/vieclambienhoadongnai :scheme https sec-fetch-site same-origin :method GET Referer https://www.folkd.com/user/vieclambienhoadongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 04:53:04 GMT content-encoding br cf-cache-status HIT last-modified Mon, 25 Jan 2021 07:03:16 GMT server cloudflare age 5686 etag W/"9d15-5b9b421dc4f0e-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UkuB9ze1m0Sed32RVshNqx1ao9sIsrCLhPK4TPPLsfpmbo7sSg0aZU5Wvf%2BZX3oTHRZCmZEJbesWdF7h2547Gufh59Vk%2B0Qhyt%2FSLqa2IPvoj4Fl9UUl3cw54kZDsyGDDSHUuIZLydGiJNmu"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 68b5922d4d3e430f-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	api.js Show response www.google.com/recaptcha/	850 B 642 B	15ms 14ms	Script text/javascript	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 34cfd57fc39d692c79b8c064a386331687ac463dc45cfdfa2341437f07fe8497 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 04:53:04 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 554 x-xss-protection 1; mode=block expires Wed, 08 Sep 2021 04:53:04 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	138 KB 49 KB	59ms 57ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 242f365ef4bdf23a11bc25e85c50c1eb0272c2355571e19d8757f195fae67c9e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 04:53:04 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 49532 x-xss-protection 0 server cafe etag 15238775139932521167 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Wed, 08 Sep 2021 04:53:04 GMT
GET H3-29	200	logo.svg www.folkd.com/images/	2 KB 1 KB	16ms 14ms	Image image/svg+xml	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.folkd.com/images/logo.svg Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 56356001ba467fc7240f786c964eb00db91e14603b30b527db7c0db54526b425 Request headers :path /images/logo.svg pragma no-cache cookie PHPSESSID=2q7cuj3sbug9v2rnkt9umh1ia4 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.folkd.com referer https://www.folkd.com/user/vieclambienhoadongnai :scheme https sec-fetch-site same-origin :method GET Referer https://www.folkd.com/user/vieclambienhoadongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 04:53:04 GMT content-encoding br cf-cache-status HIT last-modified Sat, 09 Jan 2021 09:15:21 GMT server cloudflare age 4940 etag W/"68a-5b8741cb69c40" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3EFWu5VuiFyzHYYlF0FDhFr%2FhQS6gXoanXccWSDTroF%2BptwbE5R8Drs8zP%2BZCXXWfbNmh1puMbMEIWF%2BkRAlGwJSpCjL%2FIzBNAWaMZ28nE999xwHaGTjrGQq6QPaa5PB%2BVKO6iN7E%2BM5VRlW"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 68b5922d7d7d430f-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3-29	200	offline.gif www.folkd.com/images/	910 B 1 KB	14ms 13ms	Image image/gif	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.folkd.com/images/offline.gif Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 03538cc5b5491d983dec8a3b1f5bcfbbdd3f07f7a2525b4074e189664280a7a5 Request headers :path /images/offline.gif pragma no-cache cookie PHPSESSID=2q7cuj3sbug9v2rnkt9umh1ia4 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.folkd.com referer https://www.folkd.com/user/vieclambienhoadongnai :scheme https sec-fetch-site same-origin :method GET Referer https://www.folkd.com/user/vieclambienhoadongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 04:53:04 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5611 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 910 last-modified Tue, 16 May 2017 07:09:28 GMT server cloudflare etag "38e-54f9eda3d113c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ve1wpIr8bTC4xb9C9dOYVQu5nKmqeUz2IJnYndpnSOuz7ugUgYxATVAhOVM3S4GxGmh900bGmFcuMXVaKJpa1h8aGSjONmpKUvxwSQSlbh0D9WLSzEX5VJt67lT1veYnV2URTRn4RJbt65F1"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 68b5922d7d7f430f-FRA
GET H3-29	200	userTkcEBFEAAg_big.png www.folkd.com/images/	7 KB 7 KB	16ms 15ms	Image image/png	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.folkd.com/images/userTkcEBFEAAg_big.png Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 547bfceaf709b040835484d1995c17a4eca8ee48eb4703352c67dbfe27c7c706 Request headers :path /images/userTkcEBFEAAg_big.png pragma no-cache cookie PHPSESSID=2q7cuj3sbug9v2rnkt9umh1ia4 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.folkd.com referer https://www.folkd.com/user/vieclambienhoadongnai :scheme https sec-fetch-site same-origin :method GET Referer https://www.folkd.com/user/vieclambienhoadongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 04:53:04 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 24134 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 6755 last-modified Tue, 07 Sep 2021 22:10:50 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JVc66dfT1ulLnJJdKawBketihcFhTEd6Ud2BF5w4M3nTMyAtENLcIeylXOQCHhSRBwikLy%2BeAUIMeub6H49fYe0FAxuWpJenNVbQzP%2Bi9A2wDM0Iy%2BI5UuPqjSfT3hDeZUTrBKM6fu5x3sbR"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=86383066 accept-ranges bytes cf-ray 68b5922d7d82430f-FRA expires Tue, 04 Jun 2024 00:10:50 GMT
GET H3-29	200	userTkcEBFEAAg.png www.folkd.com/images/	1 KB 2 KB	22ms 20ms	Image image/png	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.folkd.com/images/userTkcEBFEAAg.png Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash da04fd5fa27be5ef40b10598ed8f1aa55e399f92f69a40e9527c715241dc55a4 Request headers :path /images/userTkcEBFEAAg.png pragma no-cache cookie PHPSESSID=2q7cuj3sbug9v2rnkt9umh1ia4 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.folkd.com referer https://www.folkd.com/user/vieclambienhoadongnai :scheme https sec-fetch-site same-origin :method GET Referer https://www.folkd.com/user/vieclambienhoadongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 04:53:04 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 410984 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 1481 last-modified Fri, 03 Sep 2021 10:43:20 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZBdJ4ikl%2F8zZChne%2Bou9juwkSIswLv2AhYreHSAwUCMVdDVuAk34a3qLm3y9ZsvDVoELaIOZEhC31tmGu1S1gZzwK3M57iroSN9gZEDCXWE%2FfxFKgtdpa0haHOHaGpqo1GwBkOPmzk5fFhT"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=85996216 accept-ranges bytes cf-ray 68b5922d7d84430f-FRA expires Thu, 30 May 2024 12:43:20 GMT
GET H3-29	200	div_x.gif www.folkd.com/images/	971 B 2 KB	16ms 14ms	Image image/gif	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.folkd.com/images/div_x.gif Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8180abcb91f876e9e3749696063dd70d4125c5389b83b1a85715fc7fea7c4486 Request headers :path /images/div_x.gif pragma no-cache cookie PHPSESSID=2q7cuj3sbug9v2rnkt9umh1ia4 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.folkd.com referer https://www.folkd.com/user/vieclambienhoadongnai :scheme https sec-fetch-site same-origin :method GET Referer https://www.folkd.com/user/vieclambienhoadongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 04:53:04 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1504 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 971 last-modified Tue, 16 May 2017 07:09:28 GMT server cloudflare etag "3cb-54f9eda3a03ff" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i7%2BSzODum2AZTuvzXXItWE7gUnJ2mImxuTdRVtbplKGc7FdTMzxUhQCIfN%2B6QfwVWlxjgGqMBs1xyvY1ftsSwr%2F1eufLd2FDW%2BwMttRFg6ORJDiby41wwSYyAvdTf0%2BJHNPXi1YP7iYJqjOI"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 68b5922d7d85430f-FRA
GET H3-29	200	dot-tag.gif www.folkd.com/images/	989 B 2 KB	22ms 21ms	Image image/gif	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.folkd.com/images/dot-tag.gif Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 09e1e05e792c205625b4692d601237e48a5d5b468b7399bf95024ac833feefa7 Request headers :path /images/dot-tag.gif pragma no-cache cookie PHPSESSID=2q7cuj3sbug9v2rnkt9umh1ia4 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.folkd.com referer https://www.folkd.com/user/vieclambienhoadongnai :scheme https sec-fetch-site same-origin :method GET Referer https://www.folkd.com/user/vieclambienhoadongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 04:53:04 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4939 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 989 last-modified Tue, 16 May 2017 07:09:27 GMT server cloudflare etag "3dd-54f9eda35fcc3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iblgR7HXvKBVPzbk5MZ18Unuu1WjBmUebD9Qy9VHFY44ZSK92bRNenC8Xc3UgZdk2%2Fd%2FExFNzdlnlzdGugzHz257xoFtXlKzSnCV5zjiZxuKvfWboxpP87h3DH%2B2IofQzm00T81QjM3Y1poL"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 68b5922d7d87430f-FRA
GET H3-29	200	email-decode.min.js Show response www.folkd.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	8ms 7ms	Script application/javascript	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.folkd.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers :path /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js pragma no-cache cookie PHPSESSID=2q7cuj3sbug9v2rnkt9umh1ia4 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.folkd.com referer https://www.folkd.com/user/vieclambienhoadongnai :scheme https sec-fetch-site same-origin :method GET Referer https://www.folkd.com/user/vieclambienhoadongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 04:53:04 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 01 Sep 2021 15:49:24 GMT server cloudflare etag W/"612fa104-4d7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options DENY report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rM04VTIZ5PTuqILw0bJ6Ns%2BELL7dTLLq%2BsIIurDbmfWtoU%2BErQWJZN27wfnpCskotkjUcmqo%2BX3B2B0duagEiYITsrR%2FckAa0DdNiVRg6VR4T3jBGR%2BpfeBRTZZhJg7RtDIJrwu%2B20LSmJ3t"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=172800 public nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 68b5922d5d4b430f-FRA vary Accept-Encoding expires Fri, 10 Sep 2021 04:53:04 GMT
GET H2	200	getads.js Show response js.adscale.de/	25 KB 9 KB	278ms 23ms	Script application/javascript	2600:9000:219c:fa00:f:4f64:8940:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.adscale.de/getads.js Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:219c:fa00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5e13ad0fd149b388477adcd6417fd3cf2bc0a71f614c5a51e1845f88ad3b8c12 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-amz-version-id ZL20li_JvYHxoYaMN51c0swp8oSh3FUB content-encoding gzip last-modified Tue, 31 Aug 2021 08:57:04 GMT server AmazonS3 age 6464 etag W/"50bb3a4af6413e0bf7a261465cbb90af" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 4448f6f0cf46259e83792c753f97a4df.cloudfront.net (CloudFront) cache-control max-age=7200 date Wed, 08 Sep 2021 03:05:21 GMT x-amz-cf-pop CDG3-C2 x-amz-cf-id 8ZyIwDxG0HlZnZcwfb-4pYxHzBlDy0D4PANQ6B8h53XdoOLIM_sLaw==
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.4.2/	70 KB 71 KB	257ms 8ms	Script text/javascript	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Mon, 06 Sep 2021 15:10:27 GMT x-content-type-options nosniff age 135757 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 72174 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Tue, 06 Sep 2022 15:10:27 GMT
GET H3-29	200	jquery.cookie.js Show response www.folkd.com/js/	4 KB 2 KB	28ms 26ms	Script text/html	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.folkd.com/js/jquery.cookie.js Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f6a9c99d36c51fabdd3e290c6a7fafb8252e6f34627d37d133ee9381a7880e5 Request headers :path /js/jquery.cookie.js pragma no-cache cookie PHPSESSID=2q7cuj3sbug9v2rnkt9umh1ia4 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.folkd.com referer https://www.folkd.com/user/vieclambienhoadongnai :scheme https sec-fetch-site same-origin :method GET Referer https://www.folkd.com/user/vieclambienhoadongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 04:53:04 GMT content-encoding br cf-cache-status HIT last-modified Wed, 08 Sep 2021 03:18:18 GMT server cloudflare age 5686 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FwKzUMNtHzwOu0jWNV1Zlh%2BUorxyKgJ334IJnypiCUhqDZsE3awyakPiYfkVEsRWdYmotm1uK2d0auaNGdr9824FhHa0Y01CgKuZwLfa96wiLiod3bzwwrkGEOiy5jjgj0fh0tskpy2rm7%2BN"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 68b5922d7d77430f-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3-29	200	common.js Show response www.folkd.com/js/	12 KB 4 KB	33ms 32ms	Script text/javascript	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.folkd.com/js/common.js Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c5cdd1311fda5aefb51f9945fb526884dfc01e9468dced4bffdb4bd65b5a723c Request headers :path /js/common.js pragma no-cache cookie PHPSESSID=2q7cuj3sbug9v2rnkt9umh1ia4 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.folkd.com referer https://www.folkd.com/user/vieclambienhoadongnai :scheme https sec-fetch-site same-origin :method GET Referer https://www.folkd.com/user/vieclambienhoadongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Wed, 08 Sep 2021 04:53:04 GMT content-encoding br cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2F6YQUSqmgz0rT9ECkBx%2BafRaXrsOmp9sqT5KP3HDmYNsTbdEsbGJHnmAwISNXlV63F10Zzj%2BKEY3PIGd%2BI6s20Av4h%2Bn%2FrvFGvcBSHFH92ca%2FK%2Fubtmld8v25OTbUnzFV1PUA0Fu29O1fO6"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 68b5922d7d79430f-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H3-29	200	page_userdetails.js Show response www.folkd.com/js/	483 B 813 B	16ms 14ms	Script text/html	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.folkd.com/js/page_userdetails.js Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ca7e8fd30f014ba4d5a9a1e6ea49beb7df76cfe6053e9ca0cc267f45f92e1a8 Request headers :path /js/page_userdetails.js pragma no-cache cookie PHPSESSID=2q7cuj3sbug9v2rnkt9umh1ia4 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.folkd.com referer https://www.folkd.com/user/vieclambienhoadongnai :scheme https sec-fetch-site same-origin :method GET Referer https://www.folkd.com/user/vieclambienhoadongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 04:53:04 GMT content-encoding br cf-cache-status HIT last-modified Wed, 08 Sep 2021 03:38:22 GMT server cloudflare age 4482 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0t%2Fncw4dgFoEaqOcjCKsc3YdLAgIfn4OCNO5VtNHe2nwgPOZvBm6URjOKEF2FHNXFrrxtXSmc65qXKdWhAlrPtBKjTwpJ1j3KVrqjqZvI%2BKsC5KswKAnkDP%2B2YJekay7cPm6AdZWM3ZjAV1g"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 68b5922d7d7c430f-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	js Show response www.googletagmanager.com/gtag/	101 KB 40 KB	16ms 14ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-4499241-1 Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash f8ceef4a3c486b1b98b59a04c39fb33801eb025e96574bb2ca9bd98a442edc7d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 04:53:04 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 41199 x-xss-protection 0 last-modified Wed, 08 Sep 2021 03:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 08 Sep 2021 04:53:04 GMT
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/	340 KB 133 KB	7ms 5ms	Script text/javascript	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4e4f76389625a4e86c8328c2d1e01de5e3bb22dfd06edb9873313a6da47e4e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.folkd.com Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 07 Sep 2021 19:19:52 GMT content-encoding gzip x-content-type-options nosniff age 34392 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 135849 x-xss-protection 0 last-modified Mon, 30 Aug 2021 17:56:35 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 07 Sep 2022 19:19:52 GMT
GET H3-29	200	folkd-sprite.png www.folkd.com/images/	121 KB 122 KB	21ms 20ms	Image image/png	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.folkd.com/images/folkd-sprite.png Requested by Host: www.folkd.com URL: https://www.folkd.com/styles/folkd.css?v=1.20 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 688811b41e86684db597160601b55b64ef059d2fba49dfd5651d65f865de7738 Request headers :path /images/folkd-sprite.png pragma no-cache cookie PHPSESSID=2q7cuj3sbug9v2rnkt9umh1ia4 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.folkd.com referer https://www.folkd.com/styles/folkd.css?v=1.20 :scheme https sec-fetch-site same-origin :method GET Referer https://www.folkd.com/styles/folkd.css?v=1.20 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 04:53:04 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4939 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 123879 last-modified Tue, 16 May 2017 07:09:28 GMT server cloudflare etag "1e3e7-54f9eda3e49bb" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5iST6u189%2Fp6HjmgZRlQ51yXWPsFdrl9FfwblVe%2BuCPWrKrtDmYACPtfBQsMFSmuvBVGMNeYt%2BxUgQ9C3wfKEuqZxrt7cTcd5oJTnyFkt7R3wf01u4CsOnRDRXsHq4DkSFO9UMFPg%2FDs%2F65n"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 68b5922d7d8a430f-FRA
GET H3-29	200	new_updates_bnr.png www.folkd.com/images/	11 KB 12 KB	19ms 19ms	Image image/png	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.folkd.com/images/new_updates_bnr.png?v=3 Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a6c5626e0eab1555c89fd50d7f166f3e5ecd812a28c94fc842051dcec1191a5 Request headers :path /images/new_updates_bnr.png?v=3 pragma no-cache cookie PHPSESSID=2q7cuj3sbug9v2rnkt9umh1ia4 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.folkd.com referer https://www.folkd.com/user/vieclambienhoadongnai :scheme https sec-fetch-site same-origin :method GET Referer https://www.folkd.com/user/vieclambienhoadongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 04:53:04 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4940 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 11344 last-modified Mon, 22 Feb 2021 14:37:04 GMT server cloudflare etag "2c50-5bbedbc478400" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qn6MWHRIn5HcL6oTN67%2FotSBaQBdIlyPDiva8a29ED19OAlUP602J9WfJHPJTDMMh9XdNx9U5T%2Bq%2BOOdaFkVdVPdkdqw47m6szUcdQyT8%2FZqoU1HgUVUoHKSRNt9Xp70haTOneyDfZ3mMUMS"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 68b5922d7d8c430f-FRA
GET H3-29	200	show_ads_impl_with_ama_fy2019.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/	250 KB 93 KB	31ms 31ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3319618738478027&plah=www.folkd.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d739f4e9502d3c672029d4580ddff6e52872660508cc4b3f5c2eb2735c66a466 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 04:53:04 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 95175 x-xss-protection 0 server cafe etag 18091442808060632251 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Wed, 08 Sep 2021 04:53:04 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20210901/r20190131/ Frame 74DB	10 KB 5 KB	6ms 6ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20210901/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/html/r20210901/r20190131/zrt_lookup.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.folkd.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://www.folkd.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Tue, 07 Sep 2021 19:22:39 GMT expires Tue, 21 Sep 2021 19:22:39 GMT content-type text/html; charset=UTF-8 etag 13836150016441684253 x-content-type-options nosniff content-encoding gzip server cafe content-length 4591 x-xss-protection 0 age 34225 cache-control public, max-age=1209600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	tag.js Show response mc.yandex.ru/metrika/	224 KB 72 KB	44ms 44ms	Script application/javascript	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/tag.js Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 96e61209b1c1fff1abe78fb763fbf093a04e6e992dc24b299ab1c4c5f4272f16 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 04:53:04 GMT content-encoding br last-modified Tue, 07 Sep 2021 11:30:22 GMT etag "61372b26-11d31" strict-transport-security max-age=31536000 content-type application/javascript access-control-allow-origin * cache-control max-age=3600 content-length 73009 expires Wed, 08 Sep 2021 05:53:04 GMT
GET H2	200	impr Show response gaa.adscale.de/	3 KB 4 KB	216ms 172ms	Script text/javascript	75.2.86.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gaa.adscale.de/impr?v=2&sid=YjY2ODA=&nu=0&t=1631076784543&ssl=1&pos=below&ws=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&uuid=20d002e4-6d52-4b70-824f-05dcf51d7672 Requested by Host: js.adscale.de URL: https://js.adscale.de/getads.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 75.2.86.129 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a3436eee63857ff41.awsglobalaccelerator.com Software / Resource Hash a00f923a354fd952b6534e29fd50ebc0d57c61bd26eaeb97ae458aa0c7880baa Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 04:53:04 GMT cache-control no-cache p3p CP=NOI PSA OUR x-robots-tag none content-length 3294 content-type text/javascript
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 19 KB	8ms 6ms	Script text/javascript	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-4499241-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 11 Aug 2021 00:32:57 GMT server Golfe2 age 64 date Wed, 08 Sep 2021 04:52:00 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19747 expires Wed, 08 Sep 2021 06:52:00 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	199 B 655 B	46ms 15ms	Script text/javascript	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=www.folkd.com&callback=_gfp_s_&client=ca-pub-3319618738478027 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3319618738478027&plah=www.folkd.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f2.1e100.net Software cafe / Resource Hash 1477415ee29280962e51a5731cfd16c89abf30e7f8f9c4d33efb3a1657c4d8f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 04:53:04 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 190 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 853 B	39ms 14ms	Script application/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.folkd.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3319618738478027&plah=www.folkd.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers timing-allow-origin * date Wed, 08 Sep 2021 04:53:04 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 570 B	41ms 15ms	Script application/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.folkd.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3319618738478027&plah=www.folkd.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers timing-allow-origin * date Wed, 08 Sep 2021 04:53:04 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame AE6E	0 16 B	20ms 19ms	Document text/html	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?gdpr_consent=tcunavailable&tcfe=3&client=ca-pub-3319618738478027&output=html&adk=3046330955&adf=2044148826&lmt=1631076784&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1631076784492&bpp=3&bdt=301&idt=74&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3095720144029&frm=20&pv=2&ga_vid=924235679.1631076785&ga_sid=1631076785&ga_hid=1553949489&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061690%2C31062297&oid=3&pvsid=2357618819144800&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=108 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3319618738478027&plah=www.folkd.com Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?gdpr_consent=tcunavailable&tcfe=3&client=ca-pub-3319618738478027&output=html&adk=3046330955&adf=2044148826&lmt=1631076784&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1631076784492&bpp=3&bdt=301&idt=74&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3095720144029&frm=20&pv=2&ga_vid=924235679.1631076785&ga_sid=1631076785&ga_hid=1553949489&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061690%2C31062297&oid=3&pvsid=2357618819144800&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=108 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.folkd.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://www.folkd.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff date Wed, 08 Sep 2021 04:53:04 GMT server cafe content-length 0 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/	72 KB 27 KB	15ms 14ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3319618738478027&plah=www.folkd.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fecb5df18e8faa43dc3aa3f49ffd7224c84e378eb7514326a9ca3757a42daf35 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 04:53:04 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1630694577084272" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27575 x-xss-protection 0 expires Wed, 08 Sep 2021 04:53:04 GMT
POST H3-29	200	collect Show response www.google-analytics.com/j/	2 B 22 B	13ms 13ms	XHR text/plain	2a00:1450:4001:809::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1553949489&t=pageview&_s=1&dl=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&ul=en-us&de=UTF-8&dt=vieclambienhoadongnai%20%7C%20user%20details%20%7C%20folkd.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=527948783&gjid=77569713&cid=924235679.1631076785&tid=UA-4499241-1&_gid=1305291497.1631076785&_r=1&gtm=2ou910&z=1260686779 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 08 Sep 2021 04:53:04 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.folkd.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 84 B	14ms 14ms	XHR text/plain	2a00:1450:400c:c08::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-4499241-1&cid=924235679.1631076785&jid=527948783&gjid=77569713&_gid=1305291497.1631076785&_u=YAhAAUAAAAAAAC~&z=418014470 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Wed, 08 Sep 2021 04:53:04 GMT content-type text/plain access-control-allow-origin https://www.folkd.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	400	sync_cookie_image_decide mc.yandex.com/ Redirect Chain https://mc.yandex.com/sync_cookie_image_check https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9390.5noI4h7EYvTB924vRmju9dDU8YJ_OjYIiNFLasCG-wH1aZJCJcgRuShDnnddWFLs.2BXHl8UssaHyE37BXy6hQODR-_o%2C https://mc.yandex.com/sync_cookie_image_decide?token=9390.N_a6yQUnxv62vnti3rrvxaCowwuzFxIXLw8zIp6uItrxZnAdeX8oq6T7nPfYSRmsvgN8ugmPATPRZCYNX-r2BQ%2C%2C.yQ4O0SDZEZPvMqGSsmDuLeHt-yU%2C	75 B 75 B	43ms 43ms	Image text/html	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/sync_cookie_image_decide?token=9390.N_a6yQUnxv62vnti3rrvxaCowwuzFxIXLw8zIp6uItrxZnAdeX8oq6T7nPfYSRmsvgN8ugmPATPRZCYNX-r2BQ%2C%2C.yQ4O0SDZEZPvMqGSsmDuLeHt-yU%2C Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 04:53:04 GMT strict-transport-security max-age=31536000 content-length 75 x-xss-protection 1; mode=block content-type text/html; charset=utf-8 Redirect headers location https://mc.yandex.com/sync_cookie_image_decide?token=9390.N_a6yQUnxv62vnti3rrvxaCowwuzFxIXLw8zIp6uItrxZnAdeX8oq6T7nPfYSRmsvgN8ugmPATPRZCYNX-r2BQ%2C%2C.yQ4O0SDZEZPvMqGSsmDuLeHt-yU%2C date Wed, 08 Sep 2021 04:53:04 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
GET H2	200	advert.gif mc.yandex.com/metrika/	43 B 136 B	43ms 42ms	Image image/gif	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/metrika/advert.gif Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 04:53:04 GMT last-modified Tue, 07 Sep 2021 09:18:09 GMT etag "61372b26-2b" strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes content-length 43 expires Wed, 08 Sep 2021 05:53:04 GMT
GET H2	403	userconnect.js js.adscale.de//	0 0	111ms 110ms	Script application/xml	2600:9000:219c:fa00:f:4f64:8940:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.adscale.de//userconnect.js Requested by Host: js.adscale.de URL: https://js.adscale.de/getads.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:219c:fa00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers
GET H/1.1	200	Cookie set ShowAd Show response brain.rvty.net/RTB/ Frame 6586	1 KB 1 KB	36ms 13ms	Document text/html	89.163.211.233 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=c5052b90fcd0443da26cfb3b36e9a8d1&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a5afe100-5c9d-4224-9ced-cc51fa167298&euid=1bf8a1509892379407d70dfaa8acc9ae7b58e4a0be61571145e5b6ddb36d8944&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent= Requested by Host: js.adscale.de URL: https://js.adscale.de/getads.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx/1.13.4 / Resource Hash 320827258ef079f46db65ff09f4e0bede57d8872ed5142941c8fd93127f2ba8e Request headers Host brain.rvty.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.folkd.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://www.folkd.com/ Response headers Server nginx/1.13.4 Date Wed, 08 Sep 2021 04:53:04 GMT Content-Type text/html;charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Set-Cookie RTBUserId=a5afe100-5c9d-4224-9ced-cc51fa167298; path=/; SameSite=None; secure; Expires=Thu, 08 Sep 2022 06:53:04 CEST RTBUserId-Old=a5afe100-5c9d-4224-9ced-cc51fa167298; path=/; secure; Expires=Thu, 08 Sep 2022 06:53:04 CEST RTBUserId-Plain=a5afe100-5c9d-4224-9ced-cc51fa167298; path=/; Expires=Thu, 08 Sep 2022 06:53:04 CEST P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Content-Encoding gzip
GET H/1.1	204 No Content	imp Show response trx.adscale.de/ Frame 8D8F	0 148 B	66ms 16ms	Script application/javascript	35.157.44.220 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trx.adscale.de/imp?ej=Njc3NTI3NDhjYmI5NDAzM4EBzZvlYbPt0ieoi3xQkO-0Y_n50gOKi-pDheYbYqmZlk_bkLxq_uKLL9eDajbA9PM8r_HRGtzYuhnksloB9sPLCJrI5Db-q8N3h-YpI8zy_Tur-NMAyZP3QLPUBQG-l4xvwpW2IvOxxXCB5Sgxh7q8V5alghjGgv9AtcsdCLLgnnu00PF9tMubYo_pJDmG0qdM0unBS9X-rwfpj0YOt-OXfuPY8nztz55iir9kIpWC4h2XsZ0SubbuB6iFVA638Y5y4_j5MIOH3zGfsXgsxIL-IoKKjV7m9ZZVvYtJHvKu3Ebx-t0_lIH4MM_CLTzInO9q05O0W7a72giu-xpZ-fjbWOSrhW-CjuMwncN-b8DMvzrUk-cMurqCErHhFwaktJ0A9qPWLpaY8WHBs3J37dC_OtSR5kqmqMME9Z5EE9jikg62ptZnnpr3YtiucXe7hKc_0pHgUKy420CvxxUD06adDuShzHLE3bInx7M3OeWWrSLG07gQh7zfV6baUFes8o8Y9OqKIbCN7XuEuzQ23Ibqar2OqBuS6owaqYwNVeng31_Z7Zw2_579dsKuIXeAja8tvJ7vX5DwqQ-yywNNsqGNTtPrgSviiepg1q4hd5DlyGz_yeVOlOCJBYLXURKy3-ooupquGtuwqymgszRk27yPZ8m4lDiM-eVt7-RnRvee_xWm3OFb6YusCc3eRSKfs8p3kr7WOdDtlG3gsyIQpsXoW7Dbrkm_nvEJtcBHYu-hymGS6swvh__APIX5f1vdkv1Yptr7S7DPpFrkmEc6vvHEOcPtmX6IqpA71PoiDI_E8wjy2awbvcimX7CYETrr_Mo8xvuAOc6n0y3T_VhKycboBP_Vsg33ieUZ_c16ZuughGuQp-J_nuqAO8f9VFbHguUP48SDE_un4UmglDoGovCGao2woSnLidR8jLZZdMeR8gP71ehN6bP2TbiAaUL3s94hl7SGKYDdkR3Z5wxgzZG9TvnG502uufQ_9cVqCb_iyQyQosV3npfEC9nnDGDNkb1e8cyuVaSn6jvtyy4GpOPOKrOlzyaGndsV3ecMYcGNqk_Bh_UE67_3N7yAaUP7r5x_6qXZJpvNnljO6R062ZWsU8jWqkq59-oqu4wxGL38wTampcMl19XQCOzFdV3ir4pv9eaRZIeQgirA5xYyjNzvAYGv_wLosrgIjqhJccOSvETP-6BRvODxRsmKZVOg_dI3qpXUB9mSgi-m5EdpgqicfOTag0n7vqBdw4AyCufM3gWpu_EuktCCZ7fyR2_L7q126M_TFKD8oALPkS8OpYnIJIm7tjaazY4y47NMYdb9gUrq18NS_77aXZfSICCjmegvhLSmcMXYuzHktwwCxfCaXPDk1BmmvflYgJU2dreF_3DSnb18ytmVN_bwZRPU6pEUgfjJCbr7r1GXnBZ2-Mj-ZuifoGfsnt0i_vN4VMLqrCOkspJW3KfzEsbdSWXgxo5M1tv1P7Lmg2Lk52sBiOSibrmpnFjbiMAOkZQfZPrGmEzdzPAxre2yd7zxagfL6_th7P7BE4HP0xPdgR5iuaqLEc7E43TgrvE__-B6A8ne7mOYoZEHicGfHcXCKEaF89xSqJm_Nb_vriTn7goi9oOdNsnpy1DNuctWlIdlTNS5v2SMpeZi_InyeKS0S3n2lZ0H48qNC5ncgR3W-SoNlf34Y8Hw62r1r-Qx9ItPbvCUjgalo5gaoMaAE87tLgKD8aIkzMX5StKj83agmQw45ZDOV6np2y-nypc10vB4XYrAvDLajLVbhfDxVL6DHXGopclbvsXRbtWClCfb7WlTksOoN82g_Uyw9_1DiIUIIfen4VOd0pg_1ZmJYbLjaU2Ews1x-KfxW4Xs6yLdjgQi6pK_FIvCny-n1o1Dsf1hDsjz22foo_NK4rf_LdiTBn3qyelJ2ubef86VjF6ow2cPnqeMO5-HrBGn--stivlWIabioQ6zpc9-1I_JF77XZmSL140s18y8DrjusEfXrwMIwrOvFvX52myK24l-4s4yOqCHyyTGm7kK6-69TtWvUViZt_sT9aubd8vO3fPcww==&rns=ZWU3MTgyOTExMzNhNGVkNW23EKjIEKkdF_NwtS2gk4UO0yCc_CPNfCXFE9NPk_G2OLYZ_cRH_F4J5328O_qXz2_fd5OhNd5kfZUI2RfY-aAbthHq7VqtAQ-3Mq1lrZyMOcIz0NxqgSNt3lbEAY-mrgjgH_KwH_NPT-Q4sW3j246Z_JKP Requested by Host: js.adscale.de URL: https://js.adscale.de/getads.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.157.44.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-44-220.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Content-Type application/javascript; charset=UTF-8 Cache-Control max-age=3600 Expires Wed, 8 Sep 2021 05:53:04 GMT
GET H/1.1	200 OK	ads_view.js Show response cdn.rvty.net/view/ Frame 6586	3 KB 4 KB	34ms 10ms	Script application/javascript	89.163.211.242 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://cdn.rvty.net/view/ads_view.js Requested by Host: brain.rvty.net URL: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=c5052b90fcd0443da26cfb3b36e9a8d1&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a5afe100-5c9d-4224-9ced-cc51fa167298&euid=1bf8a1509892379407d70dfaa8acc9ae7b58e4a0be61571145e5b6ddb36d8944&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.163.211.242 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx/1.13.4 / Resource Hash 00bb2f69ab06efff6555f6ccae10902e87bb6aea861e83de082a45a07e525054 Request headers Referer https://brain.rvty.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 08 Sep 2021 04:53:04 GMT Last-Modified Fri, 20 Dec 2019 09:27:25 GMT Server nginx/1.13.4 ETag "5dfc93fd-d40" Content-Type application/javascript Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Content-Length 3392
GET H/1.1	200	GoogleMatch brain.rvty.net/RTB/ Frame 6586 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=easymedia&google_cm https://cm.g.doubleclick.net/pixel?google_nid=easymedia&google_cm=&google_tc= https://brain.rvty.net/RTB/GoogleMatch?google_gid=CAESEIdhU5OkRCNW8_LpYN-irH8&google_cver=1	43 B 553 B	11ms 11ms	Image image/gif	89.163.211.233 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://brain.rvty.net/RTB/GoogleMatch?google_gid=CAESEIdhU5OkRCNW8_LpYN-irH8&google_cver=1 Requested by Host: brain.rvty.net URL: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=c5052b90fcd0443da26cfb3b36e9a8d1&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a5afe100-5c9d-4224-9ced-cc51fa167298&euid=1bf8a1509892379407d70dfaa8acc9ae7b58e4a0be61571145e5b6ddb36d8944&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx/1.13.4 / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Referer https://brain.rvty.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 08 Sep 2021 04:53:04 GMT Server nginx/1.13.4 Connection keep-alive Content-Length 43 Content-Type image/gif Redirect headers pragma no-cache date Wed, 08 Sep 2021 04:53:04 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://brain.rvty.net/RTB/GoogleMatch?google_gid=CAESEIdhU5OkRCNW8_LpYN-irH8&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 292 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	1 Show response mc.yandex.com/watch/71239210/ Redirect Chain https://mc.yandex.com/watch/71239210?wmode=7&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A236%3... https://mc.yandex.com/watch/71239210/1?wmode=7&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A236...	331 B 413 B	43ms 43ms	XHR application/json	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/71239210/1?wmode=7&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A236%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A783575783570%3Ahid%3A593722424%3Az%3A120%3Ai%3A20210908065304%3Aet%3A1631076785%3Ac%3A1%3Arn%3A488413890%3Au%3A163107678547609850%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1631076784057%3Ads%3A7%2C16%2C106%2C1%2C0%2C0%2C%2C336%2C1%2C%2C%2C%2C470%3Adsn%3A7%2C16%2C106%2C1%2C0%2C0%2C%2C337%2C0%2C%2C%2C%2C470%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631076785%3At%3Avieclambienhoadongnai%20%7C%20user%20details%20%7C%20folkd.com Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 21ff772703e61055ca174f41aab5ed319adf72fb39f7faa8c97ce836bf26db09 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Wed, 08 Sep 2021 04:53:04 GMT x-content-type-options nosniff last-modified Wed, 08-Sep-2021 04:53:04 GMT strict-transport-security max-age=31536000 content-type application/json; charset=utf-8 access-control-allow-origin https://www.folkd.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 331 x-xss-protection 1; mode=block expires Wed, 08-Sep-2021 04:53:04 GMT Redirect headers pragma no-cache date Wed, 08 Sep 2021 04:53:04 GMT last-modified Wed, 08-Sep-2021 04:53:04 GMT location /watch/71239210/1?wmode=7&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A236%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A783575783570%3Ahid%3A593722424%3Az%3A120%3Ai%3A20210908065304%3Aet%3A1631076785%3Ac%3A1%3Arn%3A488413890%3Au%3A163107678547609850%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1631076784057%3Ads%3A7%2C16%2C106%2C1%2C0%2C0%2C%2C336%2C1%2C%2C%2C%2C470%3Adsn%3A7%2C16%2C106%2C1%2C0%2C0%2C%2C337%2C0%2C%2C%2C%2C470%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631076785%3At%3Avieclambienhoadongnai%20%7C%20user%20details%20%7C%20folkd.com strict-transport-security max-age=31536000 access-control-allow-origin https://www.folkd.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Wed, 08-Sep-2021 04:53:04 GMT
GET H/1.1	200 OK	4sxtd47yng2k Show response ad.ad-srv.net/zone/ Frame 6586	10 KB 3 KB	44ms 12ms	Script text/html	138.201.63.164 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ad.ad-srv.net/zone/4sxtd47yng2k?subid=&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&redirectClick=http%3A%2F%2Fbrain.rvty.net%2FRTB%2FClick%3Fx%3DEASY-X-COORDINATE%26y%3DEASY-Y-COORDINATE%26s%3D1567140%26a%3D146060%26t%3D1631076784797%26l%3D-875671883%26p%3D17%26appid%3D%26aa%3Dc5052b90fcd0443da26cfb3b36e9a8d1%26gdpr%3D0%26gdpr_consent%3D%26dest%3D Requested by Host: brain.rvty.net URL: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=c5052b90fcd0443da26cfb3b36e9a8d1&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a5afe100-5c9d-4224-9ced-cc51fa167298&euid=1bf8a1509892379407d70dfaa8acc9ae7b58e4a0be61571145e5b6ddb36d8944&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent= Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.164 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.164.63.201.138.clients.your-server.de Software Apache / Resource Hash c0ef070a825712c0b38ef2fd65570d65f9d75a5114ec1b725d95f1f3130235f5 Request headers Referer https://brain.rvty.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 08 Sep 2021 04:53:04 GMT Content-Encoding gzip Server Apache Connection close Content-Length 2844 Vary Accept-Encoding Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	request.php Show response ad8.ad-srv.net/ Frame 6586 Redirect Chain https://ad8.ad-srv.net/request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=68b7f0c83a&subid=&uid=272ceaaa7363148b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x60... https://ad8.ad-srv.net/request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=68b7f0c83a&subid=&uid=272ceaaa7363148b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x60...	2 KB 1 KB	63ms 41ms	Script application/x-javascript	138.201.63.150 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ad8.ad-srv.net/request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=68b7f0c83a&subid=&uid=272ceaaa7363148b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fbrain.rvty.net%2FRTB%2FClick%3Fx%3DEASY-X-COORDINATE%26y%3DEASY-Y-COORDINATE%26s%3D1567140%26a%3D146060%26t%3D1631076784797%26l%3D-875671883%26p%3D17%26appid%3D%26aa%3Dc5052b90fcd0443da26cfb3b36e9a8d1%26gdpr%3D0%26gdpr_consent%3D%26dest%3D&documentReferer=https%3A%2F%2Fwww.folkd.com%2F&ancestorOrigins=https%3A%2F%2Fwww.folkd.com%2Chttps%3A%2F%2Fwww.folkd.com&random=3044312585084&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Requested by Host: brain.rvty.net URL: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=c5052b90fcd0443da26cfb3b36e9a8d1&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a5afe100-5c9d-4224-9ced-cc51fa167298&euid=1bf8a1509892379407d70dfaa8acc9ae7b58e4a0be61571145e5b6ddb36d8944&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent= Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.150 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.150.63.201.138.clients.your-server.de Software Apache / Resource Hash 126f7fa305b631da6b90f07eebe51ed7d425f5a8ac82cff93e91016039753409 Request headers Referer https://brain.rvty.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Pragma no-cache Date Wed, 08 Sep 2021 04:53:04 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-store, no-cache, must-revalidate, max-age=0 X-NEORY-SubId 14101300027621401324219011711008 Connection close Content-Type application/x-javascript; charset=utf-8 Content-Length 733 Expires Wed, 08 Sep 2021 05:53:04 +0200 Redirect headers Pragma no-cache Date Wed, 08 Sep 2021 04:53:04 GMT Server Apache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Location request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=68b7f0c83a&subid=&uid=272ceaaa7363148b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fbrain.rvty.net%2FRTB%2FClick%3Fx%3DEASY-X-COORDINATE%26y%3DEASY-Y-COORDINATE%26s%3D1567140%26a%3D146060%26t%3D1631076784797%26l%3D-875671883%26p%3D17%26appid%3D%26aa%3Dc5052b90fcd0443da26cfb3b36e9a8d1%26gdpr%3D0%26gdpr_consent%3D%26dest%3D&documentReferer=https%3A%2F%2Fwww.folkd.com%2F&ancestorOrigins=https%3A%2F%2Fwww.folkd.com%2Chttps%3A%2F%2Fwww.folkd.com&random=3044312585084&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Type text/html; charset=UTF-8 Content-Length 0 Expires Wed, 08 Sep 2021 05:53:04 +0200
GET H2	200	ztpv.php Show response www.conrad.de/ Frame 2467 Redirect Chain https://www.awin1.com/cshow.php?s=2470169&v=11354&q=371933&r=278235&pv=1&pref1=14101300027621401324219011711008&gdpr=&gdpr_consent= https://www.zenaps.com/cshow.php?pvr=a7411d50-1060-11ec-855b-692d0ae1a3be&v=11354&r=278235&q=371933&s=2470169&viewref=14101300027621401324219011711008&pv=1&gdpr=&gdpr_consent= https://www.conrad.de/ztpv.php?awc=11354_278235_1631076785_a7411d50-1060-11ec-855b-692d0ae1a3be&insert=AW	0 712 B	51ms 33ms	Document text/html	2606:4700::6812:7e05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.conrad.de/ztpv.php?awc=11354_278235_1631076785_a7411d50-1060-11ec-855b-692d0ae1a3be&insert=AW Requested by Host: ad8.ad-srv.net URL: https://ad8.ad-srv.net/request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=68b7f0c83a&subid=&uid=272ceaaa7363148b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fbrain.rvty.net%2FRTB%2FClick%3Fx%3DEASY-X-COORDINATE%26y%3DEASY-Y-COORDINATE%26s%3D1567140%26a%3D146060%26t%3D1631076784797%26l%3D-875671883%26p%3D17%26appid%3D%26aa%3Dc5052b90fcd0443da26cfb3b36e9a8d1%26gdpr%3D0%26gdpr_consent%3D%26dest%3D&documentReferer=https%3A%2F%2Fwww.folkd.com%2F&ancestorOrigins=https%3A%2F%2Fwww.folkd.com%2Chttps%3A%2F%2Fwww.folkd.com&random=3044312585084&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers :method GET :authority www.conrad.de :scheme https :path /ztpv.php?awc=11354_278235_1631076785_a7411d50-1060-11ec-855b-692d0ae1a3be&insert=AW pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://brain.rvty.net/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://brain.rvty.net/ Response headers date Wed, 08 Sep 2021 04:53:05 GMT content-type text/html; charset=UTF-8 server-timing intid;desc=c77c29eac06209f5 intid;desc=82090fbd87a03841 cache-control no-cache expires -1 set-cookie HTLP_timestamp=1631076785; expires=Mon, 13-Sep-2021 04:53:05 GMT; Max-Age=432000; path=/; secure; SameSite=None CEAffHA=YD; expires=Mon, 13-Sep-2021 04:53:05 GMT; Max-Age=432000; path=/; secure; SameSite=None __cf_bm=sWYNl4yarXLLpbS14ETf58u.3yNrjqEv7ESJnAfXg.8-1631076785-0-AYaCyNL0Bgqw7oXoV5DoXuQMebOFTM4xt57GJujScBzdH1TH+5dD9n+iVNFxnCm/NGozqBF5kzEKKPTcCatWh9k=; path=/; expires=Wed, 08-Sep-21 05:23:05 GMT; domain=.www.conrad.de; HttpOnly; Secure; SameSite=None p3p policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR" age 0 strict-transport-security max-age=15552000 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 68b592335e07435d-FRA content-encoding br Redirect headers Location https://www.conrad.de/ztpv.php?awc=11354_278235_1631076785_a7411d50-1060-11ec-855b-692d0ae1a3be&insert=AW Node Helix P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Content-Length 0 Date Wed, 08 Sep 2021 04:53:05 GMT Connection keep-alive Set-Cookie awpv11354=278235|1631076785|a7411d50-1060-11ec-855b-692d0ae1a3be;domain=.zenaps.com;path=/;expires=Saturday, 11-Sep-2021 04:53:05 UTC;Secure;SameSite=None AWSESS=377133:2470169;domain=.zenaps.com;path=/;Secure;SameSite=None Strict-Transport-Security max-age=86400 Awin-Akamai-Rule-Set default
GET H/1.1	200 OK	request_content.php Show response ad8.ad-srv.net/ Frame D2E3	6 KB 2 KB	53ms 18ms	Document text/html	138.201.63.150 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ad8.ad-srv.net/request_content.php?s=14101300027621401324219011711008&a=8c2c0a3c Requested by Host: ad8.ad-srv.net URL: https://ad8.ad-srv.net/request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=68b7f0c83a&subid=&uid=272ceaaa7363148b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fbrain.rvty.net%2FRTB%2FClick%3Fx%3DEASY-X-COORDINATE%26y%3DEASY-Y-COORDINATE%26s%3D1567140%26a%3D146060%26t%3D1631076784797%26l%3D-875671883%26p%3D17%26appid%3D%26aa%3Dc5052b90fcd0443da26cfb3b36e9a8d1%26gdpr%3D0%26gdpr_consent%3D%26dest%3D&documentReferer=https%3A%2F%2Fwww.folkd.com%2F&ancestorOrigins=https%3A%2F%2Fwww.folkd.com%2Chttps%3A%2F%2Fwww.folkd.com&random=3044312585084&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.150 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.150.63.201.138.clients.your-server.de Software Apache / Resource Hash 7b10db150dba0ba9db371c12c915e89a082fa0a0c0af0896e60585398d047912 Request headers Host ad8.ad-srv.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://brain.rvty.net/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie kdb0xdq3ls8m_uid=43d1def901ad980b Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://brain.rvty.net/ Response headers Date Wed, 08 Sep 2021 04:53:05 GMT Server Apache Cache-Control no-store, no-cache, must-revalidate, max-age=0 Expires Wed, 08 Sep 2021 05:53:05 +0200 Pragma no-cache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Vary Accept-Encoding Content-Encoding gzip Content-Length 2057 Connection close Content-Type text/html; charset=utf-8
GET H/1.1	200 OK	jquery-1.10.2.min.js Show response cdn.rvty.net/_files/js/ Frame B817	91 KB 91 KB	14ms 14ms	Script application/javascript	89.163.211.242 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js Requested by Host: cdn.rvty.net URL: https://cdn.rvty.net/view/ads_view.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.163.211.242 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx/1.13.4 / Resource Hash 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988 Request headers Referer https://brain.rvty.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 08 Sep 2021 04:53:05 GMT Last-Modified Wed, 08 Jan 2020 08:13:37 GMT Server nginx/1.13.4 ETag "5e158f31-16bb3" Content-Type application/javascript Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Content-Length 93107
POST H/1.1	200	Visibility Show response brain.rvty.net/RTB/ Frame B817	0 119 B	10ms 10ms	XHR text/plain	89.163.211.233 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://brain.rvty.net/RTB/Visibility Requested by Host: cdn.rvty.net URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx/1.13.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept */* Referer https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=c5052b90fcd0443da26cfb3b36e9a8d1&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a5afe100-5c9d-4224-9ced-cc51fa167298&euid=1bf8a1509892379407d70dfaa8acc9ae7b58e4a0be61571145e5b6ddb36d8944&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent= X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Wed, 08 Sep 2021 04:53:05 GMT Server nginx/1.13.4 Connection keep-alive Content-Length 0
GET H2	200	Schulanfang_160x600 asset.conrad.com/media10/isa/160267/c1/-/de/ Frame D2E3 Redirect Chain https://www.awin1.com/cshow.php?s=2470169&v=11354&q=371933&r=278235&pref1=14101300027621401324219011711008&gdpr=&gdpr_consent= https://www.zenaps.com/cshow.php?pvr=a744ede0-1060-11ec-a85c-692d033a3c28&v=11354&r=278235&q=371933&s=2470169&viewref=14101300027621401324219011711008&gdpr=&gdpr_consent= https://asset.conrad.com/media10/isa/160267/c1/-/de/Schulanfang_160x600?format=gif	19 KB 20 KB	60ms 20ms	Image image/gif	178.79.227.54 LLNW
General Check archive.org Show headers Download Go to Show image Full URL https://asset.conrad.com/media10/isa/160267/c1/-/de/Schulanfang_160x600?format=gif Requested by Host: ad8.ad-srv.net URL: https://ad8.ad-srv.net/request_content.php?s=14101300027621401324219011711008&a=8c2c0a3c Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.79.227.54 , United States, ASN22822 (LLNW, US), Reverse DNS https-178-79-227-54.vie.llnw.net Software Cliplister GmbH / Resource Hash e109f2bc74fd74f053ae8ed9365c78b5db0e7681f9e1c95fef442889b3428100 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://ad8.ad-srv.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 04:53:05 GMT last-modified Mon, 30 Aug 2021 06:34:22 GMT server Cliplister GmbH age 78982 etag "612c7bee-4c5e" strict-transport-security max-age=15768000 reporting eyJjb25zdW1lcmlkIjoxNjAyNjcsIm93bmVyaWQiOjE2MDI2NywidW5pcXVlaWQiOiIxNjAyNjc0Y0ZST2FUMDNqeV9rTmNpQ1BhdHg3QVQiLCJ1dWlkIjoiYTEzNjM3Y2RkOTc5NDRkOGY4MTkwZGM2MGE2M2E3NTg0IiwiYXNzZXR0eXBlIjoicGljdHVyZSJ9 content-type image/gif access-control-allow-origin * cache-control max-age=172800 x-server c11 accept-ranges bytes content-length 19550 x-llid bc190646e0c8262fada122474fde699c expires Thu, 09 Sep 2021 06:56:43 GMT Redirect headers Date Wed, 08 Sep 2021 04:53:05 GMT Strict-Transport-Security max-age=86400 P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Location https://asset.conrad.com/media10/isa/160267/c1/-/de/Schulanfang_160x600?format=gif Awin-Akamai-Rule-Set default Node Helix Connection keep-alive Content-Length 0
GET H/1.1	200 OK	viewability Show response ad8.ad-srv.net/ Frame D2E3	0 150 B	41ms 14ms	Script text/html	138.201.63.150 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ad8.ad-srv.net/viewability?s=14101300027621401324219011711008&a=a3e240ac&vb=m Requested by Host: ad8.ad-srv.net URL: https://ad8.ad-srv.net/request_content.php?s=14101300027621401324219011711008&a=8c2c0a3c Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.150 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.150.63.201.138.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ad8.ad-srv.net/request_content.php?s=14101300027621401324219011711008&a=8c2c0a3c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 08 Sep 2021 04:53:05 GMT Server Apache Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
GET DATA	200 OK	truncated / Frame D2E3	43 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Content-Type image/gif
GET H/1.1	200 OK	addDoubleBorder.js Show response cdn.contentspread.net/oliro/tools/js/ Frame D2E3	851 B 1 KB	54ms 10ms	Script application/javascript	85.114.131.235 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://cdn.contentspread.net/oliro/tools/js/addDoubleBorder.js Requested by Host: ad8.ad-srv.net URL: https://ad8.ad-srv.net/request_content.php?s=14101300027621401324219011711008&a=8c2c0a3c Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 85.114.131.235 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS srv21039.dus4.fastwebserver.de Software nginx / Resource Hash abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107 Request headers Referer https://ad8.ad-srv.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 08 Sep 2021 04:53:05 GMT Last-Modified Sun, 01 Mar 2015 14:40:33 GMT Server nginx ETag "54f324e1-353" Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 851
GET H/1.1	200 OK	oba_icon.png cdn.contentspread.net/oliro/oba/ Frame D2E3	3 KB 3 KB	48ms 10ms	Image image/png	85.114.131.235 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.contentspread.net/oliro/oba/oba_icon.png Requested by Host: ad8.ad-srv.net URL: https://ad8.ad-srv.net/request_content.php?s=14101300027621401324219011711008&a=8c2c0a3c Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 85.114.131.235 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS srv21039.dus4.fastwebserver.de Software nginx / Resource Hash 2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6 Request headers Referer https://ad8.ad-srv.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 08 Sep 2021 04:53:05 GMT Last-Modified Fri, 05 Aug 2016 12:57:49 GMT Server nginx ETag "57a48d4d-c35" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 3125
GET H3-29	200	sodar Show response pagead2.googlesyndication.com/getconfig/	11 KB 8 KB	33ms 19ms	XHR application/json	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210901&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3319618738478027&plah=www.folkd.com Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4d373a984032122e0b53ca07130272bb538388e177f19aeee9e8cfc63a87952c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers timing-allow-origin * date Wed, 08 Sep 2021 04:53:05 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8503 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	36ms 16ms	Script text/javascript	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3319618738478027&plah=www.folkd.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 08 Sep 2021 04:53:05 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1624308425655142" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6467 x-xss-protection 0 expires Wed, 08 Sep 2021 04:53:05 GMT
GET H3-29	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/224/ Frame 2047	12 KB 5 KB	24ms 8ms	Document text/html	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/224/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.folkd.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://www.folkd.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 5029 date Tue, 07 Sep 2021 21:22:57 GMT expires Wed, 07 Sep 2022 21:22:57 GMT last-modified Wed, 02 Jun 2021 17:09:45 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 27008 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	aframe Show response www.google.com/recaptcha/api2/ Frame C7D2	783 B 540 B	16ms 15ms	Document text/html	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 7ea277a97d0bece89aea9cf4cf045e748ce3e76c838a1be027e8be3760a19d3d Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-OCwOsWlGv/K3sJdWOex2cw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/aframe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.folkd.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://www.folkd.com/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy-report-only require-corp; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Wed, 08 Sep 2021 04:53:05 GMT date Wed, 08 Sep 2021 04:53:05 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-OCwOsWlGv/K3sJdWOex2cw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 512 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	rWlMBfa9MpU8odUgYO2XS-jQK_KO9aJyNzJvjgjzx8o.js Show response pagead2.googlesyndication.com/bg/ Frame 2047	35 KB 13 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/rWlMBfa9MpU8odUgYO2XS-jQK_KO9aJyNzJvjgjzx8o.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ad694c05f6bd32953ca1d52060ed974be8d02bf28ef5a27237326f8e08f3c7ca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 07 Sep 2021 19:07:31 GMT content-encoding br x-content-type-options nosniff age 35134 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13326 x-xss-protection 0 last-modified Mon, 30 Aug 2021 12:58:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 07 Sep 2022 19:07:31 GMT
GET H3-29	204	sodar pagead2.googlesyndication.com/pagead/	0 0	31ms 31ms	Image text/html	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210901&jk=2357618819144800&bg=!mpmlmd3NAAYJpm41CaY7ACkAdvg8WojAcLxMkNYL3QVKyUYG2MK-5NVtkOY925otfjGKDNCGAO_l7wIAAABYUgAAAAxoAQcKAELI1JkawiYEOFCH5lCx7aSUpeP4htlcwUbvKbXNEZEkZRt06239MhUqwV4a4ojOsizYaUzpp76RleD62dg3gACmITmZAn_rmUVw5BAqB3cReNr963ijopgjxq5XuVq9oSk4bN-jQKcRmxUGH_qcc4DLAYJR5I8DUEl6otFW0q1IllsbIzMqwFftXIAmGjmXqEQROyk5IYi-Fjmr555l9dXzUOvroTkRicSjlvsPoJyjoIFXGdz7H0gWQGnht2_KWXQfPjKQmeevPgkh2xUMRSVQHTKQav96uyM7gvzT6YTz-fXc4IKlTWr75AhOgM7pD4k34Amil9hVhaaYqOz44uKEkef_wuERjMPIx4bpRA_aR0emILy_wXIMkwQJp2mvIZQRw5sTGJu5kavKzdU3G9Xl0l6I_3Fv1VYlwfhji8wPoGzY10yCeH0UPK_Kwu6FKay-qg0Mhs0ecv4j_N1KbLDAs5w7-rlXXLhajM70lz9zfcGTptG-_q_Z-8SzjLUskBiTvFPMAJML05WjnibHPOk_QdKTbhPQqi4Ikm1zX2oSvCfXK5C-WZ7AD_FdlUZr5lxgaUttRR2_10Y4u6oTJcSN5O_9eSy74krqPTZnyO2dSJTMIOudpzfND7dfL_Jzt1ovrE9pQn2nX7CTanLjlRUMJmrkW92XQqi1w_2vuv4Y6SjJdJoxFH9Sgv9Se1n9EqoL9suSun2Uh24jsAf3XeMqk9aa9Pxmql2hniDo27faWp5wf1bU9hsfNBMs6bgz5AKJZDrJBrBLxHOYW-OvPdhAkGYsjV9c_boRKr_Y24Zii_IcQ52QRQd9jOL0oYCOiiCTkJW5cclJM0aF12tfMetJhTFiw5LbtkMTogfdPPECf6V8cahYBtb3fIaYF8J1pPAPlH-yEvCDOAGYHUBpCPV81MGYxGskfI7Fvmaubp1rJ_rOklA Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers
POST H/1.1	200	Visibility Show response brain.rvty.net/RTB/ Frame B817	0 119 B	10ms 10ms	XHR text/plain	89.163.211.233 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://brain.rvty.net/RTB/Visibility Requested by Host: cdn.rvty.net URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx/1.13.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept */* Referer https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=c5052b90fcd0443da26cfb3b36e9a8d1&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a5afe100-5c9d-4224-9ced-cc51fa167298&euid=1bf8a1509892379407d70dfaa8acc9ae7b58e4a0be61571145e5b6ddb36d8944&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent= X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Wed, 08 Sep 2021 04:53:05 GMT Server nginx/1.13.4 Connection keep-alive Content-Length 0
POST H/1.1	200	Visibility Show response brain.rvty.net/RTB/ Frame B817	0 119 B	11ms 10ms	XHR text/plain	89.163.211.233 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://brain.rvty.net/RTB/Visibility Requested by Host: cdn.rvty.net URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx/1.13.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept */* Referer https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=c5052b90fcd0443da26cfb3b36e9a8d1&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a5afe100-5c9d-4224-9ced-cc51fa167298&euid=1bf8a1509892379407d70dfaa8acc9ae7b58e4a0be61571145e5b6ddb36d8944&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent= X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Wed, 08 Sep 2021 04:53:06 GMT Server nginx/1.13.4 Connection keep-alive Content-Length 0
GET H/1.1	200 OK	viewability Show response ad8.ad-srv.net/ Frame D2E3	0 150 B	39ms 13ms	Script text/html	138.201.63.150 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ad8.ad-srv.net/viewability?s=14101300027621401324219011711008&a=a3e240ac&vb=v Requested by Host: ad8.ad-srv.net URL: https://ad8.ad-srv.net/request_content.php?s=14101300027621401324219011711008&a=8c2c0a3c Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.150 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.150.63.201.138.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ad8.ad-srv.net/request_content.php?s=14101300027621401324219011711008&a=8c2c0a3c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 08 Sep 2021 04:53:06 GMT Server Apache Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
POST H/1.1	200	Visibility Show response brain.rvty.net/RTB/ Frame B817	0 119 B	363ms 363ms	XHR text/plain	89.163.211.233 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://brain.rvty.net/RTB/Visibility Requested by Host: cdn.rvty.net URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx/1.13.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept */* Referer https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=c5052b90fcd0443da26cfb3b36e9a8d1&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a5afe100-5c9d-4224-9ced-cc51fa167298&euid=1bf8a1509892379407d70dfaa8acc9ae7b58e4a0be61571145e5b6ddb36d8944&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent= X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Wed, 08 Sep 2021 04:53:06 GMT Server nginx/1.13.4 Connection keep-alive Content-Length 0
POST H/1.1	200	Visibility Show response brain.rvty.net/RTB/ Frame B817	0 119 B	10ms 10ms	XHR text/plain	89.163.211.233 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://brain.rvty.net/RTB/Visibility Requested by Host: cdn.rvty.net URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx/1.13.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept */* Referer https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=c5052b90fcd0443da26cfb3b36e9a8d1&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a5afe100-5c9d-4224-9ced-cc51fa167298&euid=1bf8a1509892379407d70dfaa8acc9ae7b58e4a0be61571145e5b6ddb36d8944&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent= X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Wed, 08 Sep 2021 04:53:07 GMT Server nginx/1.13.4 Connection keep-alive Content-Length 0
POST H2	200	71239210 Show response mc.yandex.com/webvisor/	43 B 145 B	127ms 127ms	XHR image/gif	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/71239210?wmode=0&wv-part=1&wv-hit=593722424&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rn=796993097&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1631076787%3Aw%3A1600x1200%3Av%3A631%3Az%3A120%3Ai%3A20210908065307%3Au%3A163107678547609850%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1631076787 Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 08 Sep 2021 04:53:07 GMT last-modified Wed, 08-Sep-2021 04:53:07 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://www.folkd.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Wed, 08-Sep-2021 04:53:07 GMT
POST H2	200	71239210 Show response mc.yandex.com/webvisor/	43 B 73 B	125ms 125ms	XHR image/gif	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/71239210?wmode=0&wv-part=1&wv-hit=593722424&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rn=100229518&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1631076787%3Aw%3A1600x1200%3Av%3A631%3Az%3A120%3Ai%3A20210908065307%3Au%3A163107678547609850%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1631076787 Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 08 Sep 2021 04:53:07 GMT last-modified Wed, 08-Sep-2021 04:53:07 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://www.folkd.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Wed, 08-Sep-2021 04:53:07 GMT
POST H/1.1	200	Visibility Show response brain.rvty.net/RTB/ Frame B817	0 119 B	11ms 10ms	XHR text/plain	89.163.211.233 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://brain.rvty.net/RTB/Visibility Requested by Host: cdn.rvty.net URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx/1.13.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept */* Referer https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=c5052b90fcd0443da26cfb3b36e9a8d1&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a5afe100-5c9d-4224-9ced-cc51fa167298&euid=1bf8a1509892379407d70dfaa8acc9ae7b58e4a0be61571145e5b6ddb36d8944&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent= X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Wed, 08 Sep 2021 04:53:07 GMT Server nginx/1.13.4 Connection keep-alive Content-Length 0
POST H/1.1	200	Visibility Show response brain.rvty.net/RTB/ Frame B817	0 119 B	12ms 12ms	XHR text/plain	89.163.211.233 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://brain.rvty.net/RTB/Visibility Requested by Host: cdn.rvty.net URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx/1.13.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept */* Referer https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=c5052b90fcd0443da26cfb3b36e9a8d1&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a5afe100-5c9d-4224-9ced-cc51fa167298&euid=1bf8a1509892379407d70dfaa8acc9ae7b58e4a0be61571145e5b6ddb36d8944&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent= X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Wed, 08 Sep 2021 04:53:08 GMT Server nginx/1.13.4 Connection keep-alive Content-Length 0
POST H/1.1	200	Visibility Show response brain.rvty.net/RTB/ Frame B817	0 119 B	11ms 10ms	XHR text/plain	89.163.211.233 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://brain.rvty.net/RTB/Visibility Requested by Host: cdn.rvty.net URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx/1.13.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept */* Referer https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=c5052b90fcd0443da26cfb3b36e9a8d1&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a5afe100-5c9d-4224-9ced-cc51fa167298&euid=1bf8a1509892379407d70dfaa8acc9ae7b58e4a0be61571145e5b6ddb36d8944&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent= X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Wed, 08 Sep 2021 04:53:08 GMT Server nginx/1.13.4 Connection keep-alive Content-Length 0
POST H/1.1	200	Visibility Show response brain.rvty.net/RTB/ Frame B817	0 119 B	11ms 11ms	XHR text/plain	89.163.211.233 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://brain.rvty.net/RTB/Visibility Requested by Host: cdn.rvty.net URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx/1.13.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept */* Referer https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=c5052b90fcd0443da26cfb3b36e9a8d1&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a5afe100-5c9d-4224-9ced-cc51fa167298&euid=1bf8a1509892379407d70dfaa8acc9ae7b58e4a0be61571145e5b6ddb36d8944&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent= X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Wed, 08 Sep 2021 04:53:09 GMT Server nginx/1.13.4 Connection keep-alive Content-Length 0
POST H/1.1	200	Visibility Show response brain.rvty.net/RTB/ Frame B817	0 119 B	25ms 25ms	XHR text/plain	89.163.211.233 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://brain.rvty.net/RTB/Visibility Requested by Host: cdn.rvty.net URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx/1.13.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept */* Referer https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=c5052b90fcd0443da26cfb3b36e9a8d1&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a5afe100-5c9d-4224-9ced-cc51fa167298&euid=1bf8a1509892379407d70dfaa8acc9ae7b58e4a0be61571145e5b6ddb36d8944&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent= X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Wed, 08 Sep 2021 04:53:09 GMT Server nginx/1.13.4 Connection keep-alive Content-Length 0
POST H/1.1	200	Visibility Show response brain.rvty.net/RTB/ Frame B817	0 119 B	12ms 11ms	XHR text/plain	89.163.211.233 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://brain.rvty.net/RTB/Visibility Requested by Host: cdn.rvty.net URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx/1.13.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept */* Referer https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=c5052b90fcd0443da26cfb3b36e9a8d1&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a5afe100-5c9d-4224-9ced-cc51fa167298&euid=1bf8a1509892379407d70dfaa8acc9ae7b58e4a0be61571145e5b6ddb36d8944&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent= X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Wed, 08 Sep 2021 04:53:12 GMT Server nginx/1.13.4 Connection keep-alive Content-Length 0
POST H/1.1	200	Visibility Show response brain.rvty.net/RTB/ Frame B817	0 119 B	10ms 10ms	XHR text/plain	89.163.211.233 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://brain.rvty.net/RTB/Visibility Requested by Host: cdn.rvty.net URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx/1.13.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept */* Referer https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=c5052b90fcd0443da26cfb3b36e9a8d1&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a5afe100-5c9d-4224-9ced-cc51fa167298&euid=1bf8a1509892379407d70dfaa8acc9ae7b58e4a0be61571145e5b6ddb36d8944&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent= X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Wed, 08 Sep 2021 04:53:15 GMT Server nginx/1.13.4 Connection keep-alive Content-Length 0
POST H/1.1	200	Visibility Show response brain.rvty.net/RTB/ Frame B817	0 119 B	10ms 10ms	XHR text/plain	89.163.211.233 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://brain.rvty.net/RTB/Visibility Requested by Host: cdn.rvty.net URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx/1.13.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept */* Referer https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=c5052b90fcd0443da26cfb3b36e9a8d1&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a5afe100-5c9d-4224-9ced-cc51fa167298&euid=1bf8a1509892379407d70dfaa8acc9ae7b58e4a0be61571145e5b6ddb36d8944&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent= X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Wed, 08 Sep 2021 04:53:18 GMT Server nginx/1.13.4 Connection keep-alive Content-Length 0
POST H/1.1	200	Visibility brain.rvty.net/RTB/ Frame B817	0 119 B	10ms 10ms	XHR text/plain	89.163.211.233 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://brain.rvty.net/RTB/Visibility Requested by Host: cdn.rvty.net URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx/1.13.4 / Resource Hash Request headers Accept */* Referer https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=c5052b90fcd0443da26cfb3b36e9a8d1&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=a5afe100-5c9d-4224-9ced-cc51fa167298&euid=1bf8a1509892379407d70dfaa8acc9ae7b58e4a0be61571145e5b6ddb36d8944&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent= X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Wed, 08 Sep 2021 04:53:21 GMT Server nginx/1.13.4 Connection keep-alive Content-Length 0