urlscan.io logo urlscan.io
SecurityTrails logo

folkd.com Open in urlscan Pro
76.76.21.21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.folkd.com/submit/msglomi.com/bbs/board.php?bo_table=shoparea&state1=%EC%84%9C%EC%9A%B8&state2=%EC%84%B1%EB...
Effective URL: https://folkd.com/
Submission: On November 18 via manual from GB — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 120 IPs in 15 countries across 126 domains to perform 1054 HTTP transactions. The main IP is 76.76.21.21, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is folkd.com.
TLS certificate: Issued by R3 on November 13th 2023. Valid for: 3 months.
This is the only time folkd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 11 76.76.21.21 16509 (AMAZON-02)
7 104.16.203.66 13335 (CLOUDFLAR...)
3 104.17.25.14 13335 (CLOUDFLAR...)
112 104.16.89.20 13335 (CLOUDFLAR...)
4 185.3.92.76 63949 (AKAMAI-LI...)
1 142.250.186.104 15169 (GOOGLE)
3 151.101.0.176 54113 (FASTLY)
2 142.250.185.138 15169 (GOOGLE)
15 142.250.185.164 15169 (GOOGLE)
7 142.250.181.227 15169 (GOOGLE)
2 13.107.213.44 8075 (MICROSOFT...)
4 12 35.193.186.65 396982 (GOOGLE-CL...)
4 104.16.137.79 13335 (CLOUDFLAR...)
3 54.186.23.98 16509 (AMAZON-02)
6 142.250.186.35 15169 (GOOGLE)
2 172.64.144.166 13335 (CLOUDFLAR...)
40 142.250.186.162 15169 (GOOGLE)
2 65.9.66.30 16509 (AMAZON-02)
2 216.239.34.36 15169 (GOOGLE)
4 4.227.249.197 8075 (MICROSOFT...)
1 52.10.73.64 16509 (AMAZON-02)
6 35.186.236.140 15169 (GOOGLE)
97 142.250.186.66 15169 (GOOGLE)
1 172.67.38.106 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 178.250.1.3 44788 (ASN-CRITE...)
1 65.9.66.122 16509 (AMAZON-02)
1 18.66.129.71 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
11 142.250.74.193 15169 (GOOGLE)
1 34.120.107.143 396982 (GOOGLE-CL...)
1 54.194.65.19 16509 (AMAZON-02)
1 35.190.39.111 15169 (GOOGLE)
4 142.250.184.251 15169 (GOOGLE)
2 52.219.62.108 16509 (AMAZON-02)
1 185.172.148.132 44239 (PROINITY ...)
1 23.227.38.65 13335 (CLOUDFLAR...)
2 148.72.215.239 26496 (AS-26496-...)
1 107.180.41.157 26496 (AS-26496-...)
1 68.66.226.83 55293 (A2HOSTING)
1 208.78.227.195 63410 (PRIVATESY...)
1 65.9.66.123 16509 (AMAZON-02)
1 172.67.221.51 13335 (CLOUDFLAR...)
4 9 34.98.64.218 396982 (GOOGLE-CL...)
2 178.250.1.11 44788 (ASN-CRITE...)
3 162.19.138.82 16276 (OVH)
5 5 37.157.6.243 198622 (ADFORM)
2 6 52.94.222.140 16509 (AMAZON-02)
6 35.71.131.137 16509 (AMAZON-02)
24 107 142.250.185.98 15169 (GOOGLE)
12 13.49.34.168 16509 (AMAZON-02)
18 18.245.60.65 16509 (AMAZON-02)
2 14 37.157.3.20 198622 (ADFORM)
56 34.250.128.111 16509 (AMAZON-02)
3 69.173.144.152 26667 (RUBICONPR...)
8 15 69.173.144.138 26667 (RUBICONPR...)
48 142.250.186.97 15169 (GOOGLE)
17 142.250.184.226 15169 (GOOGLE)
16 142.250.185.226 15169 (GOOGLE)
2 2 193.135.9.130 48314 (IP-PROJECTS)
2 2 193.135.9.133 48314 (IP-PROJECTS)
1 2 35.186.194.101 15169 (GOOGLE)
1 23.32.185.192 16625 (AKAMAI-AS)
1 213.19.162.67 3356 (LEVEL3)
8 37.157.5.73 198622 (ADFORM)
9 18.66.122.80 16509 (AMAZON-02)
102 3.91.171.235 14618 (AMAZON-AES)
1 2 69.20.43.192 27357 (RACKSPACE)
4 6 104.18.36.155 13335 (CLOUDFLAR...)
2 2 208.93.169.131 46244 (WEBMD-IDC...)
7 9 37.252.173.215 29990 (ASN-APPNEX)
1 3 34.111.113.62 396982 (GOOGLE-CL...)
26 42 69.173.144.139 26667 (RUBICONPR...)
11 11 46.228.174.117 56396 (AMOBEE)
2 2 46.228.164.11 56396 (AMOBEE)
5 5 3.75.62.37 16509 (AMAZON-02)
2 2.22.242.10 20940 (AKAMAI-ASN1)
3 3 198.47.127.18 62713 (AS-PUBMATIC)
1 3 198.47.127.205 62713 (AS-PUBMATIC)
1 1 185.64.190.81 62713 (AS-PUBMATIC)
6 52.49.140.195 16509 (AMAZON-02)
4 4 178.250.1.9 44788 (ASN-CRITE...)
3 3 52.87.37.157 14618 (AMAZON-AES)
1 54.82.239.169 14618 (AMAZON-AES)
5 5 3.124.81.102 16509 (AMAZON-02)
3 3 34.252.83.133 16509 (AMAZON-02)
8 8 63.215.202.169 41041 (VCLK-EU-SE)
2 192.132.33.68 18568 (BIDTELLECT)
1 80.77.87.163 46636 (NATCOWEB)
3 3 52.30.78.43 16509 (AMAZON-02)
2 2 3.122.5.52 16509 (AMAZON-02)
1 2.23.197.190 16625 (AKAMAI-AS)
2 35.244.174.68 396982 (GOOGLE-CL...)
2 2 35.214.182.220 15169 (GOOGLE)
1 1 142.234.204.77 396362 (LEASEWEB-...)
5 5 70.42.32.191 13789 (INTERNAP-...)
1 54.229.22.54 16509 (AMAZON-02)
1 1 95.101.148.20 16625 (AKAMAI-AS)
2 2 185.86.138.153 201081 (SMARTADSE...)
2 4 23.35.237.56 16625 (AKAMAI-AS)
21 172.217.18.6 15169 (GOOGLE)
2 2 198.47.127.19 3257 (GTT-BACKB...)
1 2 3.221.35.16 14618 (AMAZON-AES)
16 142.251.167.120 15169 (GOOGLE)
1 142.250.185.230 15169 (GOOGLE)
3 138.201.63.150 24940 (HETZNER-AS)
8 23.35.229.251 16625 (AKAMAI-AS)
14 142.250.185.162 15169 (GOOGLE)
4 4 213.155.156.184 1299 (TWELVE99 ...)
4 4 35.186.253.211 15169 (GOOGLE)
2 2 20.127.253.7 8075 (MICROSOFT...)
4 6 87.250.250.90 208398 (TELETECH)
4 4 35.208.249.213 19527 (GOOGLE-2)
3 3 193.108.153.6 20940 (AKAMAI-ASN1)
3 3 34.91.62.186 396982 (GOOGLE-CL...)
3 3 85.114.159.118 24961 (MYLOC-AS ...)
1 1 35.190.0.66 15169 (GOOGLE)
3 6 104.18.24.173 13335 (CLOUDFLAR...)
4 4 76.223.111.18 16509 (AMAZON-02)
2 3 51.38.120.206 16276 (OVH)
7 7 52.213.192.203 16509 (AMAZON-02)
1 1 193.0.160.131 54312 (ROCKETFUEL)
1 4 138.201.63.165 24940 (HETZNER-AS)
1 91.228.74.168 16509 (AMAZON-02)
3 3 82.145.213.8 39832 (NO-OPERA)
2 2 172.105.220.23 63949 (AKAMAI-LI...)
2 2 52.29.13.21 16509 (AMAZON-02)
1 1 44.195.95.27 14618 (AMAZON-AES)
1 13.107.42.14 8068 (MICROSOFT...)
1 2 52.46.143.56 16509 (AMAZON-02)
1 147.75.84.158 54825 (PACKET)
1 13.32.121.122 16509 (AMAZON-02)
1 2 216.52.2.6 32475 (SINGLEHOP...)
1 1 52.70.105.17 14618 (AMAZON-AES)
1 3.122.6.226 16509 (AMAZON-02)
1 2 172.64.146.152 13335 (CLOUDFLAR...)
1 34.149.50.64 396982 (GOOGLE-CL...)
1 3.73.198.115 16509 (AMAZON-02)
1 8.18.47.7 398989 (DEEPINTENT)
2 2 98.98.134.242 21859 (ZEN-ECN)
1 64.202.112.223 23352 (SERVERCEN...)
2 3 23.56.205.163 16625 (AKAMAI-AS)
1 104.18.187.224 13335 (CLOUDFLAR...)
1 3.124.138.165 16509 (AMAZON-02)
1 1 154.59.122.79 174 (COGENT-174)
1 34.255.45.246 16509 (AMAZON-02)
1 54.228.90.72 16509 (AMAZON-02)
1 67.202.105.23 32748 (STEADFAST)
1 34.107.140.113 396982 (GOOGLE-CL...)
1 54.171.40.33 16509 (AMAZON-02)
3 3 151.101.130.49 54113 (FASTLY)
1 72.251.245.179 32475 (SINGLEHOP...)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 18.66.97.81 16509 (AMAZON-02)
1 89.149.192.74 60781 (LEASEWEB-...)
1 96.46.186.182 7979 (SERVERS-COM)
1 104.19.241.24 13335 (CLOUDFLAR...)
106 104.17.201.110 13335 (CLOUDFLAR...)
1 1 63.251.14.3 32475 (SINGLEHOP...)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 13.107.21.200 8068 (MICROSOFT...)
3 104.16.80.126 13335 (CLOUDFLAR...)
1054 120
11    76.76.21.21 (Walnut, United States)

ASN16509 (AMAZON-02, US)
www.folkd.com
folkd.com
7    104.16.203.66 (None, )

ASN13335 (CLOUDFLARENET, US)
folkd0612.bubbleapps.io
3    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
112    104.16.89.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    185.3.92.76 (London, United Kingdom)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: nb-185-3-92-76.tc.nodebalancer.linode.com
monu.delivery
1    142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net
www.googletagmanager.com
3    151.101.0.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
2    142.250.185.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f10.1e100.net
fonts.googleapis.com
15    142.250.185.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f4.1e100.net
www.google.com
7    142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
fonts.gstatic.com
2    13.107.213.44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
12    35.193.186.65 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.186.193.35.bc.googleusercontent.com
xeqe-t3lw-i7hv.n7.xano.io
4    104.16.137.79 (None, )

ASN13335 (CLOUDFLARENET, US)
1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io
3    54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com
q.stripe.com
6    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
www.gstatic.com
2    172.64.144.166 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
40    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
securepubads.g.doubleclick.net
ade.googlesyndication.com
2    65.9.66.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-30.fra56.r.cloudfront.net
m.stripe.network
2    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    4.227.249.197 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
u.clarity.ms
1    52.10.73.64 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-73-64.us-west-2.compute.amazonaws.com
m.stripe.com
6    35.186.236.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.236.186.35.bc.googleusercontent.com
imps.monu.delivery
97    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
pagead2.googlesyndication.com
1    172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    18.66.129.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-129-71.fra60.r.cloudfront.net
cdn.prod.uidapi.com
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
11    142.250.74.193 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f1.1e100.net
fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
1    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
1    54.194.65.19 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-65-19.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
4    142.250.184.251 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f27.1e100.net
storage.googleapis.com
2    52.219.62.108 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: s3-w.ap-south-1.amazonaws.com
apkainterior.s3.amazonaws.com
1    185.172.148.132 (Germany)

ASN44239 (PROINITY PROINITY, CH)
alliance-11536.kxcdn.com
1    23.227.38.65 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: myshopify.com
everlighten.com
2    148.72.215.239 (Singapore, Singapore)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 239.215.72.148.host.secureserver.net
indotoursadventures.com
1    107.180.41.157 (Ashburn, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 157.41.180.107.host.secureserver.net
www.novalabcardiac.com
1    68.66.226.83 (United States)

ASN55293 (A2HOSTING, US)
PTR: az1-sr8.supercp.com
fallandfallow.com
1    208.78.227.195 (United States)

ASN63410 (PRIVATESYSTEMS, US)
PTR: host.bigacrylic.com
www.bigacrylic.com
1    65.9.66.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-123.fra56.r.cloudfront.net
substackcdn.com
1    172.67.221.51 (United States)

ASN13335 (CLOUDFLARENET, US)
turkeyyachtrentals.com
9    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
eu-u.openx.net
us-u.openx.net
u.openx.net
2    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
id5-sync.com
5    37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
6    52.94.222.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
6    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
107    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
12    13.49.34.168 (Stockholm, Sweden)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-49-34-168.eu-north-1.compute.amazonaws.com
protected-by.clarium.io
18    18.245.60.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-65.fra60.r.cloudfront.net
static.yieldmo.com
14    37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
56    34.250.128.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
3    69.173.144.152 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
beacon-fra2.rubiconproject.com
15    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
48    142.250.186.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f1.1e100.net
tpc.googlesyndication.com
17    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
www.googletagservices.com
16    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
googleads.g.doubleclick.net
2    193.135.9.130 (Germany)

ASN48314 (IP-PROJECTS, DE)
ads.smartstream.tv
2    193.135.9.133 (Germany)

ASN48314 (IP-PROJECTS, DE)
cm.adsafety.net
2    35.186.194.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.194.186.35.bc.googleusercontent.com
ad.sxp.smartclip.net
1    23.32.185.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-192.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    213.19.162.67 (United Kingdom)

ASN3356 (LEVEL3, US)
beacon-ams3.rubiconproject.com
8    37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
9    18.66.122.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-80.fra60.r.cloudfront.net
matchadsrvr.yieldmo.com
102    3.91.171.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-91-171-235.compute-1.amazonaws.com
kinesis.us-east-1.amazonaws.com
2    69.20.43.192 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
6    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
2    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
9    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
3    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
42    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
11    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
2    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
5    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    2.22.242.10 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-22-242-10.deploy.static.akamaitechnologies.com
hb.yahoo.net
3    198.47.127.18 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
3    198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
6    52.49.140.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-140-195.eu-west-1.compute.amazonaws.com
sync-pm.ads.yieldmo.com
sync-openx.ads.yieldmo.com
sync-beeswax.ads.yieldmo.com
sync-adform.ads.yieldmo.com
sync-iqzone.ads.yieldmo.com
sync-eq.ads.yieldmo.com
4    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
3    52.87.37.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-37-157.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    54.82.239.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-239-169.compute-1.amazonaws.com
rtb.adentifi.com
5    3.124.81.102 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-81-102.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    34.252.83.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-83-133.eu-west-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
8    63.215.202.169 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams05-nessy-float1.dotomi.com
yieldmo-match.dotomi.com
dclk-match.dotomi.com
rubicon-match.dotomi.com
2    192.132.33.68 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 68.bidtellect.com
bttrack.com
1    80.77.87.163 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
3    52.30.78.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-78-43.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    3.122.5.52 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-5-52.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
1    2.23.197.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
2    35.214.182.220 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 220.182.214.35.bc.googleusercontent.com
csync.loopme.me
1    142.234.204.77 (Edison, United States)

ASN396362 (LEASEWEB-USA-NYC, US)
xsync.iqzone.com
5    70.42.32.191 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    54.229.22.54 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-22-54.eu-west-1.compute.amazonaws.com
aa.agkn.com
1    95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com
contextual.media.net
2    185.86.138.153 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
4    23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com
sync.teads.tv
21    172.217.18.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f6.1e100.net
s0.2mdn.net
2    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
2    3.221.35.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-35-16.compute-1.amazonaws.com
partners.tremorhub.com
google.partners.tremorhub.com
16    142.251.167.120 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f120.1e100.net
csi.gstatic.com
1    142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net
ad.doubleclick.net
3    138.201.63.150 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.150.63.201.138.clients.your-server.de
hal9000.redintelligence.net
8    23.35.229.251 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-251.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
14    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
googleads4.g.doubleclick.net
4    213.155.156.184 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
4    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
6    87.250.250.90 (Russian Federation)

ASN208398 (TELETECH, RS)
PTR: bs.yandex.ru
an.yandex.ru
4    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
3    193.108.153.6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-6.deploy.static.akamaitechnologies.com
analytics.pangle-ads.com
3    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
3    85.114.159.118 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
6    104.18.24.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
4    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
3    51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
7    52.213.192.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-192-203.eu-west-1.compute.amazonaws.com
match.360yield.com
1    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
a.rfihub.com
4    138.201.63.165 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.165.63.201.138.clients.your-server.de
hal90005.redintelligence.net
1    91.228.74.168 (United Kingdom)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
3    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    172.105.220.23 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1874-23.members.linode.com
a.c.appier.net
2    52.29.13.21 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-13-21.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    44.195.95.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-95-27.compute-1.amazonaws.com
fksnk.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    13.32.121.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-122.fra60.r.cloudfront.net
live.primis.tech
2    216.52.2.6 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
1    52.70.105.17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-105-17.compute-1.amazonaws.com
sync.ipredictive.com
1    3.122.6.226 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-6-226.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    172.64.146.152 (United States)

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
1    34.149.50.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
1    3.73.198.115 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-198-115.eu-central-1.compute.amazonaws.com
exchange.mediavine.com
1    8.18.47.7 (Miami, United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
2    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
1    64.202.112.223 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
sync.outbrain.com
3    23.56.205.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-205-163.deploy.static.akamaitechnologies.com
www.awin1.com
1    104.18.187.224 (None, )

ASN13335 (CLOUDFLARENET, US)
www.conrad.ch
1    3.124.138.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-138-165.eu-central-1.compute.amazonaws.com
t23.intelliad.de
1    154.59.122.79 (Schiphol, Netherlands)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
1    34.255.45.246 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-45-246.eu-west-1.compute.amazonaws.com
visitor.omnitagjs.com
1    54.228.90.72 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-90-72.eu-west-1.compute.amazonaws.com
cs.yellowblue.io
1    67.202.105.23 (United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
1    34.107.140.113 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 113.140.107.34.bc.googleusercontent.com
s2s.t13.io
1    54.171.40.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-40-33.eu-west-1.compute.amazonaws.com
cs.minutemedia-prebid.com
3    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    72.251.245.179 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    18.66.97.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-81.fra56.r.cloudfront.net
usr.undertone.com
1    89.149.192.74 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
rtb-csync.smartadserver.com
1    96.46.186.182 (United States)

ASN7979 (SERVERS-COM, US)
sync.aniview.com
1    104.19.241.24 (None, )

ASN13335 (CLOUDFLARENET, US)
ct.conrad.ch
106    104.17.201.110 (None, )

ASN13335 (CLOUDFLARENET, US)
c.bannerflow.net
1    63.251.14.3 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: 3.14.251.63.unassigned.ord.singlehop.net
ap.lijit.com
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
3    104.16.80.126 (None, )

ASN13335 (CLOUDFLARENET, US)
shared.bannerflow.com
Apex Domain
Subdomains		 Transfer
172 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
ad.doubleclick.net — Cisco Umbrella Rank: 154
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439
941 KB
162 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
ade.googlesyndication.com
950 KB
112 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
76 KB
106 bannerflow.net
c.bannerflow.net — Cisco Umbrella Rank: 8923
2 MB
104 amazonaws.com
apkainterior.s3.amazonaws.com
kinesis.us-east-1.amazonaws.com — Cisco Umbrella Rank: 1266
537 KB
89 yieldmo.com
static.yieldmo.com — Cisco Umbrella Rank: 2504
ads.yieldmo.com — Cisco Umbrella Rank: 657
matchadsrvr.yieldmo.com — Cisco Umbrella Rank: 2834
sync-pm.ads.yieldmo.com — Cisco Umbrella Rank: 8174
sync-openx.ads.yieldmo.com — Cisco Umbrella Rank: 6512
sync-beeswax.ads.yieldmo.com — Cisco Umbrella Rank: 6674
sync-adform.ads.yieldmo.com — Cisco Umbrella Rank: 9588
sync-iqzone.ads.yieldmo.com — Cisco Umbrella Rank: 7074
sync-eq.ads.yieldmo.com — Cisco Umbrella Rank: 6874
1 MB
69 rubiconproject.com
beacon-fra2.rubiconproject.com — Cisco Umbrella Rank: 11698
token.rubiconproject.com — Cisco Umbrella Rank: 458
beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 10151
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2394
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
eus.rubiconproject.com — Cisco Umbrella Rank: 602
95 KB
29 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
790 KB
27 adform.net
c1.adform.net — Cisco Umbrella Rank: 599
track.adform.net — Cisco Umbrella Rank: 4256
s1.adform.net — Cisco Umbrella Rank: 9253
159 KB
21 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
389 KB
17 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
1 MB
15 google.com
www.google.com — Cisco Umbrella Rank: 2
38 KB
14 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1656 Failed
google-bidout-d.openx.net — Cisco Umbrella Rank: 1665
eu-u.openx.net — Cisco Umbrella Rank: 2753
us-u.openx.net — Cisco Umbrella Rank: 522
u.openx.net — Cisco Umbrella Rank: 659
rtb.openx.net — Cisco Umbrella Rank: 695
2 KB
12 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1459 Failed
3 KB
12 xano.io
xeqe-t3lw-i7hv.n7.xano.io
22 KB
11 folkd.com
www.folkd.com
folkd.com
16 KB
10 monu.delivery
monu.delivery — Cisco Umbrella Rank: 26382
imps.monu.delivery — Cisco Umbrella Rank: 31634
183 KB
9 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 662
image2.pubmatic.com — Cisco Umbrella Rank: 924
image4.pubmatic.com — Cisco Umbrella Rank: 1184
image6.pubmatic.com — Cisco Umbrella Rank: 823
3 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
secure.adnxs.com — Cisco Umbrella Rank: 495
7 KB
8 dotomi.com
yieldmo-match.dotomi.com — Cisco Umbrella Rank: 6405
dclk-match.dotomi.com — Cisco Umbrella Rank: 3451
rubicon-match.dotomi.com — Cisco Umbrella Rank: 2310
3 KB
8 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
3 KB
8 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
6 KB
8 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 827
u.clarity.ms — Cisco Umbrella Rank: 7536
c.clarity.ms — Cisco Umbrella Rank: 1405
28 KB
7 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2249
3 KB
7 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 38186
hal90005.redintelligence.net — Cisco Umbrella Rank: 236095
46 KB
7 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
4 KB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1287
q.stripe.com — Cisco Umbrella Rank: 7148
m.stripe.com — Cisco Umbrella Rank: 1249
158 KB
7 bubbleapps.io
folkd0612.bubbleapps.io
1 MB
6 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 860
s.tribalfusion.com — Cisco Umbrella Rank: 2311
3 KB
6 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 5085
1 KB
6 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
4 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
889 B
6 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 454
dis.criteo.com — Cisco Umbrella Rank: 597
8 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
storage.googleapis.com — Cisco Umbrella Rank: 409
470 KB
5 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 580
3 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 351
2 KB
4 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 417
2 KB
4 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 904
1 KB
4 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4905
1 KB
4 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1403
1 KB
4 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
2 KB
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 863
id5-sync.com — Cisco Umbrella Rank: 440
36 KB
4 bubble.io
1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io
188 KB
3 bannerflow.com
shared.bannerflow.com — Cisco Umbrella Rank: 481089
189 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 709
904 B
3 awin1.com
www.awin1.com — Cisco Umbrella Rank: 18131
2 KB
3 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 882
ap.lijit.com — Cisco Umbrella Rank: 683
2 KB
3 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1397
2 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
971 B
3 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533
2 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
2 KB
3 pangle-ads.com
analytics.pangle-ads.com — Cisco Umbrella Rank: 2858
3 KB
3 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 774
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733
1 KB
3 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 573
1 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 689
2 KB
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 487
1 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
30 KB
2 conrad.ch
www.conrad.ch
ct.conrad.ch
2 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 726
893 B
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1113
527 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 912
2 KB
2 appier.net
a.c.appier.net — Cisco Umbrella Rank: 15453
1 KB
2 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1562
1 KB
2 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 1279
google.partners.tremorhub.com — Cisco Umbrella Rank: 13708
809 B
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 940
638 B
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 415
id.rlcdn.com — Cisco Umbrella Rank: 728
98 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1131
1 KB
2 bttrack.com
bttrack.com — Cisco Umbrella Rank: 826
252 B
2 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 938
630 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
886 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 547
1 KB
2 lkqd.net
cs.lkqd.net — Cisco Umbrella Rank: 2401
1 KB
2 smartclip.net
ad.sxp.smartclip.net — Cisco Umbrella Rank: 4388
870 B
2 adsafety.net
cm.adsafety.net — Cisco Umbrella Rank: 22807
3 KB
2 smartstream.tv
ads.smartstream.tv — Cisco Umbrella Rank: 31114
2 KB
2 indotoursadventures.com
indotoursadventures.com
3 MB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 976
bcp.crwdcntrl.net — Cisco Umbrella Rank: 887
12 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2462
304 B
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1354
16 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1481
172 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 236
765 B
1 aniview.com
sync.aniview.com — Cisco Umbrella Rank: 1534
253 B
1 undertone.com
usr.undertone.com — Cisco Umbrella Rank: 1938
295 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1824
173 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1392
283 B
1 minutemedia-prebid.com
cs.minutemedia-prebid.com — Cisco Umbrella Rank: 1901
326 B
1 t13.io
s2s.t13.io — Cisco Umbrella Rank: 1873
460 B
1 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 923
73 B
1 yellowblue.io
cs.yellowblue.io — Cisco Umbrella Rank: 1590
326 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 799
385 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1309
684 B
1 intelliad.de
t23.intelliad.de — Cisco Umbrella Rank: 143572
555 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 807
145 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1055
44 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1284
186 B
1 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 1735
284 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
35 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 909
500 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1458
527 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
207 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
651 B
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 4670
611 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
464 B
1 rfihub.com
a.rfihub.com — Cisco Umbrella Rank: 2969
1 KB
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 5683
554 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 691
266 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 560
500 B
1 iqzone.com
xsync.iqzone.com — Cisco Umbrella Rank: 5639
468 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 921
443 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1138
176 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1218
287 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4925
400 B
1 turkeyyachtrentals.com
turkeyyachtrentals.com
3 KB
1 substackcdn.com
substackcdn.com — Cisco Umbrella Rank: 17917
50 KB
1 bigacrylic.com
www.bigacrylic.com
18 KB
1 fallandfallow.com
fallandfallow.com
544 KB
1 novalabcardiac.com
www.novalabcardiac.com
6 KB
1 everlighten.com
everlighten.com
12 KB
1 kxcdn.com
alliance-11536.kxcdn.com
228 KB
1 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 4524
474 B
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2139
1 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491
3 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1762
8 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
80 KB
0 aura-dsp.com Failed
sync-dmp.aura-dsp.com Failed
1054 126
Domain Requested by
112 cdn.jsdelivr.net folkd.com
folkd0612.bubbleapps.io
securepubads.g.doubleclick.net
107 cm.g.doubleclick.net 24 redirects google-bidout-d.openx.net
googleads.g.doubleclick.net
ads.yieldmo.com
fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
folkd.com
106 c.bannerflow.net s0.2mdn.net
fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
c.bannerflow.net
102 kinesis.us-east-1.amazonaws.com static.yieldmo.com
97 pagead2.googlesyndication.com securepubads.g.doubleclick.net
fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
pagead2.googlesyndication.com
folkd.com
www.googletagservices.com
tpc.googlesyndication.com
56 ads.yieldmo.com fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
folkd.com
static.yieldmo.com
ads.yieldmo.com
48 tpc.googlesyndication.com fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
folkd.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
41 pixel.rubiconproject.com 25 redirects googleads.g.doubleclick.net
folkd.com
fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
34 securepubads.g.doubleclick.net monu.delivery
securepubads.g.doubleclick.net
folkd.com
21 s0.2mdn.net folkd.com
fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
s0.2mdn.net
18 static.yieldmo.com folkd.com
srcdoc
17 www.googletagservices.com fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
folkd.com
16 csi.gstatic.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
16 googleads.g.doubleclick.net fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
folkd.com
15 token.rubiconproject.com 8 redirects fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
eus.rubiconproject.com
15 www.google.com folkd0612.bubbleapps.io
fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
www.gstatic.com
www.google.com
tpc.googlesyndication.com
14 googleads4.g.doubleclick.net folkd.com
14 track.adform.net 2 redirects fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
folkd.com
s1.adform.net
12 protected-by.clarium.io folkd.com
fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
12 xeqe-t3lw-i7hv.n7.xano.io 4 redirects cdn.jsdelivr.net
11 fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
cdn.confiant-integrations.net
10 folkd.com 1 redirects folkd.com
folkd0612.bubbleapps.io
9 matchadsrvr.yieldmo.com static.yieldmo.com
8 eus.rubiconproject.com fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
eus.rubiconproject.com
8 s1.adform.net folkd.com
fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
7 match.360yield.com 7 redirects
7 sync.1rx.io 7 redirects
7 ib.adnxs.com 5 redirects googleads.g.doubleclick.net
folkd.com
7 fonts.gstatic.com fonts.googleapis.com
www.google.com
7 folkd0612.bubbleapps.io folkd.com
folkd0612.bubbleapps.io
6 ade.googlesyndication.com
6 an.yandex.ru 4 redirects fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
6 match.adsrvr.org google-bidout-d.openx.net
googleads.g.doubleclick.net
ads.yieldmo.com
folkd.com
fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
6 aax-eu.amazon-adsystem.com 2 redirects google-bidout-d.openx.net
ads.yieldmo.com
folkd.com
6 imps.monu.delivery folkd.com
6 www.gstatic.com www.google.com
www.gstatic.com
5 b1sync.zemanta.com 5 redirects
5 x.bidswitch.net 5 redirects
5 ups.analytics.yahoo.com 5 redirects
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 us-u.openx.net 2 redirects google-bidout-d.openx.net
googleads.g.doubleclick.net
5 c1.adform.net 5 redirects
4 dclk-match.dotomi.com 4 redirects
4 hal90005.redintelligence.net 1 redirects fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
folkd.com
hal90005.redintelligence.net
4 eb2.3lift.com 4 redirects
4 trace.mediago.io 4 redirects
4 rtb.openx.net 4 redirects
4 d5p.de17a.com 4 redirects
4 sync.teads.tv 2 redirects googleads.g.doubleclick.net
fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
4 dis.criteo.com 4 redirects
4 sync.targeting.unrulymedia.com 4 redirects
4 storage.googleapis.com folkd.com
4 u.clarity.ms www.clarity.ms
4 1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io folkd.com
folkd0612.bubbleapps.io
4 monu.delivery folkd.com
monu.delivery
3 shared.bannerflow.com c.bannerflow.net
3 sync-tm.everesttech.net 3 redirects
3 www.awin1.com 2 redirects folkd.com
3 t.adx.opera.com 3 redirects
3 onetag-sys.com 2 redirects fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
3 s.tribalfusion.com fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
3 a.tribalfusion.com 3 redirects
3 dsp.adfarm1.adition.com 3 redirects
3 um.simpli.fi 3 redirects
3 analytics.pangle-ads.com 3 redirects
3 hal9000.redintelligence.net folkd.com
hal90005.redintelligence.net
3 match.prod.bidr.io 3 redirects
3 pr-bh.ybp.yahoo.com 3 redirects
3 sync.srv.stackadapt.com 3 redirects
3 image2.pubmatic.com 1 redirects googleads.g.doubleclick.net
3 image8.pubmatic.com 3 redirects
3 pixel.tapad.com 1 redirects ads.yieldmo.com
folkd.com
3 beacon-fra2.rubiconproject.com fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
3 id5-sync.com cdn.id5-sync.com
fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
3 q.stripe.com folkd.com
3 js.stripe.com folkd.com
js.stripe.com
3 cdnjs.cloudflare.com folkd.com
2 c.clarity.ms 1 redirects
2 rubicon-match.dotomi.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 secure.adnxs.com 2 redirects
2 capi.connatix.com 1 redirects folkd.com
2 ce.lijit.com 1 redirects folkd.com
2 s.amazon-adsystem.com 1 redirects folkd.com
2 pm.w55c.net 2 redirects
2 a.c.appier.net 2 redirects
2 sync.inmobi.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 ssbsync.smartadserver.com 2 redirects
2 csync.loopme.me 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 bttrack.com ads.yieldmo.com
fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
2 yieldmo-match.dotomi.com 2 redirects
2 hb.yahoo.net ads.yieldmo.com
folkd.com
2 ad.turn.com 2 redirects
2 bh.contextweb.com 2 redirects
2 cs.lkqd.net 1 redirects googleads.g.doubleclick.net
2 ad.sxp.smartclip.net 1 redirects googleads.g.doubleclick.net
2 cm.adsafety.net 2 redirects
2 ads.smartstream.tv 2 redirects
2 gum.criteo.com static.criteo.net
gum.criteo.com
2 google-bidout-d.openx.net 1 redirects oa.openxcdn.net
2 indotoursadventures.com folkd.com
2 apkainterior.s3.amazonaws.com folkd.com
2 region1.google-analytics.com www.googletagmanager.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 cdn.confiant-integrations.net monu.delivery
cdn.confiant-integrations.net
2 www.clarity.ms folkd.com
www.clarity.ms
2 fonts.googleapis.com folkd0612.bubbleapps.io
hal90005.redintelligence.net
1 c.bing.com 1 redirects
1 ap.lijit.com 1 redirects
1 ct.conrad.ch hal90005.redintelligence.net
1 sync.aniview.com folkd.com
1 rtb-csync.smartadserver.com folkd.com
1 usr.undertone.com folkd.com
1 tr.blismedia.com folkd.com
1 cm.adgrx.com folkd.com
1 cs.minutemedia-prebid.com folkd.com
1 s2s.t13.io folkd.com
1 ssc-cms.33across.com folkd.com
1 cs.yellowblue.io folkd.com
1 visitor.omnitagjs.com folkd.com
1 ums.acuityplatform.com 1 redirects
1 t23.intelliad.de fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
1 www.conrad.ch folkd.com
1 sync.outbrain.com folkd.com
1 match.deepintent.com fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
1 exchange.mediavine.com folkd.com
1 id.rlcdn.com fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
1 s.seedtag.com folkd.com
1 match.sharethrough.com folkd.com
1 sync.ipredictive.com 1 redirects
1 live.primis.tech folkd.com
1 prebid.a-mo.net folkd.com
1 px.ads.linkedin.com folkd.com
1 fksnk.com 1 redirects
1 google.partners.tremorhub.com 1 redirects
1 cms.quantserve.com fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
1 a.rfihub.com 1 redirects
1 ssum-sec.casalemedia.com 1 redirects
1 ads.travelaudience.com 1 redirects
1 ad.doubleclick.net fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
1 partners.tremorhub.com googleads.g.doubleclick.net
1 sync-eq.ads.yieldmo.com ads.yieldmo.com
1 contextual.media.net 1 redirects
1 aa.agkn.com ads.yieldmo.com
1 sync-iqzone.ads.yieldmo.com ads.yieldmo.com
1 xsync.iqzone.com 1 redirects
1 idsync.rlcdn.com ads.yieldmo.com
1 sync-adform.ads.yieldmo.com ads.yieldmo.com
1 stags.bluekai.com ads.yieldmo.com
1 sync-beeswax.ads.yieldmo.com ads.yieldmo.com
1 cs.admanmedia.com ads.yieldmo.com
1 rtb.adentifi.com ads.yieldmo.com
1 sync-openx.ads.yieldmo.com ads.yieldmo.com
1 u.openx.net 1 redirects
1 sync-pm.ads.yieldmo.com ads.yieldmo.com
1 image4.pubmatic.com 1 redirects
1 pixel-eu.rubiconproject.com 1 redirects
1 beacon-ams3.rubiconproject.com fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
1 ad.yieldlab.net googleads.g.doubleclick.net
1 eu-u.openx.net google-bidout-d.openx.net
1 turkeyyachtrentals.com folkd.com
1 substackcdn.com folkd.com
1 www.bigacrylic.com folkd.com
1 fallandfallow.com folkd.com
1 www.novalabcardiac.com folkd.com
1 everlighten.com folkd.com
1 alliance-11536.kxcdn.com folkd.com
1 esp.rtbhouse.com folkd.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 oajs.openx.net folkd.com
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 m.stripe.com m.stripe.network
1 www.googletagmanager.com folkd.com
1 www.folkd.com 1 redirects
0 sync-dmp.aura-dsp.com Failed fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
1054 182
Subject Issuer Validity Valid
folkd.com
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-05 -
2024-05-04		 a year crt.sh
*.monu.delivery
Sectigo RSA Domain Validation Secure Server CA		 2023-02-23 -
2024-03-25		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-30 -
2024-01-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-29 -
2024-08-29		 a year crt.sh
*.n7.xano.io
R3		 2023-10-04 -
2024-01-02		 3 months crt.sh
bubble.io
Cloudflare Inc ECC CA-3		 2023-11-16 -
2024-11-15		 a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-10-09 -
2024-01-18		 3 months crt.sh
confiant-integrations.net
GTS CA 1P5		 2023-09-20 -
2023-12-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-05 -
2024-01-18		 3 months crt.sh
imps.monu.delivery
GTS CA 1D4		 2023-11-13 -
2024-02-11		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-09-25 -
2023-12-24		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-11-08 -
2024-02-06		 3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-03		 9 months crt.sh
*.kxcdn.com
Thawte TLS RSA CA G1		 2023-06-23 -
2024-07-23		 a year crt.sh
everlighten.com
R3		 2023-09-27 -
2023-12-26		 3 months crt.sh
indotoursadventures.com
cPanel, Inc. Certification Authority		 2023-10-26 -
2024-01-24		 3 months crt.sh
novalabcardiac.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-10 -
2024-05-09		 a year crt.sh
fallandfallow.com
cPanel, Inc. Certification Authority		 2023-10-04 -
2024-01-02		 3 months crt.sh
bigacrylic.com
cPanel, Inc. Certification Authority		 2023-09-18 -
2023-12-17		 3 months crt.sh
substackcdn.com
Amazon RSA 2048 M02		 2023-03-14 -
2024-04-12		 a year crt.sh
turkeyyachtrentals.com
GTS CA 1P5		 2023-09-25 -
2023-12-24		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
protected-by.clarium.io
Amazon RSA 2048 M03		 2023-11-16 -
2024-12-15		 a year crt.sh
static.yieldmo.com
Amazon RSA 2048 M02		 2023-05-21 -
2024-06-18		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
kinesis.us-east-1.amazonaws.com
Amazon RSA 2048 M01		 2023-03-08 -
2024-03-07		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-04 -
2024-04-21		 a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-04-20 -
2024-05-21		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-09-07 -
2024-09-29		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
redintelligence.net
R3		 2023-10-10 -
2024-01-08		 3 months crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
www.conrad.ch
Cloudflare Inc ECC CA-3		 2023-03-17 -
2024-03-16		 a year crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
*.intelliad.de
Thawte TLS RSA CA G1		 2023-07-31 -
2024-08-30		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-10-04 -
2024-01-02		 3 months crt.sh

This page contains 104 frames:

Primary Page: https://folkd.com/
Frame ID: 07B1C3871D3DBEF4870B800B565A12A3
Requests: 218 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: FF08F08EF2F92003A3B7147CCD83EDAE
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: A0AEE293F5996458C0C35635F78D6D64
Requests: 4 HTTP requests in this frame

Frame: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Frame ID: 82B195F84F1DBDFB94B22B3F528084D6
Requests: 1 HTTP requests in this frame

Frame: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 72A56E067BDA0E83FF09C11EF1FC75AA
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Frame ID: E7D259D9F0ACC953399174DEAFA4FDA0
Requests: 6 HTTP requests in this frame

Frame: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B063107715CB88B99CD2AD78AA1C221C
Requests: 44 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=folkd.com
Frame ID: 9246FAEC8F0A3BC5F4E765CBC6C2258D
Requests: 2 HTTP requests in this frame

Frame: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DEB4B22559A3ED1AD134E93576F34D27
Requests: 36 HTTP requests in this frame

Frame: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FD3AB67478B054C0ED74A30F1DBD3EA5
Requests: 36 HTTP requests in this frame

Frame: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F7F0B45352DA307659AA16E6453ECC48
Requests: 36 HTTP requests in this frame

Frame: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 60639071416248A6ED0B55E17913D9F7
Requests: 33 HTTP requests in this frame

Frame: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C9B33A583E53EAA834808AB973F07304
Requests: 36 HTTP requests in this frame

Frame: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 63919D54B595784922AAB45C4E974195
Requests: 36 HTTP requests in this frame

Frame: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C48ED41B18097A943AC2B32A79060C50
Requests: 21 HTTP requests in this frame

Frame: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A7408E1CD88D1F828B673EB206BFDF36
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGOXS1voBMAE&v=APEucNUhp3iJKyaK9BHAqRIe5CrQy8Aj0QgRknqoO111E4GaqlEz1kn_bCkgyrSV3mbFl5kQ5jrnkWTUScH9VxVQCSYzf7O29G-Kg9C1f0U0dcS_MHRC1aU
Frame ID: 69D34E603E5AD95B5799CC4A29C117AD
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGOXS1voBMAE&v=APEucNUGUV6SeJ9kA3MLnFNWJNzA2QZE1I2vvaTxEKLKPC057OMRtu786wMLrnse4hV5zSH59VHtbKqpMgO2rC3sKpbpsQTEl7V3bRFj4wAoaqtLraw8_H0
Frame ID: 77730F6391AE0A31DCB878AF0FACCDAC
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGOXS1voBMAE&v=APEucNWLqJOKGvxTVVncG64Er8BsAlgkyLnw_mjbNgOXuakI4bxPlviphAQqlDR1GGNxxmKEAqlSazHLn7VNvPaAUgjZalr5uDbGhwqLf8ENO5puFLOLC2g
Frame ID: EEE02963B6097F404056AD36810DF953
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGOXS1voBMAE&v=APEucNUvhgIRcDireww9JybqCUQbz5hFKCh_FzGk9fetEg85grXXy-L7Bxanwx4qj0I353TyPWEMmBOCtEavFYLcSNBqLtpa0BLJ6Z8aGszfdRH1l8Jk7Uk
Frame ID: 93FAD8BAF408C3AC37EC06A7F31DBA33
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGOXS1voBMAE&v=APEucNXDMjfm7qx0706so6P1faVquYfujxA2gQP12GrWiJmRKHScFMprymUE_xigDnGLWSqUv6M0EHZePF7jywAJIMi4P_5M3xEoYp_WXAW6qNf8gOgH5W4
Frame ID: A143F6C7A2E0143C5173ADFB275353A2
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiZyYjGATAB&v=APEucNXFQzo8fe-9aiSKUxQS03VldIi5qQKspew5UQfEQZDGBZD2reM7xQkZW47vZ5vdNabEdBOwH8fYWMkPGVuQbedIZnFIow
Frame ID: 1F4A443CB51A9AF41CDAF7C4FEA0948C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGJriivoBMAE&v=APEucNUVoi76mDDHo7QFi9cpSC19AGpTaKbBt7YyINgdNNH9iT3AdjA1pZ5TwaSiuHNtyFGqoqTivuqv73ddUDxxqsM-g3FAp0dwdxh0gKsHtvohmCRGh0E
Frame ID: 0E41EA09ECD517D354E977A29C4085BA
Requests: 4 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 22BE9DE078179B8A5C6DDC9C9D8071DA
Requests: 32 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: DA06A228C3201B9590476F8AEDCAF333
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: C68C4DC5352E210CDA685DBA31B2A1AE
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 4D35DA4D7A8B4D1B07B4B61476720650
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: F81DD381ACEC81E34E6C928E4E5BBBD4
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 25B96918CC0865622622E99262CEB994
Requests: 1 HTTP requests in this frame

Frame: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AFD5B13EB7C6EA54A4C115ACEA9CAC74
Requests: 52 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 99D5BB0FC4A798D4D3B76F6C5CC3717F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGJriivoBMAE&v=APEucNU5b0Zee4cCYWyJcTJdx8lPvTEikcnR3fP5eTnJONaTD__xy3EpUTUKWy6GgJ65RUMzLt2N7SOy6_9ifPUcK_1O_BZItwyiIWuUyD1QgWywiN7HO6I
Frame ID: 7A56C54568E718990D7999D14465613A
Requests: 4 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: D8D7830B42250F957FC80176974516E3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 96BEF52B4BEC981519D798CBC760FBCF
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 89BCEC39C5098B891F63D1783EF2DEE6
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F72D60F38EF33C024737C6ACBEBBFBDA
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F05A461D0EA931C8E9236F899AE2B6FB
Requests: 9 HTTP requests in this frame

Frame: https://static.yieldmo.com/images/ad-choices.svg
Frame ID: B8EE80C55BC339F3E81F58DBE9FAA707
Requests: 1 HTTP requests in this frame

Frame: https://static.yieldmo.com/images/ad-choices.svg
Frame ID: EEAEB1320DE0A9B024EEB166909ABE8B
Requests: 1 HTTP requests in this frame

Frame: https://static.yieldmo.com/images/ad-choices.svg
Frame ID: 8465CBD098EDB24E3A4141E23C5571D9
Requests: 1 HTTP requests in this frame

Frame: https://static.yieldmo.com/images/ad-choices.svg
Frame ID: 7DE7A4E24ADB455EC6E5545680F45BDF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A791BEE1E6981C75943AC4F6038B3798
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=ch
Frame ID: DCD409E86C4EF53A95FEDA8D304A8B11
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6C1ADB92151CCBDB38924C1FB2F98DB0
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=ch
Frame ID: B13B14E2A1E4CA85808935DD6EC1D92A
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1B3F5F1CE90B6391AA7B744C3BB979B0
Requests: 9 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 5E394A6AFD3171CEA96C5742D128BD7C
Requests: 1 HTTP requests in this frame

Frame: https://static.yieldmo.com/images/ad-choices.svg
Frame ID: 08C9F3035879ECB921A8634009CCF0EC
Requests: 1 HTTP requests in this frame

Frame: https://static.yieldmo.com/images/ad-choices.svg
Frame ID: 8CF3E229CAD15BE4B8C75C99A0A9B28D
Requests: 1 HTTP requests in this frame

Frame: https://static.yieldmo.com/images/ad-choices.svg
Frame ID: E5BB348B6D045411340083B23282CB85
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=ch
Frame ID: C981411AB7B2F54CCB7A92AB0F1CC3C6
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 37BA49DA3F76122A3105E326E24E4D1F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 1CC5605C42839435B1FBB642A8D287DA
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: DA2A8F670D2F29DBD5EFABF9D6ABEB97
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 05D4C975355E733D2B3D2DC9205AB882
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 43972A04933586E7AE5ACF5C3AE0E128
Requests: 3 HTTP requests in this frame

Frame: https://static.yieldmo.com/images/ad-choices.svg
Frame ID: 3DC7AA365B730DCC772AF61A8DF693BF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E400147F7C126FE4A01B04029C58B8A5
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B2FCDDBC359CD2F8C3C4A789A5B79D99
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: A49FE18569986AD56851C4232BDD24C9
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=ch
Frame ID: 18B0C40C241CE1AFCD6765C48BDA5410
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 160640B4FE75F0BFC03783FA03325236
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12403473053583933440/CH-DE_Options_Product_Range-1-DECH-728x90-638330546660072439-8f797ce9-0fac-42dc-a7b3-b732475546d3.html?ev=01_250
Frame ID: F0B89697BA365B442F9B88A1DFC9F730
Requests: 9 HTTP requests in this frame

Frame: https://static.yieldmo.com/images/ad-choices.svg
Frame ID: 9EEE83383DFAF9B56C101B094B2CE91E
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff_I4mAAAAAGHfEhhVXeU12QZE9z2mPvtEr2BI&co=aHR0cHM6Ly9mb2xrZC5jb206NDQz&hl=de-CH&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=normal&cb=ad3usnoadv8t
Frame ID: 6CDB04F752F9B979A354534F170C5B28
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4861987547447820288/CH_DE_Price_Gold-1-ENCH-728x90-638330544809535212-9013d0e8-9e15-487f-a049-f6d6eac29397.html?ev=01_250
Frame ID: FB585BF92D69C62987F9EBBAFA6116ED
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18180890864186818560/CH-DE_FX_Productrange-2-DECH-728x90-638330545160052832-df08ecc5-0d94-4367-9809-0dfd7fcec4ca.html?ev=01_250
Frame ID: 017ED4F0857B872DC3A483F8C1B628FB
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12403473053583933440/CH-DE_Options_Product_Range-1-DECH-728x90-638330546660072439-8f797ce9-0fac-42dc-a7b3-b732475546d3.html?ev=01_250
Frame ID: 20F0B8116AD493653365AC0827840CDC
Requests: 9 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2135726/13004046/13004046.js?ADFassetID=13004046&bv=257
Frame ID: F44B133456F4F5F4FE0CC392A596FC8C
Requests: 10 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18180890864186818560/CH-DE_FX_Productrange-2-DECH-728x90-638330545160052832-df08ecc5-0d94-4367-9809-0dfd7fcec4ca.html?ev=01_250
Frame ID: 5DA7E81A43BA342AAB8B4EAB14FDB335
Requests: 9 HTTP requests in this frame

Frame: https://www.conrad.ch/ztpv.php?awc=11467_414915_1700299596_920ddac0-85f4-11ee-819e-22341370d01f&insert=AW&gdpr=&gdpr_consent=
Frame ID: D77248BFD442B429FF1D7A1D20D768E5
Requests: 1 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2476255&v=15168&q=372492&r=414915&pref1=20504700034430604438266012512005&pv=1
Frame ID: AF6CAC8DE09A9270A818B893D78AB46D
Requests: 1 HTTP requests in this frame

Frame: https://hal90005.redintelligence.net/request_content.php?s=20504700034430604438266012512005&a=63a9d708
Frame ID: D130E54F1BDEECD0E9E9B06C8F40269C
Requests: 6 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17177723152520708096/CH-EN_CFD_Price-1-Singapore-728x90-638326037557461764-6116462f-2685-4f3a-a48c-89017f79f1b9.html?ev=01_250
Frame ID: F02C118C131CD5E28872FFFC16118218
Requests: 8 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2135726/13004046/13004046.js?ADFassetID=13004046&bv=257
Frame ID: 408C28D54DA3960DE882652B0B8EAE69
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 7E2EB054D11E5445F180C75F77F65FC8
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F0DA5D346FE74727FC9DD42FD307CB42
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/878616523147575296/CH-EN_Options_Core_Messaging-1-Global-300x600-638325444140859338-7a0e12a8-cfa6-4117-9cfc-18a44ed9c9bc.html?ev=01_250
Frame ID: 0461543002EDFCCE0F942AC6DC56CDB7
Requests: 9 HTTP requests in this frame

Frame: blob://https://s0.2mdn.net/538c0772-f28f-4a0b-97dc-fbd24e1b526f
Frame ID: 5EA871A9E002C7A4EA08F368EE08F932
Requests: 1 HTTP requests in this frame

Frame: blob://https://s0.2mdn.net/ec737c6a-25e6-497a-9ded-1c43e15642eb
Frame ID: 4269AD8C99CFED6FDB82B7A0B5F003A6
Requests: 1 HTTP requests in this frame

Frame: blob://https://s0.2mdn.net/d9fabcc9-497e-4a1e-ab01-51c3e643d516
Frame ID: 4FCB29D047AA56A66AAF928D3AD60173
Requests: 1 HTTP requests in this frame

Frame: blob://https://s0.2mdn.net/be2980ce-4959-43dd-8d2a-9d85ab138665
Frame ID: 456F52EE4E2D8C3E018D6F15FF8BAB20
Requests: 1 HTTP requests in this frame

Frame: blob://https://s0.2mdn.net/1a71cb57-d036-48f2-9b53-f1df80473e63
Frame ID: 6D81328CE3A444CB3C4546EB08AB8494
Requests: 1 HTTP requests in this frame

Frame: blob://https://s0.2mdn.net/a2b52c81-bf12-49b5-87a1-55bc9f7af3b6
Frame ID: 5A78F8BC780679387C922627A5904E58
Requests: 1 HTTP requests in this frame

Frame: blob://https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/b6137fc8-12d7-4db3-97ab-4d47eadd977f
Frame ID: 79809275B9C5E09375B64977A4BF76EF
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de-CH&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6Lff_I4mAAAAAGHfEhhVXeU12QZE9z2mPvtEr2BI
Frame ID: 26C7EE21695A21102AA65D0E56E1CAFA
Requests: 3 HTTP requests in this frame

Frame: blob://https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/7046f908-de65-4872-8fc8-2c26315ccfd4
Frame ID: BB5A3C4BB7D41C2FE551B4E69CBBDB5B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9F1B92E68153AC210768559F141259A8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5FFDA41F4CB52221A1256C74140BD3A5
Requests: 2 HTTP requests in this frame

Frame: blob://https://s0.2mdn.net/1e783f53-b502-4586-9ae1-007c7c9f4817
Frame ID: 57EA691808C0991D23A7D3BFF98DDF30
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/021777fe-341b-416a-97a2-eb2576dc6474.svg
Frame ID: F5AF3414CE548883E093E23E58E10AB5
Requests: 7 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/9385cbed-00ad-4793-94f1-014c2e89e9b8.svg
Frame ID: BB69B1F28930FE202E046C6FB1E70A0D
Requests: 4 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/9385cbed-00ad-4793-94f1-014c2e89e9b8.svg
Frame ID: 34FC71CAAB9D8C5FB698BA0ABB3003F8
Requests: 5 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/9385cbed-00ad-4793-94f1-014c2e89e9b8.svg
Frame ID: 24DE1C353BF4C8ABC2842C3CABED4CBD
Requests: 4 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/9385cbed-00ad-4793-94f1-014c2e89e9b8.svg
Frame ID: 5543F47A121BEE0B1EEF26C2DD303EB3
Requests: 5 HTTP requests in this frame

Frame: https://shared.bannerflow.com/libs/lottie/lottie.min.js
Frame ID: 854910469E0CDB29B42A907F69CC9001
Requests: 1 HTTP requests in this frame

Frame: https://shared.bannerflow.com/libs/lottie/lottie.min.js
Frame ID: B702724D4D470C21AFA0026DB1DDEE4E
Requests: 1 HTTP requests in this frame

Frame: https://shared.bannerflow.com/libs/lottie/lottie.min.js
Frame ID: 01FC35701339F81D34805D115AFCFEAF
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/9385cbed-00ad-4793-94f1-014c2e89e9b8.svg
Frame ID: 2762F835AF430B2C46E68E02CE7D89CE
Requests: 5 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsaxo-bank%2F5a0d3b1088665f7354f5da6c%2Fimages%2F9f0ed779-182e-4c28-adce-8e9c63d05cba.png&w=218&h=226&q=99&f=webp&rt=contain
Frame ID: AFAC39710C93056EE9C969FC24688607
Requests: 5 HTTP requests in this frame

Frame: https://c.bannerflow.net/bf-videos/6305e2467f19035908ad8e22/Saxo_AO_FX_Mobile_6Screens_1-595dffe281e44ac59f6b6cbf6e90b15a.webm
Frame ID: E4A5F197D1C555E8B6050793E1F65FED
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsoft2bet%2F63e10827ee6588a96cb203e2%2Fimages%2F99778680-4e27-4687-a836-22e7b38772e6.png&w=728&h=90&q=85&f=webp&rt=cover&x1=0&y1=512&x2=3164&y2=903
Frame ID: D4B2906DD2A7F4744320B736C6025EF7
Requests: 4 HTTP requests in this frame

Frame: https://c.bannerflow.net/bf-videos/6305e2467f19035908ad8e22/Saxo_AO_FX_Mobile_6Screens_1-595dffe281e44ac59f6b6cbf6e90b15a.webm
Frame ID: A5EFB2A7306C8F9F467FD69C5DA66042
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsoft2bet%2F63e10827ee6588a96cb203e2%2Fimages%2F99778680-4e27-4687-a836-22e7b38772e6.png&w=728&h=90&q=85&f=webp&rt=cover&x1=0&y1=512&x2=3164&y2=903
Frame ID: 10B3A0608A5171CAFDFBC8B72B0742C1
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Folkd | Home

Page URL History Show full URLs

  1. https://www.folkd.com/submit/msglomi.com/bbs/board.php?bo_table=shoparea&state1=%EC%84%9C%EC%9A%B8... HTTP 307
    https://folkd.com/submit/msglomi.com/bbs/board.php?bo_table=shoparea&state1=%EC%84%9C%EC%9A%B8... HTTP 301
    https://folkd.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

1054
Requests

83 %
HTTPS

0 %
IPv6

126
Domains

182
Subdomains

120
IPs

15
Countries

15227 kB
Transfer

36770 kB
Size

177
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.folkd.com/submit/msglomi.com/bbs/board.php?bo_table=shoparea&state1=%EC%84%9C%EC%9A%B8&state2=%EC%84%B1%EB%B6%81/ HTTP 307
    https://folkd.com/submit/msglomi.com/bbs/board.php?bo_table=shoparea&state1=%EC%84%9C%EC%9A%B8&state2=%EC%84%B1%EB%B6%81/ HTTP 301
    https://folkd.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 109
  • https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/m1QSTiARpsIqLV2hv8UT1QvWcu8/XgYFfQ../Alliance+Logo.png HTTP 303
  • https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/m1QSTiARpsIqLV2hv8UT1QvWcu8/XgYFfQ../Alliance%20Logo.png
Request Chain 113
  • https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/SIS_C_cghKTIufXnH2iHKIozqzk/mAPCew../imgpsh_fullsize_anim+%2840%29.jpg HTTP 303
  • https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/SIS_C_cghKTIufXnH2iHKIozqzk/mAPCew../imgpsh_fullsize_anim%20%2840%29.jpg
Request Chain 123
  • https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/_XBg19V66Ye09gUMGf4BI0Z9lWo/tFityw../Cardiac+logo2.png HTTP 303
  • https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/_XBg19V66Ye09gUMGf4BI0Z9lWo/tFityw../Cardiac%20logo2.png
Request Chain 130
  • https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/_Z2XjDaDMcbWLJ0DTTmEooBDNYU/-hYzXA../Logo.png HTTP 303
  • https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/_Z2XjDaDMcbWLJ0DTTmEooBDNYU/-hYzXA../Logo.png
Request Chain 209
  • https://google-bidout-d.openx.net/w/1.0/pd?plm=5 HTTP 302
  • https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Request Chain 214
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3216836833839915637
Request Chain 215
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=137abedb-edf6-8c61-8fa4-c53f19d55588 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=137abedb-edf6-8c61-8fa4-c53f19d55588&dcc=t
Request Chain 218
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGNX44yRl-Bn2F24BARhufI&google_cver=1
Request Chain 334
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESEED6INo9-3DJ-dWeBXvuZx0&google_cver=1 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEED6INo9-3DJ-dWeBXvuZx0&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=70c99497079bc5780b34933ab779e2bb&uid=70c99497079bc5780b34933ab779e2bb&data[stv][idt_did_status]=added&gdpr_consent=&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Request Chain 336
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESEED6INo9-3DJ-dWeBXvuZx0&google_cver=1 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEED6INo9-3DJ-dWeBXvuZx0&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=70c99497079bc5780b34933ab779e2bb&uid=70c99497079bc5780b34933ab779e2bb&data[stv][idt_did_status]=added&gdpr_consent=&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Request Chain 338
  • https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEEo6ERVL2ClrvEeYd1EMHV4&gdpr=0&google_cver=1 HTTP 302
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEEo6ERVL2ClrvEeYd1EMHV4&gdpr=0&google_cver=1&ang_testid=1
Request Chain 339
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEHQ9KRGYAgPpDbxWcssOSeI&google_cver=1&gdpr=0
Request Chain 406
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&gdpr=0 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEBisJp95zxnqMOPTj0tpo3o&gdpr=0&google_cver=1
Request Chain 407
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=b19jbWMtTXNBTnc
Request Chain 408
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAHZzm7sfcsJPoxFrphqC5k&google_cver=1&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAHZzm7sfcsJPoxFrphqC5k&google_cver=1&gdpr=0&C=1
Request Chain 409
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZViDSBAZuaAbVWgtJXAc-QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAHZzm7sfcsJPoxFrphqC5k&google_cver=1
Request Chain 410
  • https://bh.contextweb.com/bh/rtset?pid=561118&ev=1&rurl=https%3a%2f%2fads.yieldmo.com/v000/sync?userid=%%VGUID%%&pn_id=pp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy= HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=FJM5RlkxxPgD&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
Request Chain 411
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fuserid%3D%24UID%26pn_id%3Dan HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=7815611394653132251&pn_id=an
Request Chain 412
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=3F7MnYYKKoY4yLG5eaIH HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=3F7MnYYKKoY4yLG5eaIH
Request Chain 413
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LP3UH1V1-21-638U
Request Chain 416
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEFCO-CToApRkAG5HCqeWnZo&google_cver=1
Request Chain 417
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&zcc=1&cb=1700299592910 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=161011386 HTTP 302
  • https://sync.1rx.io/usersync/turn/7427790401613152250?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-906d15be-1972-4e9d-bd7d-18ae1ca45bb1-003?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-906d15be-1972-4e9d-bd7d-18ae1ca45bb1-003 HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-906d15be-1972-4e9d-bd7d-18ae1ca45bb1-003
Request Chain 418
  • https://ups.analytics.yahoo.com/ups/58529/sync?_origin=1&uid=3F7MnYYKKoY4yLG5eaIH&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58529/sync?_origin=1&uid=3F7MnYYKKoY4yLG5eaIH&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58259&ovsid=3F7MnYYKKoY4yLG5eaIH&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1EQjBNY2FKRTJ1R3h2Sm5JMGJXR29IVjZLT3NabHZ0Ln5B&ovsid=3F7MnYYKKoY4yLG5eaIH&dpid=58259
Request Chain 420
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Mzc5MzE2OTAtQUZFRC00OTcyLThFOTUtMDM1NzQzMkRGNDAz&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D37931690-AFED-4972-8E95-0357432DF403%26gdpr%3D0%26gdpr_consent%3D&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=37931690-AFED-4972-8E95-0357432DF403&gdpr=0&gdpr_consent=
Request Chain 421
  • https://dis.criteo.com/dis/usersync.aspx?r=55&p=104&cp=yieldmo&cu=1&url=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dcriteo%26id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=criteo&id=3f3b5356-533f-4497-a176-93f407a9c77d
Request Chain 422
  • https://u.openx.net/w/1.0/cm?id=d4c5257e-828d-4b73-90b8-97929e02d6c9&r=https%3A%2F%2Fsync-openx.ads.yieldmo.com%2Fsync%3Fpn_id%3Dopenx%26id%3D HTTP 302
  • https://sync-openx.ads.yieldmo.com/sync?pn_id=openx&id=2fa751bb-6358-0dba-12cf-5bc68d0d8bf6
Request Chain 423
  • https://sync.srv.stackadapt.com/sync?nid=21 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=ICU9rQacXFJ_CB5fi3yQN1LFoQQ&gdpr=&gdpr_consent=
Request Chain 425
  • https://x.bidswitch.net/sync?ssp=yieldmo HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=yieldmo&ssp_user_id=c6bdb680-a140-4ff6-91da-0f9909356df6&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-lVvx8YhE2pmAyHE.TU7h1u2jqB7uWep4OKgYCA--~A&expires=5&ssp=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?userid=c6bdb680-a140-4ff6-91da-0f9909356df6&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
Request Chain 426
  • https://yieldmo-match.dotomi.com/match/bounce/current?networkId=42851&version=1 HTTP 302
  • https://yieldmo-match.dotomi.com/match/bounce/current?DotomiTest=392fd97937c3165c&is_secure=true&networkId=42851&version=1 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=eps&id=AAAH_a2zdIOBtgMm6UK2AAAAAAA&expiration=1700385993&is_secure=true
Request Chain 429
  • https://match.prod.bidr.io/cookie-sync/mo HTTP 303
  • https://match.prod.bidr.io/cookie-sync/mo?_bee_ppp=1 HTTP 303
  • https://sync-beeswax.ads.yieldmo.com/sync?pn_id=beeswax&ext=1&id=AABcLU7KsQcAABQNiJcdwQ
Request Chain 430
  • https://rtb.mfadsrvr.com/sync?ssp=yieldmo HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=yieldmo HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=f8528bcd-c48c-4b08-b45f-da71def8b187&gdpr=&gdpr_pd=&gdpr_consent=
Request Chain 432
  • https://c1.adform.net/serving/cookie/match?party=1283 HTTP 302
  • https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=3216836833839915637
Request Chain 434
  • https://csync.loopme.me/?pubid=11479&redirect=https%3A%2F%2Fads.yieldmo.com%2Fsync%3Fpn_id%3Dloopme%26id%3D%7Bviewer_token%7D HTTP 307
  • https://ads.yieldmo.com/sync?pn_id=loopme&id=8da16270-01e1-4ae9-a9ef-e6d3929feadd
Request Chain 435
  • https://xsync.iqzone.com/psync?t=s&e=366&cb=https%3A%2F%2Fsync-iqzone.ads.yieldmo.com%2Fsync%3Fpn_id%3Diqzone%26id%3D%25USER_ID%25 HTTP 307
  • https://sync-iqzone.ads.yieldmo.com/sync?pn_id=iqzone&id=67f036af-1246-4bd1-8134-e3f3f56ed685
Request Chain 436
  • https://b1sync.zemanta.com/usersync/yieldmo/?cb=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dz%26userid%3D__ZUID__ HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=z&userid=
Request Chain 438
  • https://contextual.media.net/cksync.php?cs=3&type=yld&ovsid=setstatuscode&redirect=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dmnt%26userid%3D%3Cvsid%3E HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=mnt&userid=0000EEA
Request Chain 440
  • https://ssbsync.smartadserver.com/api/sync?callerId=71&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-eq.ads.yieldmo.com/sync?pn_id=eq&id=1294189168542668504&gdpr=0&gdpr_consent=
Request Chain 441
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEDYWitnWINw5q_UD8qWYkKE&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEDYWitnWINw5q_UD8qWYkKE%26google_cver%3D1
Request Chain 442
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzgxNTYxMTM5NDY1MzEzMjI1MQ%3D%3D
Request Chain 443
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEMbXU6sbdZfdGYRDnzzzEnU&google_cver=1
Request Chain 444
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWI4NzliMTFhOGRmMzJhZjUwMGM3NGIxODdmMDA1MGFkMjIyYTgzNg&gdpr=0
Request Chain 445
  • https://x.bidswitch.net/syncd?dsp_id=16&user_group=1&gdpr=0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dbidswitch_dbm%26google_hm%3D%24%7BBSW_UID_ENCODED%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=16&user_group=1&gdpr=0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dbidswitch_dbm%26google_hm%3D%24%7BBSW_UID_ENCODED%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_hm=YzZiZGI2ODAtYTE0MC00ZmY2LTkxZGEtMGY5OTA5MzU2ZGY2
Request Chain 446
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGNX44yRl-Bn2F24BARhufI&google_cver=1&gdpr=0
Request Chain 447
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjdjMzExNmMtMzgyYi02OTNmLTVhNGEtMWQxMWJiMDQ1MDA4
Request Chain 448
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGNX44yRl-Bn2F24BARhufI&google_cver=1
Request Chain 449
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjdjMzExNmMtMzgyYi02OTNmLTVhNGEtMWQxMWJiMDQ1MDA4
Request Chain 450
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEOqBnbxCNY9tKTgQCqfAM-4&google_cver=1
Request Chain 451
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NmU0MzM4ZjAtMzIzNi00ZjA1LWEyNTgtNTMwMDg3ZjUwNjIx
Request Chain 540
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&piggybackCookie=CAESEPQI7RhhaJHuf_tinkwX-uw&google_cver=1
Request Chain 541
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&p=360&gdpr=0&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpubmatic%26google_hm%3D%23%23B64_PM_UID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Mzc5MzE2OTAtQUZFRC00OTcyLThFOTUtMDM1NzQzMkRGNDAz&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 542
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://partners.tremorhub.com/sync?UIGL=CAESEGm5rVnV3awTQ2zO-Trmu5E&google_cver=1&gdpr=0
Request Chain 595
  • https://d5p.de17a.com/cookies/google?google_gid=CAESENBEHDh0raE0Y77ecHs4djE&google_cver=1&google_push=AXcoOmTy1qLBjsdcLC3RETYz4X_74DnMoCUeC8CrpP3gHshQh0G1ISCGQoPjeEVEp3q2UkYUBWSWm2-Bnu2r9BRs8LmZmfjIPugifw HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESENBEHDh0raE0Y77ecHs4djE&google_cver=1&google_push=AXcoOmTy1qLBjsdcLC3RETYz4X_74DnMoCUeC8CrpP3gHshQh0G1ISCGQoPjeEVEp3q2UkYUBWSWm2-Bnu2r9BRs8LmZmfjIPugifw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTy1qLBjsdcLC3RETYz4X_74DnMoCUeC8CrpP3gHshQh0G1ISCGQoPjeEVEp3q2UkYUBWSWm2-Bnu2r9BRs8LmZmfjIPugifw
Request Chain 596
  • https://rtb.openx.net/sync/dds?google_gid=CAESEMmFmAcRjOzs6nRuw_7GY58&google_cver=1&google_push=AXcoOmQqD8CXMUKgv7YhDIJIFt_RxWL5FL6QpzXSnvnIUnD6Xy2OjynZKVFoQF07lNnZJw3TMHdz3GCPxniEc3PPEGZ-pqpLoWG7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQqD8CXMUKgv7YhDIJIFt_RxWL5FL6QpzXSnvnIUnD6Xy2OjynZKVFoQF07lNnZJw3TMHdz3GCPxniEc3PPEGZ-pqpLoWG7&google_hm=lPpImljajrWp3gsfov-k0g==
Request Chain 597
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEKtHDjLbEaYfQ-uknYEcsx0&google_cver=1&google_push=AXcoOmTCWCcsnuRin-SBSnDDOV_jlPE3lqv_70yZi3tqB1WukfAhpFUbwxAh98dEn2WrAz6zgS4aGAnHIDScPWh-lORwpBCJuT53 HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEKtHDjLbEaYfQ-uknYEcsx0&google_push=AXcoOmTCWCcsnuRin-SBSnDDOV_jlPE3lqv_70yZi3tqB1WukfAhpFUbwxAh98dEn2WrAz6zgS4aGAnHIDScPWh-lORwpBCJuT53&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTCWCcsnuRin-SBSnDDOV_jlPE3lqv_70yZi3tqB1WukfAhpFUbwxAh98dEn2WrAz6zgS4aGAnHIDScPWh-lORwpBCJuT53&google_hm=OXBzTVp5WmdXUkJxaEw2NHo5bGg=
Request Chain 598
  • https://sync.inmobi.com/gob?google_gid=CAESENXWFYm1fltxLvD4-wOG8AY&google_cver=1&google_push=AXcoOmSuD8H-O_yp4Bfo54sqFtq94XB7DKOMNAKHY7eVR1muiR9D25sPecIxBzZ52Jga1rBTtmpCdaAR8zYkd9EeOVYv_qLrCq8JAIQ HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSuD8H-O_yp4Bfo54sqFtq94XB7DKOMNAKHY7eVR1muiR9D25sPecIxBzZ52Jga1rBTtmpCdaAR8zYkd9EeOVYv_qLrCq8JAIQ
Request Chain 599
  • https://an.yandex.ru/mapuid/google/CAESEAwBoCsGQhD4qcMMpnB2LFg?ext-param=AXcoOmRhEeRCktnruh8RlzV1RajhJ1IU1bOeqHlzgDyHrNSVRDwsn_uoLbXeIJ9xJ9kpVRce265ULko8WL1AH6k5gCSZn3XXR94Tfmg&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEAwBoCsGQhD4qcMMpnB2LFg?redir-setuniq=1&ext-param=AXcoOmRhEeRCktnruh8RlzV1RajhJ1IU1bOeqHlzgDyHrNSVRDwsn_uoLbXeIJ9xJ9kpVRce265ULko8WL1AH6k5gCSZn3XXR94Tfmg&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEAwBoCsGQhD4qcMMpnB2LFg&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 600
  • https://trace.mediago.io/cs/google?google_gid=CAESEJkAPqh_G8yp9t2icYv_zqM&google_cver=1&google_push=AXcoOmRTrkD4ErB53OgvKhugLxiyd2icQZiigBkw7sNCt8zRAe0iIohFAMqMMhrXCLpnU1XYmkhiGbfTOo3Lo-HxDuzdV_LMrGIsues HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRTrkD4ErB53OgvKhugLxiyd2icQZiigBkw7sNCt8zRAe0iIohFAMqMMhrXCLpnU1XYmkhiGbfTOo3Lo-HxDuzdV_LMrGIsues&google_hm=f34e969978f0b1271f9ug100lp3uh84f
Request Chain 601
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEHl7i_e6y5Q_P3f2WwCu4jM&google_cver=1&google_push=AXcoOmTr9NvG_AdwO3zEEwXwxeT5e4krWq9wWEsI320CRGzb1X35hBXc2M7qusxd6Cxf5T489kmVUID-XJxeX3ROS0XBbysSWaUUFvI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTr9NvG_AdwO3zEEwXwxeT5e4krWq9wWEsI320CRGzb1X35hBXc2M7qusxd6Cxf5T489kmVUID-XJxeX3ROS0XBbysSWaUUFvI
Request Chain 612
  • https://um.simpli.fi/gp_match?google_gid=CAESEMmrQp7-zv3swZlqEfALbaA&google_cver=1&google_push=AXcoOmQ_3qPe7EIdr1dyBAyFBgm4X5QdH4hM8ABf0tIyOpehHO9Ig7g4IQTS0VJ3-EJOu6uFlOoN3ovNJz11XFgZSZ4Vc6Khk8w1gw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8C18D828AD01465CA9B4276E35A499E0&google_push=AXcoOmQ_3qPe7EIdr1dyBAyFBgm4X5QdH4hM8ABf0tIyOpehHO9Ig7g4IQTS0VJ3-EJOu6uFlOoN3ovNJz11XFgZSZ4Vc6Khk8w1gw
Request Chain 613
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESENEry3vG7MJ-T22lr76Irqw&google_cver=1&google_push=AXcoOmQghKHo2X2YPAkZq7NfaX6rHk8csCnQJ5YHW93OrzPvtv930L9DH1cIa2sEfXTEmiT_h0TC1PRnb89VhgvO2P61CvVLZXSo7Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjczMTE1MzkzMDkwOTg0MA%3D%3D&google_push=AXcoOmQghKHo2X2YPAkZq7NfaX6rHk8csCnQJ5YHW93OrzPvtv930L9DH1cIa2sEfXTEmiT_h0TC1PRnb89VhgvO2P61CvVLZXSo7Q
Request Chain 614
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEBnOi_E1_D5OxyLB1CT2Sds&google_cver=1&google_push=AXcoOmTtMHMrrYU4HdxOBVQKpJRiPkBZVgkTX55zjUxEomTLvvS5voxzj4yUxX7An9A8nXZT75oVLWftgfVaT73BJeFejvwkTAEksw HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5pXDqeVBRh4WGQJrLjqeUg&google_push=AXcoOmTtMHMrrYU4HdxOBVQKpJRiPkBZVgkTX55zjUxEomTLvvS5voxzj4yUxX7An9A8nXZT75oVLWftgfVaT73BJeFejvwkTAEksw
Request Chain 615
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEKtHDjLbEaYfQ-uknYEcsx0&google_cver=1&google_push=AXcoOmQ6bELOC-DdkqxcDxkkXIYS2X_i3bNYmoGZZGH2otIZRiuIo1RLDHfi6j3MUT12C_A-AXVqp2F6iD-tkTfR4xfFx0feU6FpFg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQ6bELOC-DdkqxcDxkkXIYS2X_i3bNYmoGZZGH2otIZRiuIo1RLDHfi6j3MUT12C_A-AXVqp2F6iD-tkTfR4xfFx0feU6FpFg&google_hm=OXBzTVp5WmdXUkJxaEw2NHo5bGg=
Request Chain 616
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESELrQsZcNwxLDzCUGvSZ5D-8&google_cver=1&google_push=AXcoOmRaYaM7IahjTjJYVgx6dcQ1KSilYNM85yXEwdOJOvs0uhmU6rvI10SBGe2UHUE9lGsyrXcK0cPXQpzyx7PsXv3BmeMi1MLB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRaYaM7IahjTjJYVgx6dcQ1KSilYNM85yXEwdOJOvs0uhmU6rvI10SBGe2UHUE9lGsyrXcK0cPXQpzyx7PsXv3BmeMi1MLB&google_hm=MTI5NDE4OTE2ODU0MjY2ODUwNA%3D%3D
Request Chain 617
  • https://trace.mediago.io/cs/google?google_gid=CAESEJkAPqh_G8yp9t2icYv_zqM&google_cver=1&google_push=AXcoOmSg4bCxYpWq9PRLaBzzUd0iXLGGlHhe0Fp3Wq3MJTVLJe3jvCtp0xw0qKaeVyk6k-Tmhi2kZ4nlsbLwcNAXtHVe3JON-F0ZG5E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSg4bCxYpWq9PRLaBzzUd0iXLGGlHhe0Fp3Wq3MJTVLJe3jvCtp0xw0qKaeVyk6k-Tmhi2kZ4nlsbLwcNAXtHVe3JON-F0ZG5E&google_hm=f34e969978f0b1271qnyuu00lp3uh84e
Request Chain 618
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEHl7i_e6y5Q_P3f2WwCu4jM&google_cver=1&google_push=AXcoOmSeMooyd5xhboKQkKLo8TSlsJefTbZzC6W0Sxj8g933xit0A1-xwPjhXwr6cWWTsWu42QeCB_rJf6YPHde1qePx1Zgk8lnXXQg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSeMooyd5xhboKQkKLo8TSlsJefTbZzC6W0Sxj8g933xit0A1-xwPjhXwr6cWWTsWu42QeCB_rJf6YPHde1qePx1Zgk8lnXXQg
Request Chain 620
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEFTRbPbjYQaC6ci2qweRYXM&google_cver=1&google_push=AXcoOmRY2LuC3Yzgil9PCB8iYDK_ZHUzW5zLF8Mu-5HxEGfELtFgyO8Q2-NU5oC48oKvmqnzL4D8sXoek4Cmo6PSHLz6sa8Fw5io&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRY2LuC3Yzgil9PCB8iYDK_ZHUzW5zLF8Mu-5HxEGfELtFgyO8Q2-NU5oC48oKvmqnzL4D8sXoek4Cmo6PSHLz6sa8Fw5io%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFTRbPbjYQaC6ci2qweRYXM&google_cver=1&google_push=AXcoOmRY2LuC3Yzgil9PCB8iYDK_ZHUzW5zLF8Mu-5HxEGfELtFgyO8Q2-NU5oC48oKvmqnzL4D8sXoek4Cmo6PSHLz6sa8Fw5io&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRY2LuC3Yzgil9PCB8iYDK_ZHUzW5zLF8Mu-5HxEGfELtFgyO8Q2-NU5oC48oKvmqnzL4D8sXoek4Cmo6PSHLz6sa8Fw5io%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 621
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESENEry3vG7MJ-T22lr76Irqw&google_cver=1&google_push=AXcoOmRmXzjM7wEgh0FIsuBsGn9oRwroQElY32tX0HsSgPUDGtT82wL1ngoCC1Ih6eWqVTw749Z1Q9o3w27BvLnXDY6rq6t38Jq6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjczMTE1MzkzMDkwOTg1NA%3D%3D&google_push=AXcoOmRmXzjM7wEgh0FIsuBsGn9oRwroQElY32tX0HsSgPUDGtT82wL1ngoCC1Ih6eWqVTw749Z1Q9o3w27BvLnXDY6rq6t38Jq6
Request Chain 622
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTetrn1J-_oc6dbZq0ryhVBjAnkAtEXajUbdjW5GViWf7sMUfxWjxwSHUoehVQaRzekgt6q6JZ3_4PqWcqdwQA27E13vuD0&google_gid=CAESECI1H-LSnOqYZn60U8-Nlno&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-BcT7oYU1ZMb0nO4_DF1howqR-_OGylLyaxdqQA&google_push=AXcoOmTetrn1J-_oc6dbZq0ryhVBjAnkAtEXajUbdjW5GViWf7sMUfxWjxwSHUoehVQaRzekgt6q6JZ3_4PqWcqdwQA27E13vuD0
Request Chain 623
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEH7T9qRbZ6NbS4WVr7Z_Z6s&google_cver=1&google_push=AXcoOmT2B92DAEsBrWIsERW_AoKDcMHXOxCOHl2ZhxsdybKcUv_jPJp8SVx4uKaCxxA-0exbNAJsA4rivNbAzzzAQMGmhjEC2q1p HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmT2B92DAEsBrWIsERW_AoKDcMHXOxCOHl2ZhxsdybKcUv_jPJp8SVx4uKaCxxA-0exbNAJsA4rivNbAzzzAQMGmhjEC2q1p&google_gid=CAESEH7T9qRbZ6NbS4WVr7Z_Z6s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTc4ODA2MTcyMTY1MDgwNzg3NDI1NA%3D%3D&google_push=AXcoOmT2B92DAEsBrWIsERW_AoKDcMHXOxCOHl2ZhxsdybKcUv_jPJp8SVx4uKaCxxA-0exbNAJsA4rivNbAzzzAQMGmhjEC2q1p
Request Chain 624
  • https://sync.inmobi.com/gob?google_gid=CAESENXWFYm1fltxLvD4-wOG8AY&google_cver=1&google_push=AXcoOmSi74AMzkRPkTw6_38T2quzn1pOg1anLHq7t6jQoqVHgaz8-62dVCEe1if6yiv25PaeSP3gO5BAhg78iwYVigU_pWaMz_7CKA HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSi74AMzkRPkTw6_38T2quzn1pOg1anLHq7t6jQoqVHgaz8-62dVCEe1if6yiv25PaeSP3gO5BAhg78iwYVigU_pWaMz_7CKA
Request Chain 625
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEFEQoz_9XDmJPa1EGVeKg-E&google_cver=1&google_push=AXcoOmQVDe9WdKlC3O4f7pfHCw2AxfawLNR8XDVhScbiA3QwLLjzghUuk45lMvTgoIUJlLyj9HHtXWNIsQdamwXOd9ff13lgTXHFvQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQVDe9WdKlC3O4f7pfHCw2AxfawLNR8XDVhScbiA3QwLLjzghUuk45lMvTgoIUJlLyj9HHtXWNIsQdamwXOd9ff13lgTXHFvQ HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 632
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEFTRbPbjYQaC6ci2qweRYXM&google_cver=1&google_push=AXcoOmQJpfcWz4PbyheuPwwbDGz4RUgikdzR7khI7_ddsbdr9j_k1A481dtvXqFTZPWHn4n56A2Xylj-96PwnqjtxqtgvIIRExXNnw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQJpfcWz4PbyheuPwwbDGz4RUgikdzR7khI7_ddsbdr9j_k1A481dtvXqFTZPWHn4n56A2Xylj-96PwnqjtxqtgvIIRExXNnw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFTRbPbjYQaC6ci2qweRYXM&google_cver=1&google_push=AXcoOmQJpfcWz4PbyheuPwwbDGz4RUgikdzR7khI7_ddsbdr9j_k1A481dtvXqFTZPWHn4n56A2Xylj-96PwnqjtxqtgvIIRExXNnw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQJpfcWz4PbyheuPwwbDGz4RUgikdzR7khI7_ddsbdr9j_k1A481dtvXqFTZPWHn4n56A2Xylj-96PwnqjtxqtgvIIRExXNnw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 633
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEKtHDjLbEaYfQ-uknYEcsx0&google_cver=1&google_push=AXcoOmQ92jGqAlVIq17M-5djLXAlPiXTNKuBXJrx2u2pgRoPN_mppqtQW5hhisXqnVTQPsbEadrtNWcIGTJbue2XwYgrhWg0Qhdu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQ92jGqAlVIq17M-5djLXAlPiXTNKuBXJrx2u2pgRoPN_mppqtQW5hhisXqnVTQPsbEadrtNWcIGTJbue2XwYgrhWg0Qhdu&google_hm=OXBzTVp5WmdXUkJxaEw2NHo5bGg=
Request Chain 634
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESED9TrTac6SyeS88TxgPxsc0&google_cver=1&google_push=AXcoOmSRVU7d4YXVg5Fk5CdEldE4LnxIxYWzn9LXnvvSX7YkonDsIAyx1alRF57TT9QBzbqWNu3WqQ_WLHmwZ0unnXwy0KwnRktP4w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=N5MWkK_tSXKOlQNXQy30Aw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSRVU7d4YXVg5Fk5CdEldE4LnxIxYWzn9LXnvvSX7YkonDsIAyx1alRF57TT9QBzbqWNu3WqQ_WLHmwZ0unnXwy0KwnRktP4w
Request Chain 635
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKOoATOO-vYRYYJsibzkgdI&google_cver=1&google_push=AXcoOmTfH_NNlouMnCbhDqjxlRp-3y_603KfP4siR-0QmnNnbgk10LmZ8_hbZWi3wAYlVDFZxFyAxc9nAc0xl_5KMlFPrArBLwQy HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAzVUgxVjEtMjEtNjM4VQ==&google_push=AXcoOmTfH_NNlouMnCbhDqjxlRp-3y_603KfP4siR-0QmnNnbgk10LmZ8_hbZWi3wAYlVDFZxFyAxc9nAc0xl_5KMlFPrArBLwQy
Request Chain 636
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEB3CsfBx7sedt9MiWDg4k-Q&google_cver=1&google_push=AXcoOmQwt5eaKkputTLTSVrNADOnJGuyODIkG4bJFxt-mUeNq-gF_0V9I7mUXnttaHw6IO_O-NOFMeKLDDnD9zLRnGHzaUqPZr8E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB3CsfBx7sedt9MiWDg4k-Q&google_hm=ZViDSBAZuaAbVWgtJXAc_QAADLwAAAAB&google_nid=index&google_push=AXcoOmQwt5eaKkputTLTSVrNADOnJGuyODIkG4bJFxt-mUeNq-gF_0V9I7mUXnttaHw6IO_O-NOFMeKLDDnD9zLRnGHzaUqPZr8E
Request Chain 637
  • https://match.360yield.com/match/ebda?google_gid=CAESEG_8mc7NE70EZzRUaAlM1NM&google_cver=1&google_push=AXcoOmSZl7P0xq_Z-Unen82NwV7vEbdBouDpgYO1dLKNEpoY1CKBP1jsNwkg6vT6_Oh9VUlnw2LJurJgXUsZ0AnCFO7-xDNV31pumQ HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEG_8mc7NE70EZzRUaAlM1NM&google_cver=1&google_push=AXcoOmSZl7P0xq_Z-Unen82NwV7vEbdBouDpgYO1dLKNEpoY1CKBP1jsNwkg6vT6_Oh9VUlnw2LJurJgXUsZ0AnCFO7-xDNV31pumQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=fjD_WiwsRh2btLD0-cTDdA&google_push=AXcoOmSZl7P0xq_Z-Unen82NwV7vEbdBouDpgYO1dLKNEpoY1CKBP1jsNwkg6vT6_Oh9VUlnw2LJurJgXUsZ0AnCFO7-xDNV31pumQ
Request Chain 638
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESELbMIsONiy57jVro2kUJ9Zc&google_cver=1&google_push=AXcoOmQNyQ3S-VSyTCJ9_2FfIxUX7yCERbWHIsm9frRCyQxjrMwleytd9SOAUJF_6j0-XfD5JynvypJ_Jz0JyflrN-M-3FNQIpiR-z0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQNyQ3S-VSyTCJ9_2FfIxUX7yCERbWHIsm9frRCyQxjrMwleytd9SOAUJF_6j0-XfD5JynvypJ_Jz0JyflrN-M-3FNQIpiR-z0&google_hm=ODk0OTcyOTU3Njc4OTgyNDc5NA==
Request Chain 647
  • https://hal90005.redintelligence.net/request.php?zone=khr4rmdzysvp&nw=20&renderingType=javascript&namespace=9046decd17&subid=&uid=60679d35eaea9a15&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUPJHRINYZYjeEI3tgAedvpbYApHB0Jtpg_WDktwP8C4QASDY1dgrYPWFyoHcBMgBCakCJmnHrA9Qsj6oAwHIA5sEqgSEAk_Q919VknfSk4xMJDnPPw_oIhF6zAQAwbbu3IfEsf-ZKafQN54Y5ecgcwZjuxnfuyetqdf_rN5bqcTJIVFMNdbex6vdErYaekmpfWNujcbviMwauLub8O-cj6oxjq7icH_16mfeQhp-Bc4xL6NMLfmWP2LjD7_2IzT9P29Qtt2KUOy-ABjglkpar_R7rMWU55E8IEe8zk_H6RQnlYvEmZ2dO8JUhTb0VzHfCyg-36oIKfVapDcfsmJS-XWxzkKFMjAQsgmemtUABZyVpdngQfMj8LqDJPIA2MCRNy8N-DRBpg4ilYxeh9TVIrNGdCPCBiUW8gAkF4PiuYcsG9UCkuCQ4TJgwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQKqDQJDSOINEwjH_ODHnc2CAxWNNuAKHR2fBSuwE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNMECdQHpAockj_sfYtw8J7O7o1wx6eYwkfbTkTNdhIC1OYdLfDCKeNe_W-tTB84KposwLBfg7vxgB%26sig%3DAOD64_2-jX5Kp5-u1R6ssr-LN4Z2fX4S9A%26client%3Dca-pub-3944954862316283%26dbm_c%3DAKAmf-BmSaBqkRkl2Krmhvon3ObJFsvvjH_k1r3FOuRLM4Q8FWY8bh-VJ8pUEAnxMylflQba6UfHP07QHm_4V5h8x3Eazn9oHVAybgkGoqQPbltLzaBmc-MHMIQ7Jfsw0ok2R2bcQSgI99J2Jggh_UgAR2Th-u3qoE5g_lNm7LAC8eSr1Mapm_I%26cry%3D1%26dbm_d%3DAKAmf-AtME_Rijpra4Cqk7jFY_9p-NPD-Vnfs6v7EqbrcRAImijtGPOACD0LueysCZVrnZbMIu5RgnGN8j036glrWRWxrpSl8Zqe4sx9hRZlFLnODAxyLvp3XNSVQIPROnOfFmq5tsPGmvDUCScmZTVqrZ2c7TEkCycFerSOawsngEBLh53EKS_VDyRq9oeLwuHbXbiu9OIHETaUv65SAHqRXvm3LbNCkCgxDSYFdHH2PW62RosfRyLIaW71g8Tw7u3c8HHAKjJsoolWiil5z_hfRdtO9CHqQc4YyIsFfDCkDKBH2SBk18vTxYnkjexxGMr4WS4S4RcuY3IClaakp1fSuvWFjbqBehKR_somPpgSNvC419yjrMDWipYSUPg_xpTcIgQkS5jJGGm7ErUYRkhffsvh4fZzdahpNVF74g6ha8UGKddq-e2MC_jqMaQfLgGbTVCG36tnb-ZFKwHrmfI_-fcvfHYcPkbkjOlm6klPIdsDMsdoMNEt3MCHYVrh0Bb1CGb5jaTh5EJh3LERl1mCwi_SogdlbP5tOCNC5ciOExaf6un3pKA%26adurl%3D&documentReferer=https%3A%2F%2Ffolkd.com%2F&ancestorOrigins=https%3A%2F%2Ffolkd.com&random=478092767399&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90005.redintelligence.net/request.php?zone=khr4rmdzysvp&nw=20&renderingType=javascript&namespace=9046decd17&subid=&uid=60679d35eaea9a15&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUPJHRINYZYjeEI3tgAedvpbYApHB0Jtpg_WDktwP8C4QASDY1dgrYPWFyoHcBMgBCakCJmnHrA9Qsj6oAwHIA5sEqgSEAk_Q919VknfSk4xMJDnPPw_oIhF6zAQAwbbu3IfEsf-ZKafQN54Y5ecgcwZjuxnfuyetqdf_rN5bqcTJIVFMNdbex6vdErYaekmpfWNujcbviMwauLub8O-cj6oxjq7icH_16mfeQhp-Bc4xL6NMLfmWP2LjD7_2IzT9P29Qtt2KUOy-ABjglkpar_R7rMWU55E8IEe8zk_H6RQnlYvEmZ2dO8JUhTb0VzHfCyg-36oIKfVapDcfsmJS-XWxzkKFMjAQsgmemtUABZyVpdngQfMj8LqDJPIA2MCRNy8N-DRBpg4ilYxeh9TVIrNGdCPCBiUW8gAkF4PiuYcsG9UCkuCQ4TJgwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQKqDQJDSOINEwjH_ODHnc2CAxWNNuAKHR2fBSuwE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNMECdQHpAockj_sfYtw8J7O7o1wx6eYwkfbTkTNdhIC1OYdLfDCKeNe_W-tTB84KposwLBfg7vxgB%26sig%3DAOD64_2-jX5Kp5-u1R6ssr-LN4Z2fX4S9A%26client%3Dca-pub-3944954862316283%26dbm_c%3DAKAmf-BmSaBqkRkl2Krmhvon3ObJFsvvjH_k1r3FOuRLM4Q8FWY8bh-VJ8pUEAnxMylflQba6UfHP07QHm_4V5h8x3Eazn9oHVAybgkGoqQPbltLzaBmc-MHMIQ7Jfsw0ok2R2bcQSgI99J2Jggh_UgAR2Th-u3qoE5g_lNm7LAC8eSr1Mapm_I%26cry%3D1%26dbm_d%3DAKAmf-AtME_Rijpra4Cqk7jFY_9p-NPD-Vnfs6v7EqbrcRAImijtGPOACD0LueysCZVrnZbMIu5RgnGN8j036glrWRWxrpSl8Zqe4sx9hRZlFLnODAxyLvp3XNSVQIPROnOfFmq5tsPGmvDUCScmZTVqrZ2c7TEkCycFerSOawsngEBLh53EKS_VDyRq9oeLwuHbXbiu9OIHETaUv65SAHqRXvm3LbNCkCgxDSYFdHH2PW62RosfRyLIaW71g8Tw7u3c8HHAKjJsoolWiil5z_hfRdtO9CHqQc4YyIsFfDCkDKBH2SBk18vTxYnkjexxGMr4WS4S4RcuY3IClaakp1fSuvWFjbqBehKR_somPpgSNvC419yjrMDWipYSUPg_xpTcIgQkS5jJGGm7ErUYRkhffsvh4fZzdahpNVF74g6ha8UGKddq-e2MC_jqMaQfLgGbTVCG36tnb-ZFKwHrmfI_-fcvfHYcPkbkjOlm6klPIdsDMsdoMNEt3MCHYVrh0Bb1CGb5jaTh5EJh3LERl1mCwi_SogdlbP5tOCNC5ciOExaf6un3pKA%26adurl%3D&documentReferer=https%3A%2F%2Ffolkd.com%2F&ancestorOrigins=https%3A%2F%2Ffolkd.com&random=478092767399&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 656
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJ6fAoVsAQrIp4_NvyY9ppA&google_cver=1&google_push=AXcoOmTSq3PLzJNK_GCmB6-GYcmc21UStHrqBCbHq5x-q4uaiuk29bhIfDOoi5_-SU7y2QhCqgWpaQnJEak3Lx9zRMH-cvuk8Xi-_w HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=3da9c39c83f4165c&is_secure=true&networkId=14000&version=1&google_gid=CAESEJ6fAoVsAQrIp4_NvyY9ppA&google_cver=1&google_push=AXcoOmTSq3PLzJNK_GCmB6-GYcmc21UStHrqBCbHq5x-q4uaiuk29bhIfDOoi5_-SU7y2QhCqgWpaQnJEak3Lx9zRMH-cvuk8Xi-_w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAISsW8clQuqwNVwwG0AAAAAAA&expiration=1700385995&google_cver=1&is_secure=true&google_gid=CAESEJ6fAoVsAQrIp4_NvyY9ppA&google_push=AXcoOmTSq3PLzJNK_GCmB6-GYcmc21UStHrqBCbHq5x-q4uaiuk29bhIfDOoi5_-SU7y2QhCqgWpaQnJEak3Lx9zRMH-cvuk8Xi-_w
Request Chain 657
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSmQoSfLbsjKnz7Pb4mQOYq2seUQ_LqaN5MCO8miuAl0uUqZuP_bcJYliHj-JdLYLO3TxSzPCkXjlCkxFHW3aEB66bvUM5W4A&google_gid=CAESECI1H-LSnOqYZn60U8-Nlno&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-BcT7oYU1ZMb0nO4_DF1howqR-_OGylLyaxdqQA&google_push=AXcoOmSmQoSfLbsjKnz7Pb4mQOYq2seUQ_LqaN5MCO8miuAl0uUqZuP_bcJYliHj-JdLYLO3TxSzPCkXjlCkxFHW3aEB66bvUM5W4A
Request Chain 658
  • https://rtb.openx.net/sync/dds?google_gid=CAESEMmFmAcRjOzs6nRuw_7GY58&google_cver=1&google_push=AXcoOmQLHcUd4nXv6X9VylvBphw3N2wmiEqkf_owFu--J7hmJaM4gWXiIyo85DA22HZkVE-LZjiHuJfdWYF3OF5PW5jeqivpejbezQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQLHcUd4nXv6X9VylvBphw3N2wmiEqkf_owFu--J7hmJaM4gWXiIyo85DA22HZkVE-LZjiHuJfdWYF3OF5PW5jeqivpejbezQ&google_hm=lPpImljajrWp3gsfov-k0g==
Request Chain 659
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmS_FhHzhUmdzHrIOqdWty31auwJiK8r4j53a480UHMPbAMdiSjPCD6wLPfNp1ewbyTMn9OYF4VgikDIcHWSi5Fn-sb1SrT3oA&google_gid=CAESEL0SgtmcDOPt0proOLngvmQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL0SgtmcDOPt0proOLngvmQ&google_hm=T1BVZjkxOWJiMDcyMGQ5NDU1ZmFhOGIyYmJiODY0ZGY4NWE&google_nid=opera_norway_as&google_push=AXcoOmS_FhHzhUmdzHrIOqdWty31auwJiK8r4j53a480UHMPbAMdiSjPCD6wLPfNp1ewbyTMn9OYF4VgikDIcHWSi5Fn-sb1SrT3oA
Request Chain 660
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEBhLJNWQrzEePXWLWAmJfjo&google_cver=1&google_push=AXcoOmRshu_Qt8Ud5XnELPeoeBpqhu4KcPY5Y-gVHqLD_sLANxIyCyuXMrb1pIINrKiARzpDy6WHdT-jHMNJWBzRVDOwy5i7xiVtpw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c6bdb680-a140-4ff6-91da-0f9909356df6&%%GOOGLE_PUSH_PAIR%%
Request Chain 661
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEHl7i_e6y5Q_P3f2WwCu4jM&google_cver=1&google_push=AXcoOmQjMMJOlLZ-MIAgAVX6G-9j4rvJ6QoN_cspcn4YB1YI1bCbtyRLlpxM2FboqKbayMRotg9XvZkYB7FTUJMxRb6P2KUNB-Lhat8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmQjMMJOlLZ-MIAgAVX6G-9j4rvJ6QoN_cspcn4YB1YI1bCbtyRLlpxM2FboqKbayMRotg9XvZkYB7FTUJMxRb6P2KUNB-Lhat8
Request Chain 663
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJ6fAoVsAQrIp4_NvyY9ppA&google_cver=1&google_push=AXcoOmT9lh1-TtJTV51CJ43z70LmywJfrebh_5AmSd-x6kKQsVdPx2iHJyo7s5ndFMc6EccdcRytP3xv1m7rQLlvAfM8R2KfCqid HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=35ff8a38049c183c&is_secure=true&networkId=14000&version=1&google_gid=CAESEJ6fAoVsAQrIp4_NvyY9ppA&google_cver=1&google_push=AXcoOmT9lh1-TtJTV51CJ43z70LmywJfrebh_5AmSd-x6kKQsVdPx2iHJyo7s5ndFMc6EccdcRytP3xv1m7rQLlvAfM8R2KfCqid HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAI0iF8EVhINwNUDqKtAAAAAAA&expiration=1700385995&google_cver=1&is_secure=true&google_gid=CAESEJ6fAoVsAQrIp4_NvyY9ppA&google_push=AXcoOmT9lh1-TtJTV51CJ43z70LmywJfrebh_5AmSd-x6kKQsVdPx2iHJyo7s5ndFMc6EccdcRytP3xv1m7rQLlvAfM8R2KfCqid
Request Chain 664
  • https://rtb.openx.net/sync/dds?google_gid=CAESEMmFmAcRjOzs6nRuw_7GY58&google_cver=1&google_push=AXcoOmTSgg5MJtEEb3XIEzaKHZH5nkOVKk-AySb9_YkeFHSJW0D9J2qUkxs8vUgQ5vLVGfI0Fzuz8ff_Hiko0V0shqf1aR3oUaGb1A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmTSgg5MJtEEb3XIEzaKHZH5nkOVKk-AySb9_YkeFHSJW0D9J2qUkxs8vUgQ5vLVGfI0Fzuz8ff_Hiko0V0shqf1aR3oUaGb1A&google_hm=lPpImljajrWp3gsfov-k0g==
Request Chain 665
  • https://match.360yield.com/match/ebda?google_gid=CAESEG_8mc7NE70EZzRUaAlM1NM&google_cver=1&google_push=AXcoOmTiJ9UPRWXQjWp2lQfP9xMbxUzsuVeIYN_drK1R7pebUdWmZQe5npINqnUXXnKwhAlkDjzzIIYOvP9J3T_l7bT_3uhX3yj5nA HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEG_8mc7NE70EZzRUaAlM1NM&google_cver=1&google_push=AXcoOmTiJ9UPRWXQjWp2lQfP9xMbxUzsuVeIYN_drK1R7pebUdWmZQe5npINqnUXXnKwhAlkDjzzIIYOvP9J3T_l7bT_3uhX3yj5nA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=fjD_WiwsRh2btLD0-cTDdA&google_push=AXcoOmTiJ9UPRWXQjWp2lQfP9xMbxUzsuVeIYN_drK1R7pebUdWmZQe5npINqnUXXnKwhAlkDjzzIIYOvP9J3T_l7bT_3uhX3yj5nA
Request Chain 666
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEH7T9qRbZ6NbS4WVr7Z_Z6s&google_cver=1&google_push=AXcoOmTEY4U4F-1NL06w3MEJnhHIjyOgOgS_mzEo6tln1cWvLDVxV2_MW_mDk0-4tveNieHlPkeo3jPyp4cWjVXR6REvSD7AhevwMg HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTEY4U4F-1NL06w3MEJnhHIjyOgOgS_mzEo6tln1cWvLDVxV2_MW_mDk0-4tveNieHlPkeo3jPyp4cWjVXR6REvSD7AhevwMg&google_gid=CAESEH7T9qRbZ6NbS4WVr7Z_Z6s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTc4ODA2MTcyMTY1MDgwNzg3NDI1NA%3D%3D&google_push=AXcoOmTEY4U4F-1NL06w3MEJnhHIjyOgOgS_mzEo6tln1cWvLDVxV2_MW_mDk0-4tveNieHlPkeo3jPyp4cWjVXR6REvSD7AhevwMg
Request Chain 667
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmSJrYiPduydKzJR3Yx-eOOrhPZosooMstQxaf9VbYJXXhNyHaaS0wdeH6KpKHpSqY-rMRs2aaQ8GdND7ee_x2fcrfTa-63b2Hg&google_gid=CAESEL0SgtmcDOPt0proOLngvmQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL0SgtmcDOPt0proOLngvmQ&google_hm=T1BVNjkzMWE0N2IzNWNiNDBmZGFiN2YzNjIyMzkzZWM5M2U&google_nid=opera_norway_as&google_push=AXcoOmSJrYiPduydKzJR3Yx-eOOrhPZosooMstQxaf9VbYJXXhNyHaaS0wdeH6KpKHpSqY-rMRs2aaQ8GdND7ee_x2fcrfTa-63b2Hg
Request Chain 668
  • https://trace.mediago.io/cs/google?google_gid=CAESEJkAPqh_G8yp9t2icYv_zqM&google_cver=1&google_push=AXcoOmQpq-ymOT69FzgvNthUlQlxquc_iOg7UJ3SXctDscTE6j_Ior51T3LSI9rsTrnhwbEkTPKMTVGHKFPJAhmDEYK8wjWbJW1kJA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQpq-ymOT69FzgvNthUlQlxquc_iOg7UJ3SXctDscTE6j_Ior51T3LSI9rsTrnhwbEkTPKMTVGHKFPJAhmDEYK8wjWbJW1kJA&google_hm=f34e969978f0b1271k9hgw00lp3uh87v
Request Chain 669
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESELIzrNWLnW2i4cd7YF_1HGo&google_cver=1&google_push=AXcoOmR932SN0OwF4T5LAoiy1Z_cZS0ALfLKrsCTI7_juJO1dh8TQxz4crrh95Uks8-RPgbGcq8UqdgLK9jpQ4xc2xjTpC_SsqhRiSE HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=8da16270-01e1-4ae9-a9ef-e6d3929feadd&google_cver=1&google_gid=CAESELIzrNWLnW2i4cd7YF_1HGo&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmR932SN0OwF4T5LAoiy1Z_cZS0ALfLKrsCTI7_juJO1dh8TQxz4crrh95Uks8-RPgbGcq8UqdgLK9jpQ4xc2xjTpC_SsqhRiSE&gdpr=${GDPR}
Request Chain 671
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEFTRbPbjYQaC6ci2qweRYXM&google_cver=1&google_push=AXcoOmSnXQnJ6wQL_Kbmy6rK2JNJkPAFlVOmhl6wjdX-uw42R4FUCrBjDiOeVKA3FngzCnwozzRtSEr4SQMTquzvo4ZGiKgnjV8uCw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSnXQnJ6wQL_Kbmy6rK2JNJkPAFlVOmhl6wjdX-uw42R4FUCrBjDiOeVKA3FngzCnwozzRtSEr4SQMTquzvo4ZGiKgnjV8uCw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFTRbPbjYQaC6ci2qweRYXM&google_cver=1&google_push=AXcoOmSnXQnJ6wQL_Kbmy6rK2JNJkPAFlVOmhl6wjdX-uw42R4FUCrBjDiOeVKA3FngzCnwozzRtSEr4SQMTquzvo4ZGiKgnjV8uCw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSnXQnJ6wQL_Kbmy6rK2JNJkPAFlVOmhl6wjdX-uw42R4FUCrBjDiOeVKA3FngzCnwozzRtSEr4SQMTquzvo4ZGiKgnjV8uCw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 672
  • https://a.c.appier.net/gcm?google_gid=CAESEF7-SG7CLoSet3-m9XqLLsU&google_cver=1&google_push=AXcoOmQb8M_YaBNoCTbsF2Hp30ZvQJRuaNiYMNBJdVWCmj04rLDm16JUuiha_tLUJT0UuKKIlrSydrIj90djoBJmDS31EZd0MLEN2g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=VnZjV1ZHVnZCdHExdGZZVVRJTllaUQ%3D%3D&google_push=AXcoOmQb8M_YaBNoCTbsF2Hp30ZvQJRuaNiYMNBJdVWCmj04rLDm16JUuiha_tLUJT0UuKKIlrSydrIj90djoBJmDS31EZd0MLEN2g
Request Chain 673
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESENe9MgIJkSOTy9LpELJ1x6o&google_cver=1&google_push=AXcoOmRFd1OZ8FSw--txJ_ZAQYau-ua6rQHrJ7FnmO6P7qx1fwmWUJ4VaJ4PiJ7Yl15fLR58Mqm1mF3rF_lUfDUc4f3rMmwAvV4vPg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ICU9rQacXFJ_CB5fi3yQN1LFoQQ&google_push=AXcoOmRFd1OZ8FSw--txJ_ZAQYau-ua6rQHrJ7FnmO6P7qx1fwmWUJ4VaJ4PiJ7Yl15fLR58Mqm1mF3rF_lUfDUc4f3rMmwAvV4vPg
Request Chain 674
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKOoATOO-vYRYYJsibzkgdI&google_cver=1&google_push=AXcoOmRrfOeSSLCw04Lpa3ZemAYcwokbM69iE0yEtP1atC49WhxJB6cx-a370r9elJ_1CayMVeKIX9DaOxM9H1367xzAuHgG0-UryQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAzVUgxVjEtMjEtNjM4VQ==&google_push=AXcoOmRrfOeSSLCw04Lpa3ZemAYcwokbM69iE0yEtP1atC49WhxJB6cx-a370r9elJ_1CayMVeKIX9DaOxM9H1367xzAuHgG0-UryQ
Request Chain 675
  • https://google.partners.tremorhub.com/sync?UIDF=CAESEJDbE3YlkLvv7PmQpmwKBXY&google_cver=1&google_push=AXcoOmT2nFm1K2gzfVBkF1FTdzJjZDMnXgnebndwQd4Ph1_SwFSgvnn7wlBHO3vf8wESale8SGBY5vM9qml0RDuCzocUrn2DNbeh HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=YmIwM2Y0OTUzYTliNDFiNmJjMWY0ZDVlYThiYzM5Yjk%3D&UIDF=CAESEJDbE3YlkLvv7PmQpmwKBXY&google_cver=1&google_push=AXcoOmT2nFm1K2gzfVBkF1FTdzJjZDMnXgnebndwQd4Ph1_SwFSgvnn7wlBHO3vf8wESale8SGBY5vM9qml0RDuCzocUrn2DNbeh
Request Chain 676
  • https://match.360yield.com/match/ebda?google_gid=CAESEG_8mc7NE70EZzRUaAlM1NM&google_cver=1&google_push=AXcoOmR-NimGfM3av6tz01BqBpCDY5roGVBg1KOn_xIO8qI5XmzVnokmeYF4CuFonO6yd96Eus8oaRhHmrX-Oede2cBMZQQDlzlzlw HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEG_8mc7NE70EZzRUaAlM1NM&google_cver=1&google_push=AXcoOmR-NimGfM3av6tz01BqBpCDY5roGVBg1KOn_xIO8qI5XmzVnokmeYF4CuFonO6yd96Eus8oaRhHmrX-Oede2cBMZQQDlzlzlw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=fjD_WiwsRh2btLD0-cTDdA&google_push=AXcoOmR-NimGfM3av6tz01BqBpCDY5roGVBg1KOn_xIO8qI5XmzVnokmeYF4CuFonO6yd96Eus8oaRhHmrX-Oede2cBMZQQDlzlzlw
Request Chain 677
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPzZoMJLBgpHHonFXJJ1ZPM&google_cver=1&google_push=AXcoOmQPLPI7hYA2TkyWWjPREDK7ZhuTQFkXDZbUnZngWM6B9A9XsUrnfWxJoL8quPDOW7dG4VKbmmT9V4TOI4Y5GqecRh1YYSz31Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=YzQwYmJmMGUtNjI1Yi00M2MxLWFmZjItOTUyNjA4Y2QxNjRk&google_push=AXcoOmQPLPI7hYA2TkyWWjPREDK7ZhuTQFkXDZbUnZngWM6B9A9XsUrnfWxJoL8quPDOW7dG4VKbmmT9V4TOI4Y5GqecRh1YYSz31Q HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 689
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPODNS9haK5el5JUHJGyVII&google_cver=1&google_push=AXcoOmTwdQFURJvaW1PRaXcNDSgJQjjtNLdQ2vCniafM1745um_BcLMtYiK8VIMg1YpYkufgOjG9ibCU5kW0egn2q8puQwht9_9X HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPODNS9haK5el5JUHJGyVII&google_cver=1&google_push=AXcoOmTwdQFURJvaW1PRaXcNDSgJQjjtNLdQ2vCniafM1745um_BcLMtYiK8VIMg1YpYkufgOjG9ibCU5kW0egn2q8puQwht9_9X HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VTZjZklsRkYxUjRoQjE1&google_gid=CAESEPODNS9haK5el5JUHJGyVII&google_cver=1&google_push=AXcoOmTwdQFURJvaW1PRaXcNDSgJQjjtNLdQ2vCniafM1745um_BcLMtYiK8VIMg1YpYkufgOjG9ibCU5kW0egn2q8puQwht9_9X
Request Chain 690
  • https://um.simpli.fi/gp_match?google_gid=CAESEMmrQp7-zv3swZlqEfALbaA&google_cver=1&google_push=AXcoOmTJFzYm0w-83Gown9LKDQlvRi8m0DyqOtlOazWEK0VHsBiHS4xXkQSEm-jBGcWu01F40MsMYtNYE5M2wTI40sjFhSFi7TfQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8C18D828AD01465CA9B4276E35A499E0&google_push=AXcoOmTJFzYm0w-83Gown9LKDQlvRi8m0DyqOtlOazWEK0VHsBiHS4xXkQSEm-jBGcWu01F40MsMYtNYE5M2wTI40sjFhSFi7TfQ
Request Chain 691
  • https://fksnk.com/cs/google?google_gid=CAESEDBUKbC1Hn3pLRmST-U0KQ8&google_cver=1&google_push=AXcoOmSsLKcsVszKZeWsa4X3XpyaahQ_9kOX93DQmhqVs4r_qdkHNMLBdoJYogau_xzuD5iOrVqONyz8puZdnOttWVhnkVl2mxo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=N0JGOTk3OEJCQjAwNTA5QQ==
Request Chain 692
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDlRlKn2-Uko9NS-kFcavRY&google_cver=1&google_push=AXcoOmSIfkTvZrA5nzSslxAOA0ZqqfQ2JH2Qf9Aw46mRKHPVUTDnHu5gyzgZlDEZDMcleXnk3BKnKMahOqpk-AeyHrvLM27nIQ1_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSIfkTvZrA5nzSslxAOA0ZqqfQ2JH2Qf9Aw46mRKHPVUTDnHu5gyzgZlDEZDMcleXnk3BKnKMahOqpk-AeyHrvLM27nIQ1_&google_hm=eS1waDZOVlN0RTJwSDliTWFSVTJGZkdiaWpEYUU5cXNpQ35B
Request Chain 693
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAMKoNK_wmof8jyRJXMZr3A&google_cver=1&google_push=AXcoOmRlRqJmlNsO28WN5MNp1SZd1uojwL0yvojM4knkC4D1jjKS6mR2sN4XArenwz7DO9ggbnog7jFd3uaGt0qNFyiJInYrNCQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzIxNjgzNjgzMzgzOTkxNTYzNw&google_push=AXcoOmRlRqJmlNsO28WN5MNp1SZd1uojwL0yvojM4knkC4D1jjKS6mR2sN4XArenwz7DO9ggbnog7jFd3uaGt0qNFyiJInYrNCQ
Request Chain 694
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFEQoz_9XDmJPa1EGVeKg-E&google_cver=1&google_push=AXcoOmRZy-IRfC91Qm7ug9N5iJbFMVivBpgov9QO3XOZFFE7H0KNQurWgRNJqjgcOu4vNDftkbyFJLFzrLd1RkdCKqPh9ec4Jshd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRZy-IRfC91Qm7ug9N5iJbFMVivBpgov9QO3XOZFFE7H0KNQurWgRNJqjgcOu4vNDftkbyFJLFzrLd1RkdCKqPh9ec4Jshd
Request Chain 695
  • https://an.yandex.ru/mapuid/google/CAESEAwBoCsGQhD4qcMMpnB2LFg?ext-param=AXcoOmRdMEz7bO4ifnXbAjDWpZOmmdS3iwudX6maFs8ADw7xIosEzxVctYSX06DSUDcukp1awrZWFmYjy4eGTPatxr8xo-9B7yL8&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEAwBoCsGQhD4qcMMpnB2LFg?redir-setuniq=1&ext-param=AXcoOmRdMEz7bO4ifnXbAjDWpZOmmdS3iwudX6maFs8ADw7xIosEzxVctYSX06DSUDcukp1awrZWFmYjy4eGTPatxr8xo-9B7yL8&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEAwBoCsGQhD4qcMMpnB2LFg&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 746
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWI4NzliMTFhOGRmMzJhZjUwMGM3NGIxODdmMDA1MGFkMjIyYTgzNg&gdpr=0
Request Chain 747
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP3UH1V1-21-638U&gdpr=0
Request Chain 748
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFAzVUgxVjEtMjEtNjM4VQ==&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEKOoATOO-vYRYYJsibzkgdI&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAzVUgxVjEtMjEtNjM4VQ==&google_push=&gdpr=0
Request Chain 749
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEMbXU6sbdZfdGYRDnzzzEnU&google_cver=1
Request Chain 750
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=MaK9BcumToyKKm2JLvvrFw&rk=usync-other&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=MaK9BcumToyKKm2JLvvrFw&gdpr=0
Request Chain 751
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/17haR8BQImWxB4fcK1O2Ssn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-wrPSjVdE2oJPztRd8ZQ1pzicjskQ4CBswkUwjQ--~A
Request Chain 752
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=xa_jhoZLTka1TykPvw3klQ&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=xa_jhoZLTka1TykPvw3klQ&gdpr=0
Request Chain 753
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9eu&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=LP3UH1V1-21-638U&ex=d-rubiconproject.com&status=ok&gdpr=0
Request Chain 755
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABcLU7KsQcAABQNiJcdwQ&expires=30&gdpr=0
Request Chain 756
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LP3UH1V1-21-638U&redir=true&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LP3UH1V1-21-638U&gdpr=0&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1RdkdsSDh4RTJ1RWt5cWZmQUI3Vk5ZQk54RVBRTnQ0R35B&gdpr=0&ovsid=LP3UH1V1-21-638U&dpid=58160
Request Chain 757
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0 HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LP3UH1V1-21-638U&gdpr=0
Request Chain 758
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP3UH1V1-21-638U&gdpr=0
Request Chain 759
  • https://token.rubiconproject.com/token?pid=37556&a=1&gdpr=0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LP3UH1V1-21-638U&gdpr=0
Request Chain 760
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0 HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP3UH1V1-21-638U&gdpr=0
Request Chain 761
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0 HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LP3UH1V1-21-638U&gdpr=0 HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LP3UH1V1-21-638U&gdpr=0&dnr=1
Request Chain 764
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=f6b8bdba-2eaf-4914-82cf-9030d4a5ff98&expires=30&gdpr=0
Request Chain 765
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LP3UH1V1-21-638U&gdpr=0
Request Chain 766
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&gdpr=0 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LP3UH1V1-21-638U&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LP3UH1V1-21-638U&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true
Request Chain 767
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=3f3b5356-533f-4497-a176-93f407a9c77d&gdpr=0
Request Chain 769
  • https://c1.adform.net/serving/cookie/match?party=1164&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=3216836833839915637
Request Chain 770
  • https://sync.srv.stackadapt.com/sync?nid=14&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=ICU9rQacXFJ_CB5fi3yQN1LFoQQ
Request Chain 771
  • https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag&gdpr=0 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LP3UH1V1-21-638U&gdpr=0
Request Chain 772
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=7815611394653132251&expires=30&gdpr=0
Request Chain 773
  • https://ad.turn.com/r/cs?pid=6&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=7427790401613152250&expires=60&gdpr=0&gdpr_consent=
Request Chain 774
  • https://sync.1rx.io/usersync2/rubicon?gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7009964682
Request Chain 776
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17404&gdpr=0 HTTP 302
  • https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LP3UH1V1-21-638U&gdpr=0
Request Chain 778
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=1&gdpr=0 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=1&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=649816e3-acbd-454b-bc2b-add3b219c3f3-6558834c-4348&expires=360&gdpr=0&gdpr_consent=
Request Chain 779
  • https://pixel.rubiconproject.com/exchange/sync.php?p=outbrain&gdpr=0 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LP3UH1V1-21-638U&obUid=&initiator=&gdpr=0
Request Chain 792
  • https://www.awin1.com/cshow.php?s=2246412&v=11467&q=346432&r=414915&pref1=20504700034430604438266012512005&pv=1 HTTP 302
  • https://www.conrad.ch/ztpv.php?awc=11467_414915_1700299596_920ddac0-85f4-11ee-819e-22341370d01f&insert=AW&gdpr=&gdpr_consent=
Request Chain 806
  • https://a.c.appier.net/gcm?google_gid=CAESEF7-SG7CLoSet3-m9XqLLsU&google_cver=1&google_push=AXcoOmSE4kZgB9gjzTMnFkdAL8yP0vzdSy7-o4PtXy5UcMRahAOr1GcLhcZK_QbH9NDrHxRi_qfYYaWQz4J6Xac3rs6G8NgVOF5a3g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=VnZjV1ZHVnZCdHExdGZZVVRJTllaUQ%3D%3D&google_push=AXcoOmSE4kZgB9gjzTMnFkdAL8yP0vzdSy7-o4PtXy5UcMRahAOr1GcLhcZK_QbH9NDrHxRi_qfYYaWQz4J6Xac3rs6G8NgVOF5a3g
Request Chain 807
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESELya3wUKRDOHpwj5TgaQwr8&google_cver=1&google_push=AXcoOmRQe1ubLh3sVfihN80QtyqektBeYENJVE2fbIv5Gb_bgUZ5rqks9vSOQo-kSOEeAiWqfBoWZIwFBGFCMZI2xOcSP3R3cVvv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=853692979260&us_privacy=1---
Request Chain 808
  • https://d5p.de17a.com/cookies/google?google_gid=CAESENBEHDh0raE0Y77ecHs4djE&google_cver=1&google_push=AXcoOmSWSnze4yt5Q5rHE6wQr5WDnUywabJPsoJ41pwscWE9IHevTw0HIUVadYn-cGY8bR4iLmlrphD0jjCqcetokSI6eROTuu3s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSWSnze4yt5Q5rHE6wQr5WDnUywabJPsoJ41pwscWE9IHevTw0HIUVadYn-cGY8bR4iLmlrphD0jjCqcetokSI6eROTuu3s
Request Chain 809
  • https://rtb.openx.net/sync/dds?google_gid=CAESEMmFmAcRjOzs6nRuw_7GY58&google_cver=1&google_push=AXcoOmRMWN1nIwP-O8kSGWPsepnC0akcyYWl-pR0og07MXI8UA4uv2e73h0QCV2U2Yo7p01IuJIIenRdJ-CcyjzTGk7uVXRdeJZl1A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmRMWN1nIwP-O8kSGWPsepnC0akcyYWl-pR0og07MXI8UA4uv2e73h0QCV2U2Yo7p01IuJIIenRdJ-CcyjzTGk7uVXRdeJZl1A&google_hm=lPpImljajrWp3gsfov-k0g==
Request Chain 810
  • https://match.360yield.com/match/ebda?google_gid=CAESEG_8mc7NE70EZzRUaAlM1NM&google_cver=1&google_push=AXcoOmT4MojQ3KqlWH_j13AQjXG2D_mq-64zG9UehrZoTJ_wToeUQF7-f31njGTDpUyXLsCPd0IV7gejcTb2yGnWHMbAgjbCthtacQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=fjD_WiwsRh2btLD0-cTDdA&google_push=AXcoOmT4MojQ3KqlWH_j13AQjXG2D_mq-64zG9UehrZoTJ_wToeUQF7-f31njGTDpUyXLsCPd0IV7gejcTb2yGnWHMbAgjbCthtacQ
Request Chain 811
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE67qcXUR9HJ9sW3giUFotk&google_cver=1&google_push=AXcoOmTM3lyIS6-7is8TnHHpPS0VyB_wiYDaUPvVc4UFtp35JDerPcfDcz4kLwf1FRlAwfxbZFvt66B7d9JCn2eS6VwwgLCNA7ZhLg HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-906d15be-1972-4e9d-bd7d-18ae1ca45bb1-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTM3lyIS6-7is8TnHHpPS0VyB_wiYDaUPvVc4UFtp35JDerPcfDcz4kLwf1FRlAwfxbZFvt66B7d9JCn2eS6VwwgLCNA7ZhLg%26google_hm%3DA5BtFb4Zck6dvX0YrhykW7E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTM3lyIS6-7is8TnHHpPS0VyB_wiYDaUPvVc4UFtp35JDerPcfDcz4kLwf1FRlAwfxbZFvt66B7d9JCn2eS6VwwgLCNA7ZhLg&google_hm=A5BtFb4Zck6dvX0YrhykW7E
Request Chain 812
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEL5bxwZR1MM8z6wMVarYh3A&google_cver=1&google_push=AXcoOmQYTOlQ-jbvB0maSQmkmZcqQV97SiFBp73mY2sHANA_NSUnSDEkIx3nc7MmPg3Uu2Hnbom08A3TtxwkiP4ulBTr3smucJAH_g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzgxNTYxMTM5NDY1MzEzMjI1MQ%3D%3D&google_gid=CAESEL5bxwZR1MM8z6wMVarYh3A&google_cver=1&google_push=AXcoOmQYTOlQ-jbvB0maSQmkmZcqQV97SiFBp73mY2sHANA_NSUnSDEkIx3nc7MmPg3Uu2Hnbom08A3TtxwkiP4ulBTr3smucJAH_g
Request Chain 823
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr=0 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LP3UH1V1-21-638U&name=RUBICON&gdpr=0
Request Chain 824
  • https://pixel.rubiconproject.com/exchange/sync.php?p=rise_engage&gdpr=0 HTTP 302
  • https://cs.yellowblue.io/cs?aid=11590&id=LP3UH1V1-21-638U&gdpr=0
Request Chain 825
  • https://pixel.rubiconproject.com/exchange/sync.php?p=unruly&gdpr=0 HTTP 302
  • https://sync.1rx.io/usersync/rubicon/LP3UH1V1-21-638U?gdpr=0 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-906d15be-1972-4e9d-bd7d-18ae1ca45bb1-003?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-906d15be-1972-4e9d-bd7d-18ae1ca45bb1-003%26expires%3D30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-906d15be-1972-4e9d-bd7d-18ae1ca45bb1-003&expires=30
Request Chain 826
  • https://pixel.rubiconproject.com/exchange/sync.php?p=33across&gdpr=0 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LP3UH1V1-21-638U&gdpr=0
Request Chain 827
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&gdpr=0 HTTP 302
  • https://s2s.t13.io/setuid?bidder=rubicon&uid=LP3UH1V1-21-638U&gdpr=0
Request Chain 828
  • https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media&gdpr=0 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LP3UH1V1-21-638U&gdpr=0
Request Chain 829
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=0 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=0&_test=ZViDTAAAhugB2ABU HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZViDTAAAhugB2ABU&gdpr=0&_test=ZViDTAAAhugB2ABU
Request Chain 831
  • https://um.simpli.fi/rb_match?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=8C18D828AD01465CA9B4276E35A499E0&expires=365
Request Chain 832
  • https://token.rubiconproject.com/token?pid=2046&pt=n&a=1&gdpr=0 HTTP 302
  • https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=dSSKWIkYCeudzV--4R-hWoXsnMZhMiGdLdsvN9R-tmQ&gdpr=0 HTTP 302
  • https://rubicon-match.dotomi.com/match/bounce/current?DotomiTest=79f2dbbd7f0a18d4&is_secure=true&networkId=12783&version=1&nuid=dSSKWIkYCeudzV--4R-hWoXsnMZhMiGdLdsvN9R-tmQ&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAI0iF8EVhIZAMs4tP5AAAAAAA&expiration=1700385996&nuid=dSSKWIkYCeudzV--4R-hWoXsnMZhMiGdLdsvN9R-tmQ&is_secure=true&gdpr=0
Request Chain 834
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&gdpr=0 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LP3UH1V1-21-638U&gdpr=0
Request Chain 835
  • https://bh.contextweb.com/bh/rtset?pid=560687&ev=1&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D390200%26nid%3D5120%26put%3D%25%25VGUID%25%25&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=FJM5RlkxxPgD&ev=1&pid=560687&gdpr=0
Request Chain 836
  • https://pixel.rubiconproject.com/exchange/sync.php?p=yieldmo&gdpr=0 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LP3UH1V1-21-638U&gdpr=0
Request Chain 837
  • https://pixel.rubiconproject.com/exchange/sync.php?p=smartadserver&gdpr=0 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LP3UH1V1-21-638U&gdpr=0
Request Chain 838
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17184&gdpr=0 HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LP3UH1V1-21-638U&gdpr=0
Request Chain 844
  • https://track.adform.net/banners/scripts/rmb/Adform.DHTML.js HTTP 301
  • https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
Request Chain 846
  • https://www.awin1.com/cshow.php?s=2246412&v=11467&q=346432&r=414915&pref1=20504700034430604438266012512005&pv=0 HTTP 302
  • https://ct.conrad.ch/content-chb2c/affiliate/banner/logo1/Conrad_Logo_120x60.png
Request Chain 850
  • https://track.adform.net/banners/scripts/rmb/Adform.DHTML.js HTTP 301
  • https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
Request Chain 862
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEF6Z2M7TRDm4C9xnsYiV5es&google_cver=1&google_push=AXcoOmQdvVjcz7zYDZzBUJeA9A3VorwYMz4HRyXc2SumzVKdQrK2Z5snCBQmuwOHQxiNmONsWn0ykVPPSfW475ymt2cbENuKcK2meQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlZpRFRBQUFodWdCMkFCVQ==&google_gid=CAESEF6Z2M7TRDm4C9xnsYiV5es&google_cver=1&google_push=AXcoOmQdvVjcz7zYDZzBUJeA9A3VorwYMz4HRyXc2SumzVKdQrK2Z5snCBQmuwOHQxiNmONsWn0ykVPPSfW475ymt2cbENuKcK2meQ
Request Chain 863
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESENEry3vG7MJ-T22lr76Irqw&google_cver=1&google_push=AXcoOmSG1smXame-TrGetYTI0XhlNdL_ByrMzbWSsIp0u3sZhgpNBxY4lGwuFF0AqjynUNb0D5ptDwSC0RHUYmOd2iH6CrrOH7J8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjczMTE1MzkzMDkwOTg0MA%3D%3D&google_push=AXcoOmSG1smXame-TrGetYTI0XhlNdL_ByrMzbWSsIp0u3sZhgpNBxY4lGwuFF0AqjynUNb0D5ptDwSC0RHUYmOd2iH6CrrOH7J8
Request Chain 864
  • https://d5p.de17a.com/cookies/google?google_gid=CAESENBEHDh0raE0Y77ecHs4djE&google_cver=1&google_push=AXcoOmSmy7kWEAze7W-bwDJpT_Qh8TOZ3QXCK2Kn-dLqS3k5KGqkjBq1gRHn0AvxQjg8EB0U1h5Aq5VAJBNscdd3joqHmebd-DqMRg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSmy7kWEAze7W-bwDJpT_Qh8TOZ3QXCK2Kn-dLqS3k5KGqkjBq1gRHn0AvxQjg8EB0U1h5Aq5VAJBNscdd3joqHmebd-DqMRg
Request Chain 865
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENScDt1iPmW729WNVXdJCII&google_cver=1&google_push=AXcoOmS_5UgBQZg5_yg9uwoYIGh9orbOtET9_VKXT9iUse1J8_U2aljvhx07boja_DNGSKbAH_Bg-iubDgtroHnc7V2UPMkNL_i2kA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmS_5UgBQZg5_yg9uwoYIGh9orbOtET9_VKXT9iUse1J8_U2aljvhx07boja_DNGSKbAH_Bg-iubDgtroHnc7V2UPMkNL_i2kA&google_hm=HrRWqQZHIY778zB1T1OVMcYz
Request Chain 866
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE67qcXUR9HJ9sW3giUFotk&google_cver=1&google_push=AXcoOmRPJKt337--I_ifd5B6Y-hMZ0npQnOmklEvbohh66RZeVt_PhG-dzCDzx4kCW_dp0kEB8vMtktHsx94rOqP2ebLisB6GxbkOg HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-906d15be-1972-4e9d-bd7d-18ae1ca45bb1-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRPJKt337--I_ifd5B6Y-hMZ0npQnOmklEvbohh66RZeVt_PhG-dzCDzx4kCW_dp0kEB8vMtktHsx94rOqP2ebLisB6GxbkOg%26google_hm%3DA5BtFb4Zck6dvX0YrhykW7E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRPJKt337--I_ifd5B6Y-hMZ0npQnOmklEvbohh66RZeVt_PhG-dzCDzx4kCW_dp0kEB8vMtktHsx94rOqP2ebLisB6GxbkOg&google_hm=A5BtFb4Zck6dvX0YrhykW7E
Request Chain 867
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmRpJ-WfvtyHyOlvvIWVMmkT4-1Hs2pxW_U7Wf8iPHbPkUE6AYJWjIB-M0-MUE2pq5GKnhWNeFFLFQWrY_hRXJiYLZUFUQAg-Q&google_gid=CAESEL0SgtmcDOPt0proOLngvmQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL0SgtmcDOPt0proOLngvmQ&google_hm=T1BVNjkzMWE0N2IzNWNiNDBmZGFiN2YzNjIyMzkzZWM5M2U&google_nid=opera_norway_as&google_push=AXcoOmRpJ-WfvtyHyOlvvIWVMmkT4-1Hs2pxW_U7Wf8iPHbPkUE6AYJWjIB-M0-MUE2pq5GKnhWNeFFLFQWrY_hRXJiYLZUFUQAg-Q
Request Chain 868
  • https://trace.mediago.io/cs/google?google_gid=CAESEJkAPqh_G8yp9t2icYv_zqM&google_cver=1&google_push=AXcoOmQRmBCtpwvhmucyK-ZvxH7ZllwltGTC8AO6etr9dd-yU5xBULwmbV_CMDRnLT1s4FM5raleYC02HbDGLd-WwoNdlrR-Hi8jZHs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQRmBCtpwvhmucyK-ZvxH7ZllwltGTC8AO6etr9dd-yU5xBULwmbV_CMDRnLT1s4FM5raleYC02HbDGLd-WwoNdlrR-Hi8jZHs&google_hm=f34e969978f0b1271k9hgw00lp3uh87v
Request Chain 921
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=49ED4D72F2DA4A3AB9BAFA22E8ED8B4A&RedC=c.clarity.ms&MXFR=173A68C7873C670F3D7D7B0A833C6913 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=49ED4D72F2DA4A3AB9BAFA22E8ED8B4A&MUID=36669896F0C06FFE1AB98B5BF1CB6E21

1054 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
folkd.com/
Redirect Chain
  • https://www.folkd.com/submit/msglomi.com/bbs/board.php?bo_table=shoparea&state1=%EC%84%9C%EC%9A%B8&state2=%EC%84%B1%EB%B6%81/
  • https://folkd.com/submit/msglomi.com/bbs/board.php?bo_table=shoparea&state1=%EC%84%9C%EC%9A%B8&state2=%EC%84%B1%EB%B6%81/
  • https://folkd.com/
17 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel / Express
Resource Hash
dbcf47c2d346359a718d2cf488a4dca30c53ec9f96002e6e1ecd734e0d3d4cfc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
827f2be8c8fc18e0-FRA
content-encoding
br
content-security-policy
frame-ancestors 'self'
content-type
text/html
date
Sat, 18 Nov 2023 09:26:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R1nnENvGpm6vf7u6h3%2BOhmFk%2BrbZN3mTMNxpIlnRFb%2By%2FfbIJmJ6ZS5Dze4TsUpg2BRO7EToFr1cVJ3%2ByjU3cQZaedna1A%2BfiKceaCJ9GZSW5xk4CwptKK78hRyMs3%2FZuvEdWYtd1%2B1xM%2FCa%2FtVFlQnPOQN40%2FEid0StERHcO%2B9PXZhpWA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
Vercel
strict-transport-security
max-age=63072000
vary
Accept-Encoding
x-bubble-capacity-limit
0 ms slower
x-bubble-capacity-used
0.141 unit-seconds used
x-bubble-perf
{"total":130.1,"percents":{"top":{"bubble_cpu":46.9,"block":51.6,"capacity_rl":0,"other_pause":0,"pre_fiber":0.3},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":53.8,"appserver_cache_misses_time":0,"redis":61.5,"fiber_queue":4.9,"capacity_wait":6.4}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":5,"derived_cache_memory_misses":5,"serverjson":121,"appserver_cache_attempts":3,"appserver_mem_cache_hits":0,"appserver_cache_hits":3,"appserver_cache_misses":0,"redis":70,"fiber_queue":59,"blocks":58},"misc":{"userdb_results":1,"userdb_data":629,"spent_time":9139475}}
x-coalias-cache
MISS
x-frame-options
SAMEORIGIN
x-powered-by
Express
x-vercel-id
fra1::45hwd-1700299582828-5ce6358c9703

Redirect headers

cache-control
no-store
cf-ray
827f2be81a976973-FRA
content-length
0
content-type
text/plain;charset=UTF-8
date
Sat, 18 Nov 2023 09:26:22 GMT
location
/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YLJPBaaXKLgH6Fj9QAGUCUiUhqBLnowLvBmChnk%2BsYXROZ44G56ZC4R93U5g%2FCSFf8rVBlDIxJG7jw5jdYHolRsElcM0uhRvmt1e6mEkPUPcqWDND%2Fptl%2BhqYUmfe9AWZ3yHRLxoHUeLsib1I4SJdN2VsgvIwnjbn2YtU7eHGvW9ZtmYTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
Vercel
strict-transport-security
max-age=63072000
vary
Accept-Encoding
x-vercel-id
fra1::45hwd-1700299582709-a85365e9bfdc
coalias_meta.js
folkd.com/ 		2 KB
1016 B 		Script
General
Check archive.org
Download Go to
Full URL
https://folkd.com/coalias_meta.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
63048d3da9b8ef24703db0cb353c4bec041d9acc3575b407755a5affda7eb9db
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://folkd.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:23 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Vercel
x-vercel-id
fra1:fra1:fra1::rpmbt-1700299583381-dc949d4906d7
age
132194
etag
W/"162388d1b605b8c339e98419fcdfbb9d"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="coalias_meta.v1.min.js"
coalias_page_logic.js
folkd.com/ 		1 KB
709 B 		Script
General
Check archive.org
Download Go to
Full URL
https://folkd.com/coalias_page_logic.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
09fa48367ecdb31ccbb365e0428d3d7bd7f32f48890b84d2e6c6ab9d2b12e3f2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:23 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Vercel
x-vercel-id
fra1:fra1:fra1::bvp7t-1700299583277-41cdafffe905
age
333921
etag
W/"c01471c249877474d63c6beba5d7cb51"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="coalias_page_logic.v1.min.js"
coalias_static_rewrite.js
folkd.com/ 		616 B
877 B 		Script
General
Check archive.org
Download Go to
Full URL
https://folkd.com/coalias_static_rewrite.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
18a847f8474bbd62b4a8e5d7fc404c2d3863b05bd4e940750f7bf3fb31c78430
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:23 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Vercel
x-vercel-id
fra1:fra1:fra1::hzx5m-1700299583277-577cecc83403
age
861219
etag
"142bd05e9b948e2640c9647c7734ee4b"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="coalias_static_rewrite.v1.min.js"
accept-ranges
bytes
content-length
616
early.js
folkd0612.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://folkd0612.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.203.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b

Request headers

Referer
https://folkd.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:23 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":12.6,"percents":{"top":{"bubble_cpu":35.6,"block":48,"capacity_rl":0,"other_pause":0,"pre_fiber":4.7},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":14,"fiber_queue":3.4,"capacity_wait":32.2}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":4,"fiber_queue":5,"blocks":4},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":675629}}
server
cloudflare
age
897034
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-bubble-capacity-used
0.01 unit-seconds used
timing-allow-origin
*
cf-ray
827f2bee5d31021d-ZRH
x-bubble-capacity-limit
0 ms slower
run.css
folkd0612.bubbleapps.io/package/run_css/067cb34e674f83e7bff7f185f4cc96c6534b4704261009fb511a6267dfa55da7/folkd0612/live/index/xfalse/xfalse/ 		628 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://folkd0612.bubbleapps.io/package/run_css/067cb34e674f83e7bff7f185f4cc96c6534b4704261009fb511a6267dfa55da7/folkd0612/live/index/xfalse/xfalse/run.css
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.203.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7fe686d98f9082ebd917492c9b1faf52494e8a56c575dcc402430155e63508b5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:23 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":27.8,"percents":{"top":{"bubble_cpu":31.9,"block":65.6,"capacity_rl":0,"other_pause":0,"pre_fiber":1.3},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":27.6,"appserver_cache_misses_time":0,"redis":45,"fiber_queue":2,"capacity_wait":27.7}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":13,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":12,"fiber_queue":12,"blocks":11},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1332165}}
age
37294
cf-polished
origSize=799884
x-powered-by
Express
x-bubble-capacity-used
0.02 unit-seconds used
cf-bgj
minify
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
cf-ray
827f2bee5c1d01fc-ZRH
x-bubble-capacity-limit
0 ms slower
pre_run_jquery.js
folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.203.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Request headers

Referer
https://folkd.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:23 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":7,"percents":{"top":{"bubble_cpu":23.7,"block":64.9,"capacity_rl":0,"other_pause":0,"pre_fiber":5.8},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":64.6,"fiber_queue":2,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":3,"fiber_queue":4,"blocks":3},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":248641}}
server
cloudflare
age
897034
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-bubble-capacity-used
0.004 unit-seconds used
timing-allow-origin
*
cf-ray
827f2bee5d34021d-ZRH
x-bubble-capacity-limit
0 ms slower
run.js
folkd0612.bubbleapps.io/package/run_js/8f0ef234f61a723a60dae0e59b553571eac7cb3e454e5b2cba91d86b54fc571f/xtrue/x21/ 		4 MB
812 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://folkd0612.bubbleapps.io/package/run_js/8f0ef234f61a723a60dae0e59b553571eac7cb3e454e5b2cba91d86b54fc571f/xtrue/x21/run.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.203.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b789af77407dfb04fde7284c83ec497e103143c17e861ff09d810463d30d7dda

Request headers

Referer
https://folkd.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:23 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":308.5,"percents":{"top":{"bubble_cpu":1.2,"block":95.6,"capacity_rl":0,"other_pause":0,"pre_fiber":2.7},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":8.8,"fiber_queue":2.5,"capacity_wait":0.7}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":4,"fiber_queue":7,"blocks":6},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":571784}}
server
cloudflare
age
37294
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-bubble-capacity-used
0.009 unit-seconds used
timing-allow-origin
*
cf-ray
827f2bee5d37021d-ZRH
x-bubble-capacity-limit
0 ms slower
static.js
folkd0612.bubbleapps.io/package/static_js/831d67840db7ca343df9de82b96b0536086a5380a70b25bbbc5d7741df18d8d9/folkd0612/live/index/xnull/xfalse/xfalse/xtrue/ 		1 MB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://folkd0612.bubbleapps.io/package/static_js/831d67840db7ca343df9de82b96b0536086a5380a70b25bbbc5d7741df18d8d9/folkd0612/live/index/xnull/xfalse/xfalse/xtrue/static.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.203.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
9ebdca8d12ecd966a87e3ea10f97022f0fdb6d6301343bd966cad1800f9d8d3f

Request headers

Referer
https://folkd.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:23 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":52.1,"percents":{"top":{"bubble_cpu":56.6,"block":41.8,"capacity_rl":0,"other_pause":0,"pre_fiber":0.9},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":79.9,"appserver_cache_misses_time":0,"redis":69.6,"fiber_queue":10.5,"capacity_wait":4}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":2,"derived_cache_memory_misses":2,"serverjson":57,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":31,"fiber_queue":20,"blocks":19},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":4423563}}
server
cloudflare
age
37294
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-bubble-capacity-used
0.068 unit-seconds used
timing-allow-origin
*
cf-ray
827f2bee5d33021d-ZRH
x-bubble-capacity-limit
0 ms slower
dynamic.js
folkd0612.bubbleapps.io/package/dynamic_js/5103147c848345de85a4b4051ec0c14c91cae4bba6e765f2f70d79829c3c98f8/folkd0612/live/index/xnull/xfalse/xtrue/en_us/xfalse/xfalse/ 		2 MB
210 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://folkd0612.bubbleapps.io/package/dynamic_js/5103147c848345de85a4b4051ec0c14c91cae4bba6e765f2f70d79829c3c98f8/folkd0612/live/index/xnull/xfalse/xtrue/en_us/xfalse/xfalse/dynamic.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.203.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
07a10e3912e7a681e810c7cc0cfb13868b18acd4feb6ba57c90598a22fdc9d11

Request headers

Referer
https://folkd.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:23 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":163.3,"percents":{"top":{"bubble_cpu":8.8,"block":90.7,"capacity_rl":0,"other_pause":0,"pre_fiber":0.3},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":3.2,"appserver_cache_misses_time":0,"redis":3.6,"fiber_queue":0.4,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":4,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":6,"fiber_queue":9,"blocks":8},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":2159225}}
server
cloudflare
age
125985
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-bubble-capacity-used
0.033 unit-seconds used
timing-allow-origin
*
cf-ray
827f2bee5d35021d-ZRH
x-bubble-capacity-limit
0 ms slower
iziToast.min.css
cdnjs.cloudflare.com/ajax/libs/izitoast/1.4.0/css/ 		41 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/izitoast/1.4.0/css/iziToast.min.css
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fa7d6e3b4039b59b4d4721ea7e523a42a4dc0b56405829df9f8696f8550fa01
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1417888
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
9391
last-modified
Mon, 04 May 2020 16:11:41 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ebd-a221"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Rut649%2BuIm6%2F5ZRvvYYW4qwBbj19BFjwVJ%2Bv%2BFjQrBiaoQwAHMr3T29RdRpwmmWJPzNhQJiw%2FGQKnM2SSXj9L9a0xOWY03jwrJjLakxZGiIUSIX8oPp6xEvfoJGGXTuwy0bWRBL"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
827f2befaf250221-ZRH
expires
Thu, 07 Nov 2024 09:26:23 GMT
iziToast.min.js
cdnjs.cloudflare.com/ajax/libs/izitoast/1.4.0/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/izitoast/1.4.0/js/iziToast.min.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df6d4fc52f8f3af6ef59c215a1165e4667f7daaedf4c5409db56d7c133564446
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1405478
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4440
last-modified
Mon, 04 May 2020 16:11:41 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ebd-4836"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mB7eLcW7vzIv7mTc7zNOOLcuNzw4D3uQBX%2BjTsa6c5oAroFsjhIkPKyZJFiGSDhgO%2F72PUj7PKgSoCzbRyt2MdzWKw8s6FrPDZTONRxHzvZAWUDpkbLYzz0l5nCAO686eButKJvj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
827f2befaf260221-ZRH
expires
Thu, 07 Nov 2024 09:26:23 GMT
openbuild.css
cdn.jsdelivr.net/gh/matmaz99/openbuild-core@latest/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/matmaz99/openbuild-core@latest/openbuild.css
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce658fec86c1f9a68dfdfcd3a26f13e51f5e6002c96fbfe1010b72810aa6bea8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
37295
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230124-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"610-Hhq7J7BAZ2hStZBftPx+L7C331g"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tRShbX0TLCSx%2F0t%2FacUMOL%2F2ntyrCrRhJ3jv79KCweBWWoBQgxH8vwuD1tT%2FfhQ74wbvmIvLQ0guBx3SosJuyqgQXwVTDgzBB2Olicg95mzaLmdJmQTTeS0tA1hC53dZLqo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
827f2befaf672397-ZRH
xano.min.js
cdn.jsdelivr.net/npm/@xano/js-sdk/dist/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@xano/js-sdk/dist/xano.min.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
745097fdeb0ffd3d61c322f951065a79ea6cde580a5746b312028d2ab4995dd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
29562
x-jsd-version
1.0.21
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220060-FRA, cache-mxp6944-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"816c-y4fQWjEhnwuADXqNUiHMJJo4LgE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GqMkDHbrkKgR%2FgiRlAH1YOoLOyebK%2BPaCisfJlwqjLybE8SK0Q5aVESvG%2BMIlC%2Bgdv6p8ddUKCL9zTUVr9EFWwzEJuo5lnYoRl1ij%2BHsU7SLlgkd0PCIUqWa6g5tQmAqv%2F4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
827f2befaf6b2397-ZRH
65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
monu.delivery/site/5/d/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/site/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.3.92.76 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
nb-185-3-92-76.tc.nodebalancer.linode.com
Software
nginx /
Resource Hash
cfe833003517ee3a70850150b7b3f9d7d21c4b5720c1f5e646690a7c964da4b9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:24 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ABPtcPpiUkV-RDYSi4O1vKqeYUxoJ86TyqNzrLb3MpRP2vo1sbgWjmBUKfjktQyn322PCIRt9jo
transfer-encoding
chunked
x-cache
EXPIRED
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
connection
close
server
nginx
vary
Accept-Encoding
x-goog-generation
1700286819333799
content-type
application/javascript
x-goog-hash
crc32c=vV9Pnw==, md5=yrgHGUmlEuqouzQ6cfEpxw==
cache-control
max-age=7200
x-goog-stored-content-length
56532
expires
Sat, 18 Nov 2023 11:26:24 GMT
js
www.googletagmanager.com/gtag/ 		224 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7BR5TDFFPC
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b14aaa0cc98596c6b62f6e1be95c8b41f722d66a9a8eb4e2e10cf0eecb862766
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81127
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 18 Nov 2023 09:26:24 GMT
/
js.stripe.com/v3/ 		556 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
90deaa6ce62764135079beba976e8df57220a817e759914adf09626153f38c16
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 18 Nov 2023 09:26:23 GMT
via
1.1 varnish
age
61
x-cache
HIT
content-length
157344
x-request-id
3ff3ad67-2676-4226-a2b8-6e2790588038
x-served-by
cache-vie6333-VIE
last-modified
Fri, 17 Nov 2023 21:38:13 GMT
server
Fastly
etag
"b2cc65458b2c4ec73e91a4fb930e6217"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2
css
fonts.googleapis.com/ 		20 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Fira+Sans:regular%7CInter:300%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:500%7CInter:500%7CInter:600%7CInter:700%7CLato:regular%7CLato%7CNoto+Sans:regular%7CPublic+Sans:regular%7CPublic+Sans:500%7CUrbanist:500%7CUrbanist:600%7CUrbanist:700
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
ESF /
Resource Hash
391745d698a9b473b2246c5c425b2c0eefd8afeddb702284646be40f6f70d57c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 18 Nov 2023 09:26:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 18 Nov 2023 09:26:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 18 Nov 2023 09:26:24 GMT
data
folkd.com/api/1.1/init/ 		706 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://folkd.com/api/1.1/init/data?location=https%3A%2F%2Ffolkd.com%2F
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel / Express
Resource Hash
e2b8ac88e9e144030a94b93e3e215ad4fd6031efa6ac8504375f3021b3ba3b90
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://folkd.com/
x-coalias-route
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNzAwMjk5NTgzfQ.5YJFcOdi4ajlFBqM_APR1BqM4pt1FL3JmqJsfDSf0JM
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:24 GMT
strict-transport-security
max-age=63072000
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
Vercel
x-coalias-cache
MISS
x-bubble-perf
{"total":19.2,"percents":{"top":{"bubble_cpu":34.1,"block":60.2,"capacity_rl":0,"other_pause":0,"pre_fiber":2.4},"sub":{"pp_userdb":10.4,"pp_wait_userdb":0,"http_request":0,"serverjson":13.8,"appserver_cache_misses_time":0,"redis":50.8,"fiber_queue":2.6,"capacity_wait":0}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"serverjson":8,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":13,"fiber_queue":14,"blocks":13},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":5980522}}
x-vercel-id
fra1::bfk2w-1700299583955-9fefd6f1ad37
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2Bf9XxpvY74rHHJEjNfhV2%2BVm%2F%2FF7AHEu9jtp%2B5MOilhJV5DhhNG90OBJd7PzLlXeM3fbPhVOMIXMVxTQevUnI05tgfmBkjVA1dHyPxzoB9UpxZ9%2B1U1r7CJE255wEre72N9uptddZw84KGc6IyhGOgkOHbSPkH18oD3QVrSMmjMGo3YAA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=0, must-revalidate
x-bubble-capacity-used
0.092 unit-seconds used
cf-ray
827f2beff9cd2280-CDG
x-bubble-capacity-limit
0 ms slower
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/dynamic_js/5103147c848345de85a4b4051ec0c14c91cae4bba6e765f2f70d79829c3c98f8/folkd0612/live/index/xnull/xfalse/xtrue/en_us/xfalse/xfalse/dynamic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
GSE /
Resource Hash
13a98b9416e587b6aac281b68031fbc9fdfcc4e6870925efcf7416251f0ea912
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 09:26:24 GMT
moment.min.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.22.0/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.22.0/moment.min.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c42c23a0a15b19aa34fbf250c2ef3717f98169f8f123875936de604ca03070a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
805620
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15241
last-modified
Mon, 04 May 2020 16:13:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f26-c9b6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2BQAOYcNZcabFNRVAT3YGDj6up8yZlm4ZTFj8u%2FISm2J7R23ay1y6Fecu3yOEEEAMvSTaijMS8W%2BZyxMNvO073cZMfUPm0bxUVJeGRVSm%2FAxHRO729%2B2RgCccbFOcAoU3mTaqEZM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
827f2bf2dc1b0221-ZRH
expires
Thu, 07 Nov 2024 09:26:24 GMT
va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v17/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v17/va9E4kDNxMZdWfMOD5Vvl4jL.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:regular%7CInter:300%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:500%7CInter:500%7CInter:600%7CInter:700%7CLato:regular%7CLato%7CNoto+Sans:regular%7CPublic+Sans:regular%7CPublic+Sans:500%7CUrbanist:500%7CUrbanist:600%7CUrbanist:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 03:43:58 GMT
x-content-type-options
nosniff
age
106946
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23880
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:50:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 03:43:58 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:regular%7CInter:300%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:500%7CInter:500%7CInter:600%7CInter:700%7CLato:regular%7CLato%7CNoto+Sans:regular%7CPublic+Sans:regular%7CPublic+Sans:500%7CUrbanist:500%7CUrbanist:600%7CUrbanist:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:28:22 GMT
x-content-type-options
nosniff
age
61082
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46704
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 16:28:22 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:regular%7CInter:300%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:500%7CInter:500%7CInter:600%7CInter:700%7CLato:regular%7CLato%7CNoto+Sans:regular%7CPublic+Sans:regular%7CPublic+Sans:500%7CUrbanist:500%7CUrbanist:600%7CUrbanist:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:16:36 GMT
x-content-type-options
nosniff
age
302988
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Nov 2024 21:16:36 GMT
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v34/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v34/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:regular%7CInter:300%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:500%7CInter:500%7CInter:600%7CInter:700%7CLato:regular%7CLato%7CNoto+Sans:regular%7CPublic+Sans:regular%7CPublic+Sans:500%7CUrbanist:500%7CUrbanist:600%7CUrbanist:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
55ed173209f7ec86b28240d8c2ecebe894742cffefed38a4de734d35bbf8d9f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 08:18:41 GMT
x-content-type-options
nosniff
age
4063
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14276
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 19:35:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Nov 2024 08:18:41 GMT
ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2
fonts.gstatic.com/s/publicsans/v15/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/publicsans/v15/ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:regular%7CInter:300%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:500%7CInter:500%7CInter:600%7CInter:700%7CLato:regular%7CLato%7CNoto+Sans:regular%7CPublic+Sans:regular%7CPublic+Sans:500%7CUrbanist:500%7CUrbanist:600%7CUrbanist:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
432501d7bf47b128295c61f72eeee2e5c2d33755f85db43ba89188408ab9389d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:17:06 GMT
x-content-type-options
nosniff
age
122958
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26244
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:34:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Nov 2024 23:17:06 GMT
L0x-DF02iFML4hGCyMqlbS0.woff2
fonts.gstatic.com/s/urbanist/v15/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/urbanist/v15/L0x-DF02iFML4hGCyMqlbS0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:regular%7CInter:300%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:500%7CInter:500%7CInter:600%7CInter:700%7CLato:regular%7CLato%7CNoto+Sans:regular%7CPublic+Sans:regular%7CPublic+Sans:500%7CUrbanist:500%7CUrbanist:600%7CUrbanist:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
84221e6c0c5f950b44d38a40bc19ffa9a340b2a5d207cb6f6461b84d474f2555
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 15:56:56 GMT
x-content-type-options
nosniff
age
62968
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27824
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:09:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 15:56:56 GMT
xdomain_cookie.min.js
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.3.92.76 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
nb-185-3-92-76.tc.nodebalancer.linode.com
Software
nginx /
Resource Hash
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:24 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ABPtcPq9xahRJJLAjxAWVgvg5ZJNoyJbmfQMqxHNPGyzs9NMrnt7Tkfud6mNCH82S_GVW7-5NOWzwc4YnQ
transfer-encoding
chunked
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
connection
close
last-modified
Tue, 25 Aug 2020 07:36:03 GMT
server
nginx
vary
Accept-Encoding
x-goog-generation
1598340963244234
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=PYpHKQ==, md5=thaqbm5dIRiPqROaEv/m/g==
cache-control
max-age=31104000, public
x-goog-stored-content-length
4733
expires
Tue, 12 Nov 2024 09:26:24 GMT
hysaayfb9e
www.clarity.ms/tag/ 		650 B
1015 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/hysaayfb9e
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
45e41aa5f55540e62316758edc0560f43737cc69804263b30c8a2f557cc3aaed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
-1
date
Sat, 18 Nov 2023 09:26:24 GMT
x-azure-ref
20231118T092624Z-eevwcnhnfx3qhazmanbvwfz64g0000000b1g00000001ad4m
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
650
request-context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
monu.delivery/sitesplit/d3/smartzones/other/YAF-145-selectmedia/5/d/ 		574 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/sitesplit/d3/smartzones/other/YAF-145-selectmedia/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.3.92.76 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
nb-185-3-92-76.tc.nodebalancer.linode.com
Software
nginx /
Resource Hash
d31f6098b638965bc04f8c34cebfb88d8accd958e74ced030a3ecb68e0c5b82b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:25 GMT
content-encoding
gzip
age
1
x-guploader-uploadid
ABPtcPr2jPeIqHUDs-HKho7tKNMWRCcxm-X6pbsarBF1ttykbLaEbN7o7-lCgMyOSRSFoWE6FAQ
transfer-encoding
chunked
x-cache
MISS
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
connection
close
server
nginx
vary
Accept-Encoding
x-goog-generation
1700286822178521
content-type
application/javascript
x-goog-hash
crc32c=wvMDKw==, md5=c/CSiltEf+gozychoBeVfA==
cache-control
max-age=7200
x-goog-stored-content-length
586881
expires
Sat, 18 Nov 2023 11:26:25 GMT
m-outer-27c67c0d52761104439bb051c7856ab1.html
js.stripe.com/v3/ Frame FF08 		200 B
839 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
6091352
cache-control
max-age=31536000
content-encoding
br
content-length
154
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 18 Nov 2023 09:26:24 GMT
etag
"27c67c0d52761104439bb051c7856ab1"
last-modified
Fri, 08 Sep 2023 21:23:50 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
410281
x-content-type-options
nosniff
x-request-id
cb17b776-8658-4475-bacc-dc06f582a52f
x-served-by
cache-vie6333-VIE
me
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/auth/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/auth/me
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.186.193.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-data-source
Access-Control-Request-Method
GET
Origin
https://folkd.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 18 Nov 2023 09:26:25 GMT
expires
Wed, 20 Nov 2013 09:26:25 GMT
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
x-frame-options
deny
x-xss-protection
1; mode=block
suggestedTagsNew
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/suggestedTagsNew?perPage=10
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.186.193.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-data-source
Access-Control-Request-Method
GET
Origin
https://folkd.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 18 Nov 2023 09:26:25 GMT
expires
Wed, 20 Nov 2013 09:26:25 GMT
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
x-frame-options
deny
x-xss-protection
1; mode=block
fontawesome-webfont.woff2
folkd0612.bubbleapps.io/static/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://folkd0612.bubbleapps.io/static/fonts/fontawesome-webfont.woff2
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_css/067cb34e674f83e7bff7f185f4cc96c6534b4704261009fb511a6267dfa55da7/folkd0612/live/index/xfalse/xfalse/run.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.203.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://folkd0612.bubbleapps.io/package/run_css/067cb34e674f83e7bff7f185f4cc96c6534b4704261009fb511a6267dfa55da7/folkd0612/live/index/xfalse/xfalse/run.css
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:24 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-bubble-perf
{"total":8.4,"percents":{"top":{"bubble_cpu":22,"block":71.2,"capacity_rl":0,"other_pause":0,"pre_fiber":4.9},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":52.2,"fiber_queue":4.8,"capacity_wait":13.3}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":4,"fiber_queue":6,"blocks":5},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":277299}}
age
1415169
x-powered-by
Express
x-bubble-capacity-used
0.004 unit-seconds used
content-length
77160
server
cloudflare
etag
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
827f2bf4cf81021d-ZRH
x-bubble-capacity-limit
0 ms slower
logo-40px.svg
1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io/f1676897406070x914614085739208700/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io/f1676897406070x914614085739208700/logo-40px.svg
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b26090b7c2ddac21b5731cd0dc5ada44fd88d3b7ee421dd8ddc0a7db2b12c70
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:25 GMT
x-amz-version-id
NoYri7j3dqGJ_o.0cuCTxKXFnTaBUSkL
content-encoding
br
cf-cache-status
HIT
content-security-policy
script-src 'none'
x-amz-request-id
1HG26VK2E955E9SR
age
81826
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-id-2
fcAFiGc7xkEsxlb+DWpEIwvrzaMlQjjzOwaS51ktCUwXW9FShClJGiAKCjCzSCGH38gL+TuzSYI=
x-amz-meta-appname
folkd0612
last-modified
Mon, 20 Feb 2023 12:50:07 GMT
server
cloudflare
etag
W/"98bcc0ebb1abcca0eceef4c5f8ed8d71"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
827f2bf6ea67f0cf-CDG
me
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/auth/ 		162 B
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/auth/me
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@xano/js-sdk/dist/xano.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.186.193.35.bc.googleusercontent.com
Software
/
Resource Hash
b924c0f3cca5409ff9a2c9641e5610cee45e81ae4d315dc6bfa594dd0d5ca663
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
X-Data-Source
live
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
Authorization
Bearer eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiemlwIjoiREVGIn0.zl4iyT2FEhZ7t_GtvctvloHg6DaXYVJ5wyHcn0xNZKPmYoq5wLzHtArlDd-1I7pZ6rcajjTMjm_yxA2Le6fHai2Ytw3x5RkU.9c6mnVGI41WO7f4429nOgw.q-7MJ7mvni-ZViGR6vc7vP21iy5LrQEb0vDnuLc6Jg7rtlhy2DGeiH5eXnj-c9tv7SiU56HyBymP1uTq2k9ABS8P0biOl3r0cxT1r4xPTbjJ7MdNOukofnRFopXiGa42lEB9K_PFgLA1KyXMp-_2Ww.syJUo0JCMR2wnkaD_XNmtg0BKkyii5wtQVaYadM1FoY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains;
x-app
hit
x-xss-protection
1; mode=block
pragma
no-cache
x-frame-options
deny
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-headers
*
expires
Wed, 20 Nov 2013 09:26:25 GMT
suggestedTagsNew
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/suggestedTagsNew?perPage=10
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@xano/js-sdk/dist/xano.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.186.193.35.bc.googleusercontent.com
Software
/
Resource Hash
223ec4eac02d22c26be2659a29c69fac16b134c2a66196987cff4432b247646a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
X-Data-Source
live
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
Authorization
Bearer eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiemlwIjoiREVGIn0.zl4iyT2FEhZ7t_GtvctvloHg6DaXYVJ5wyHcn0xNZKPmYoq5wLzHtArlDd-1I7pZ6rcajjTMjm_yxA2Le6fHai2Ytw3x5RkU.9c6mnVGI41WO7f4429nOgw.q-7MJ7mvni-ZViGR6vc7vP21iy5LrQEb0vDnuLc6Jg7rtlhy2DGeiH5eXnj-c9tv7SiU56HyBymP1uTq2k9ABS8P0biOl3r0cxT1r4xPTbjJ7MdNOukofnRFopXiGa42lEB9K_PFgLA1KyXMp-_2Ww.syJUo0JCMR2wnkaD_XNmtg0BKkyii5wtQVaYadM1FoY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains;
x-query-cache
1
x-app
hit
x-xss-protection
1; mode=block
pragma
no-cache
x-frame-options
deny
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-headers
*
expires
Wed, 20 Nov 2013 09:26:25 GMT
hi
folkd.com/user/ 		57 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://folkd.com/user/hi
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel / Express
Resource Hash
e576a60d6fd181f2b0ab7a07c0fc8d2f31ee43fad9cc4678ee3ea5117e719bb6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

X-Bubble-Epoch-Name
Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID
1700299584454x889605619438214300
X-Bubble-Fiber-ID
1700299585050x958254816353126400
X-Bubble-PL
1700299583072x669
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://folkd.com/
cache-control
no-cache
Referer
https://folkd.com/
X-Requested-With
XMLHttpRequest
x-coalias-route
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNzAwMjk5NTgzfQ.5YJFcOdi4ajlFBqM_APR1BqM4pt1FL3JmqJsfDSf0JM
X-Bubble-Breaking-Revision
5

Response headers

date
Sat, 18 Nov 2023 09:26:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bubble-perf
{"total":9.4,"percents":{"top":{"bubble_cpu":22,"block":66.9,"capacity_rl":0,"other_pause":0,"pre_fiber":5.9},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":3.5,"appserver_cache_misses_time":0,"redis":65.7,"fiber_queue":2.5,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":7,"fiber_queue":8,"blocks":7},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":309630}}
strict-transport-security
max-age=63072000
x-bubble-appname
folkd0612
x-powered-by
Express
x-bubble-capacity-used
0.005 unit-seconds used
x-coalias-cache
MISS
server
Vercel
x-vercel-id
fra1::4d9j2-1700299585068-801677ba0fc0
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6PJ0QPAA%2FI5UnS8AED3m%2Bf4rZew50NLy4wmH2Dv95d7%2BQqO8EdWM6on4nYeoNLPfZ%2BXR4fV%2F0Dh8oFem5NelOw9bJ2cx1CeVD6XsSmOEBdkWf%2BxGsEPsmS4FemUqOfMjsKkbxPC0b03ivp43RM7192FXJ1e6l%2FQdymAH67NqXaVXnqnWNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
x-bubble-request-took
9
cache-control
no-cache
cf-ray
827f2bf6cf55bbfe-FRA
x-bubble-capacity-limit
0 ms slower
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
551 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638388
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l4dZBtnzurJyX8cVOhcMGC8oi8S7H1TnnMUMqb0%2BwMO%2BQVA%2ByR3YxfRp0ONj7MYAfKEvNAedqyVV0%2F%2By0iTiBBBQBWRdlnYRGvHG7MV2BBNpQCRumqIClFhn9aTlFqOeFxE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2bf90ee224c0-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
603 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638388
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oWwWDYsB%2BcANF7IKpP4cKLlzfoCOHLny7bn42ns2UPr%2BViZXAjkncD0hgdsRezXUrhFjCyH2hoWUesrxfI%2FIhIYgK2Sdl0aHw4drb2IMPhlRwhng7OT8nvXcRt7ocGb%2F0kQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2bf90eef24c0-ZRH
link.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
945 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/link.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
200dc7bef742f1444cb61f8815c670559515190e8c26b22d2321d97f0b9f772b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
889966
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-7SIfGbMr0v+LWC1mugpE30WyzaY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fxzp85joM1PBOdcoWgTUnNDIDTrWIvKo5ZVlpejjs9%2FV2xFo6vbbw66KCyz1Nv34USGv1znBGu%2FKFu2mlv2SqnIMvr4tMI6r1TTl4GC8yG8z7SRR3Cxt39B4KymdgyfBxxo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2bf90eea24c0-ZRH
arrow-right.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		238 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-right.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c47b5a01db671339098d535f5e4ba9b1aea4e8f6a587115f3c5fb1c5f536c026
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
891731
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230112-FRA, cache-mxp6925-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"ee-sKiN6U34uU57BENu+Y1GOws6S4A"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1qwB5jD%2BvwvrCTWJcVncOmE93zipNpXqkUwUAceIhXo3PfvrHqt11c5qgV7wvwW2AwJn0Zo23bLPzJj6BmBj8pXLvq6Nky1boA6%2Fqv6ftZ8qYNR5f2%2BlIpeCl2ogGZyRJ0g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2bf90ee724c0-ZRH
link.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/link.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
200dc7bef742f1444cb61f8815c670559515190e8c26b22d2321d97f0b9f772b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
889966
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-7SIfGbMr0v+LWC1mugpE30WyzaY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yW3%2BEXD43VNx0kxdT%2BYjzeKjJsLQX8CE7VMm4Ng%2FITvLf6duBBRbjwgXeRWgNG1uIq5gsHJal1rfxYh1QlkI7IIDgz06IT01xWJ7mPvunR7bNGN1VEDlXiRHaAHZRafpQy8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2bf90ef524c0-ZRH
arrow-right.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		238 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-right.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c47b5a01db671339098d535f5e4ba9b1aea4e8f6a587115f3c5fb1c5f536c026
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
891731
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230112-FRA, cache-mxp6925-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"ee-sKiN6U34uU57BENu+Y1GOws6S4A"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aq1YDzqLVK4wNfe%2FLy1JWO6xEYLvGUTo%2FeWwr%2F3%2BhP9w2a4mU7t28npQn2wEw1oqmGrEsw4JFDPcHJABwf%2FyAGxHbhu%2F33zC%2FHZNL0bAPtfVKAvg8%2B4UxR1EIE5lnvP7644%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2bf90eec24c0-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
551 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638388
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UPKZQhksRcHL4jnwQTjhfVZL%2Bdof9ShkZ1yBJIdaDRMmooDbA7K%2BDqYdpYWh9r4HXYj8UFSQZj4uY6M%2F1uyaNkvHj%2FJUy1df%2BMKv8eHJbIP9msIL5sHJBDzO6v7sPLilQiA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2bf90ef424c0-ZRH
m-outer-6576085ca35ee42f2f484cda6763e4aa.js
js.stripe.com/v3/fingerprinted/js/ Frame FF08 		631 B
557 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 18 Nov 2023 09:26:25 GMT
via
1.1 varnish
age
6091350
x-cache
HIT
content-length
399
x-request-id
c4971a86-a8f8-41df-9909-393a8d559879
x-served-by
cache-vie6333-VIE
last-modified
Fri, 08 Sep 2023 21:23:49 GMT
server
Fastly
etag
"70cacf09ae81711ac6dcbc5ee59750c4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
388224
csp-report
q.stripe.com/ Frame FF08 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 18 Nov 2023 09:26:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1700299585759439
x-envoy-upstream-service-time
3
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1700299585759002
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame FF08 		0
718 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 18 Nov 2023 09:26:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1700299585759376
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1700299585759044
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
logo-40px.svg
1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io/f1676897406070x914614085739208700/ 		2 KB
830 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io/f1676897406070x914614085739208700/logo-40px.svg
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b26090b7c2ddac21b5731cd0dc5ada44fd88d3b7ee421dd8ddc0a7db2b12c70
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:25 GMT
x-amz-version-id
NoYri7j3dqGJ_o.0cuCTxKXFnTaBUSkL
content-encoding
br
cf-cache-status
HIT
content-security-policy
script-src 'none'
x-amz-request-id
1HG26VK2E955E9SR
age
81826
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-id-2
fcAFiGc7xkEsxlb+DWpEIwvrzaMlQjjzOwaS51ktCUwXW9FShClJGiAKCjCzSCGH38gL+TuzSYI=
x-amz-meta-appname
folkd0612
last-modified
Mon, 20 Feb 2023 12:50:07 GMT
server
cloudflare
etag
W/"98bcc0ebb1abcca0eceef4c5f8ed8d71"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
827f2bf7cb16f0cf-CDG
recaptcha__de_ch.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ 		468 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de_ch.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
14f58d534c595bf9b24e8f67fbfba7a9213884866ed47888cc10ec5525b41777
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 07:57:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
350948
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192023
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Nov 2024 07:57:17 GMT
clarity.js
www.clarity.ms/s/0.7.18/ 		59 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.18/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/hysaayfb9e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f4e16c137bfcf443839c20e1038b9ee2dec570f047ae3b1c8f9378e9176750dd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:25 GMT
content-encoding
br
last-modified
Fri, 17 Nov 2023 13:41:44 GMT
etag
W/"0x8DBE772F014B026"
vary
Accept-Encoding
x-azure-ref
20231118T092625Z-eevwcnhnfx3qhazmanbvwfz64g0000000b1g00000001ad6s
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
85b76903-f01e-0020-0768-19557c000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
post_index_feed
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/post_index_feed?pageNumber=1&latestDate=1700299585268
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.186.193.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-data-source
Access-Control-Request-Method
GET
Origin
https://folkd.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 18 Nov 2023 09:26:25 GMT
expires
Wed, 20 Nov 2013 09:26:25 GMT
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
x-frame-options
deny
x-xss-protection
1; mode=block
post_index_feed
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ 		33 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/post_index_feed?pageNumber=1&latestDate=1700299585268
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@xano/js-sdk/dist/xano.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.186.193.35.bc.googleusercontent.com
Software
/
Resource Hash
eac1c452640075d4117728d46684df2cf9e92d0558be5d81bc5b3edb014cf7df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
X-Data-Source
live
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
Authorization
Bearer eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiemlwIjoiREVGIn0.zl4iyT2FEhZ7t_GtvctvloHg6DaXYVJ5wyHcn0xNZKPmYoq5wLzHtArlDd-1I7pZ6rcajjTMjm_yxA2Le6fHai2Ytw3x5RkU.9c6mnVGI41WO7f4429nOgw.q-7MJ7mvni-ZViGR6vc7vP21iy5LrQEb0vDnuLc6Jg7rtlhy2DGeiH5eXnj-c9tv7SiU56HyBymP1uTq2k9ABS8P0biOl3r0cxT1r4xPTbjJ7MdNOukofnRFopXiGa42lEB9K_PFgLA1KyXMp-_2Ww.syJUo0JCMR2wnkaD_XNmtg0BKkyii5wtQVaYadM1FoY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains;
x-query-cache
1
x-app
hit
x-xss-protection
1; mode=block
pragma
no-cache
x-frame-options
deny
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-headers
*
expires
Wed, 20 Nov 2013 09:26:25 GMT
config.js
cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/ 		423 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7005ea1af5dc9e891dbefa07e9f26a2f4ea1eafc2f7bf5e18808abbba73a681f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 18 Nov 2023 08:37:24 GMT
server
cloudflare
x-amz-request-id
6DD2HMBAM5SA2421
age
383
etag
W/"5adef6d8042ad622858f30fe7e276829"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
827f2bfac9ab233d-ZRH
alt-svc
h3=":443"; ma=86400
x-amz-id-2
tCbwfjLPqS19l0WrTx1bEyZiP3QKA57pm2N/EygYAVNewSzEQn8rZtLYyntZUh6Vz0lbVWwKyiBqYSIRGhdUUw==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		101 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
61d2c60a6a7a8e49cd24b5dd5d1bf0af369dea6e2056f3a9957ee604982b46df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31634
x-xss-protection
0
server
cafe
etag
226 / 19679 / 31079657 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 09:26:25 GMT
inner.html
m.stripe.network/ Frame A0AE 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-30.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
275
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 18 Nov 2023 09:21:50 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
x-amz-cf-id
yMVqD8e_IuoK0gu6ejpcf3BdozFMybg0zeTEuJjZVN7tjaJJli9fsA==
x-amz-cf-pop
FRA56-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
collect
region1.google-analytics.com/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-7BR5TDFFPC&gtm=45je3b81v9135293448&_p=1700299584420&gcd=11l1l1l1l1&dma=0&cid=1211143656.1700299585&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700299585&sct=1&seg=0&dl=https%3A%2F%2Ffolkd.com%2F&dt=Folkd%20%7C%20Home&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1330
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7BR5TDFFPC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://folkd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xdomain_cookie.html
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ Frame 82B1 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.3.92.76 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
nb-185-3-92-76.tc.nodebalancer.linode.com
Software
nginx /
Resource Hash
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
age
784
cache-control
max-age=31104000 public
connection
close
content-encoding
gzip
content-type
text/html
date
Sat, 18 Nov 2023 09:26:25 GMT
expires
Tue, 12 Nov 2024 09:26:25 GMT
last-modified
Tue, 25 Aug 2020 07:36:09 GMT
server
nginx
transfer-encoding
chunked
vary
Accept-Encoding
x-cache
HIT
x-goog-generation
1598340969597109
x-goog-hash
crc32c=84qDrg== md5=UK93eCDb5GkYdLDTqpa2gw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
3440
x-guploader-uploadid
ABPtcPov0YExQD0V-rcP89p7SmS89CWD5P7-p7yNmqvYkPIuKt5my4pLWr3g0JEcOANP8jHxM9lDwXYJkg
m
folkd.com/user/ 		4 B
843 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://folkd.com/user/m
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel / Express
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

X-Bubble-Fiber-ID
1700299585513x494058727836900000
X-Bubble-PL
1700299583072x669
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://folkd.com/
cache-control
no-cache
Referer
https://folkd.com/
X-Requested-With
XMLHttpRequest
x-coalias-route
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNzAwMjk5NTgzfQ.5YJFcOdi4ajlFBqM_APR1BqM4pt1FL3JmqJsfDSf0JM
X-Bubble-Breaking-Revision
5

Response headers

date
Sat, 18 Nov 2023 09:26:25 GMT
strict-transport-security
max-age=63072000
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
Vercel
x-coalias-cache
MISS
x-bubble-perf
{"total":13.1,"percents":{"top":{"bubble_cpu":25.8,"block":46.6,"capacity_rl":0,"other_pause":0,"pre_fiber":8.1},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":43.9,"fiber_queue":3,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":6,"fiber_queue":7,"blocks":6},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":507951}}
x-vercel-id
fra1::lndtn-1700299585528-506b71e455b4
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qb%2F1lWAeAJMs8aRCxl85plAjJFabTLIrd3zEJBfswohgtFB7FxFYHFU0ryR9m%2Fj8G4o%2Fvxvvq0hHL0YHmsFBc51ZD%2BHHgCljUxqLA6dGJJP4yPJKjMb0Z6doafxq481ilh3YQlBv44LgyF0%2FfANyNVCqGhs68xpDJnsSMS36lbxVtQ6F7A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=0, must-revalidate
x-bubble-capacity-used
0.008 unit-seconds used
cf-ray
827f2bf9ae289a12-FRA
x-bubble-capacity-limit
0 ms slower
collect
u.clarity.ms/ 		0
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://u.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.227.249.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://folkd.com
Date
Sat, 18 Nov 2023 09:26:25 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
csp-report
q.stripe.com/ Frame A0AE 		0
491 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 18 Nov 2023 09:26:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1700299585759980
x-envoy-upstream-service-time
3
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
1
x-stripe-client-envoy-start-time-us
1700299585759050
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame A0AE 		87 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-30.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:23:53 GMT
content-encoding
br
via
1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
age
153
x-content-type-options
nosniff
etag
W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop
FRA56-C1
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
p39plSCZQP1RtkvCRhSRf5t13Vn-ihNQrgByZIB0IOq6pUsuFeNUpg==
6
m.stripe.com/ Frame A0AE 		156 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.73.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-73-64.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
60e18ffe8d8758ff4e0e66d907766c3b02a4ace528ef09abec8b4cc6d5b8bca7
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 18 Nov 2023 09:26:26 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1700299586207356
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
3
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1700299586206916
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 		429 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:37:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
56956
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137535
x-xss-protection
0
server
cafe
etag
18342593356503948095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 16 Nov 2024 17:37:09 GMT
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202310231203/ 		264 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Oct 2023 16:04:16 GMT
server
cloudflare
x-amz-request-id
V56T6WNWVZ98A02D
age
899483
etag
W/"866ce4ef9ef41c261f6060e4f642bb88"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
827f2bfbebd4233d-ZRH
alt-svc
h3=":443"; ma=86400
x-amz-id-2
g9yZ2ceZ5NsRJ5Fk/EJ1qEJkIKPIU7jlfU671KpXAwP+Idw05wEbM2Slau5BhJPxmqLbrqrVOdU=
mmt.gif
imps.monu.delivery/ 		37 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=e634ceb0-a884-47c5-9981-592178c50d0d&a=p.d.l&u=JYM01M&d=%7B%22c%22%3A%22CH%22%2C%22r%22%3A%22ZH%22%2C%22p%22%3A%22%2F%22%7D
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 01:42:22 GMT
age
805444
x-guploader-uploadid
ABPtcPpCkonmBGjk2dfiQa2Hgo3mEfBmcptQk_6vFkluw7dOFBMkIE8fNVKxW9vwBa_JDINMl-T2rh3GKAzhRv97Ly1w76nqU0GE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Fri, 08 Nov 2024 01:42:22 GMT
rum.js
pagead2.googlesyndication.com/pagead/js/ 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/rum.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
25679e64b105c0acb0da7fe3cf9f7988027e9511a28c536f5ea322ac08e642dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:12:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
829
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24357
x-xss-protection
0
server
cafe
etag
17020722232796629264
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 10:12:37 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=e634ceb0-a884-47c5-9981-592178c50d0d&a=i.r&u=JYM01M&d=%7B%22auPath%22%3A%22%2F20842576%2FJYM01M%2FJYM01M-DDW.A%22%7D
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 01:42:22 GMT
age
805444
x-guploader-uploadid
ABPtcPpCkonmBGjk2dfiQa2Hgo3mEfBmcptQk_6vFkluw7dOFBMkIE8fNVKxW9vwBa_JDINMl-T2rh3GKAzhRv97Ly1w76nqU0GE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Fri, 08 Nov 2024 01:42:22 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=e634ceb0-a884-47c5-9981-592178c50d0d&a=s.d&u=28f81968-7637-4e59-b276-64fe8525c1dc
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 01:42:22 GMT
age
805444
x-guploader-uploadid
ABPtcPpCkonmBGjk2dfiQa2Hgo3mEfBmcptQk_6vFkluw7dOFBMkIE8fNVKxW9vwBa_JDINMl-T2rh3GKAzhRv97Ly1w76nqU0GE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Fri, 08 Nov 2024 01:42:22 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
774 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9175
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230082-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xa1czLzMDKOa2wrUQLILfnNKH%2BE3RwEoFQ%2BlFNW0BGZcDEjXe1ZOjeSCS%2FndFUxzAM0f7Q%2B1REJrAbsT5FtysTSuIi9BV53U1TNzlRIJy7758vZ05kPpHyuaKwWD1sO7qeo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
827f2bfcdbdb2397-ZRH
esp.js
cdn.id5-sync.com/api/1.0/ 		155 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
902f47bc9eeb026da8cbcef8c7ec51aaa1f73bf7ca587c8694cceb36ff91a92e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 09:30:02 GMT
server
cloudflare
x-amz-request-id
0BY9GKFCMWMW7HH6
age
2806
etag
W/"5cdc7028bae687cbffcc9d7982dd9ad5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
827f2c01d98d996f-FRA
x-amz-id-2
63dxXQGxbJYfluiCVZy/OWmuxqepWdEkUDkRRyndLvyiQ0bFiWU6EdYqpab+o90iAPt7xBRNX+pFEtfl2QeeOA==
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 15:01:28 GMT
content-encoding
gzip
age
671098
x-guploader-uploadid
ABPtcPrkeBTNnr7iwEOQsOO1crWmoZ9iqL2ey0CP8aUBoDmjemJ9aPIOtU-feRiw5Wy2dKUFws4yGGOQFv5l4BNB7C1_dbA4tPMg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sat, 09 Nov 2024 15:01:28 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-a9a7"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 19 Nov 2023 09:26:26 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 07:38:20 GMT
content-encoding
gzip
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
6487
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
IkeLT-V650yiwysTO-nYHc_I_DggQ7-8TL1RATGa5QtMlPCLKtGjfQ==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.129.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-129-71.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Fri, 17 Nov 2023 10:05:37 GMT
Via
1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
84050
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
xnvTSmLURe0YrLSwIgcmMzhEhvIWJlshRvu-0qAVJ8mpq13i7h3gUA==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:26 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
2513a7cc38dc6404460ae4a99bd24a84
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4076639824696142&correlator=1842211763220863&eid=31079673%2C31079657%2C31079527%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDW.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700299586029&lmt=1700299586&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&rumc=4076639824696142&rume=1&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1211143656.1700299585&ga_sid=1700299586&ga_hid=399394579&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY4fOCjr4xSABSAghkEhkKCnB1YmNpZC5vcmcY4POCjr4xSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGODzgo6-MUgAUgIIZBIUCgVvcGVueBjg84KOvjFIAFICCGQSGQoKdWlkYXBpLmNvbRjh84KOvjFIAFICCGQSFwoIcnRiaG91c2UY4fOCjr4xSABSAghkEhsKDGlkNS1zeW5jLmNvbRjg84KOvjFIAFICCGQ.&dlt=1700299583262&idt=1106&prev_scp=sesspv_refresh%3D0_0%26refresh_count%3D0%26pos%3D1%26tabVisibilityState%3Dvisible&cust_params=page_num%3D0%26big4%3Dfalse%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse&adks=3006380593&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
5c2e3d2e8d09e0ba77d54f73668be73765b97df06209c0fd0bdd92cf1811ac87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:26 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
642
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://folkd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 72A5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.193 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 09:26:26 GMT
expires
Sun, 17 Nov 2024 09:26:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl_page_level_ads.js?cb=31079657
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e329117bbdc12ee0649ed6654138a9ba8e600eaddf9138752631a50d236d135a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:37:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
56950
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13750
x-xss-protection
0
server
cafe
etag
15254217830347453119
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 16 Nov 2024 17:37:16 GMT
apm
folkd.com/user/ 		4 B
943 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://folkd.com/user/apm
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel / Express
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

X-Bubble-Fiber-ID
1700299586209x206716304501096900
X-Bubble-PL
1700299583072x669
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://folkd.com/
cache-control
no-cache
Referer
https://folkd.com/
X-Requested-With
XMLHttpRequest
x-coalias-route
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNzAwMjk5NTgzfQ.5YJFcOdi4ajlFBqM_APR1BqM4pt1FL3JmqJsfDSf0JM
X-Bubble-Breaking-Revision
5

Response headers

date
Sat, 18 Nov 2023 09:26:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bubble-perf
{"total":38.4,"percents":{"top":{"bubble_cpu":17.8,"block":20.5,"capacity_rl":0,"other_pause":0,"pre_fiber":61.5},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":18.3,"fiber_queue":1.4,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":8,"fiber_queue":10,"blocks":9},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1024391}}
strict-transport-security
max-age=63072000
x-bubble-appname
folkd0612
x-powered-by
Express
x-bubble-capacity-used
0.016 unit-seconds used
x-coalias-cache
MISS
server
Vercel
x-vercel-id
fra1::h9zvp-1700299586224-094b4eeffd66
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SnlTEHBv9BYrjUB8O%2BpGXN9F0rCK2en35mZoeKEKcUrqu4lzZ%2BJ26nm8TDQET4muEiFO4%2FkWz3T4lLF2cPvYTMOUdokGMAjCUJ1wGnxlVuIOLLbXmoXD1zg0lPd7jxJfeXL3lpKptlLdPMCgiSknPVNT1QilDIXEJoPuhPMFJyOA33ve%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
x-bubble-request-took
38
cache-control
no-cache
cf-ray
827f2bfe2d82667f-AMS
x-bubble-capacity-limit
0 ms slower
esp
oajs.openx.net/ 		0
0
esp
oajs.openx.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Ffolkd.com%2F&rid=esp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-coalias-route
Access-Control-Request-Method
GET
Origin
https://folkd.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://folkd.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 18 Nov 2023 09:26:26 GMT
vary
Origin
via
1.1 google
x-powered-by
Express
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638389
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zsQaB4L9asAd5nvX5nIiFjgCrbuUI1t1zTdn33AdxLiwiVUGhHbMn23uMISNeA5RQCIb8zZH68KpvFPvIY3vXb5zgxYSsfmjQtYaf4PGihoMRoELWeMw8kYSL8Nc2EOns18%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c01ab8524c0-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
792 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638389
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m2eoMge0QeA0ltlsujjV9ep2upc%2BRoxooJC8VMkmBY%2BWrS6FTeWMr9n2EQGa47sondD1V9%2F%2BGG5o836rtMHAsoAr4SaOWb5SlvUeRep3NjWsUJrUdoKQzDe0QeSOgJN28S4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c01ab8624c0-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638389
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=72S4cZKiXtq8u03zPMeu9QnTLInq3%2FV1eJvVFP8FeNwV4Fe5GPnIhMV6tG2ZU48L%2Bx10aVCEScqM607KOMVLVA0znMCvp%2FuyG7FXP6Kbqx%2FldJOTAYd2JR2%2BMNhkFq38Dro%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c01ab8924c0-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638389
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ayzHCDePlnTRS5wG5mtb%2F8M9%2FgpBA1c0WczrCyNQ1JwKI50hwWmDjhPHnTh6k02whdbJEMtcbBFfXNQ5YVfb4%2FZ1UtF5fFUjQHPI7reiGzc6TsjhutJoGYHfPtlxqwcxI9w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c01ab8c24c0-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638389
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uZHRIUikgdbmhWEnij0ln1dAnDKZutORl2CafJIvRbJ2TmzzZMXcz%2B74UCuHFJ06T7bXxai63Jm2pIi8XZ%2FcuHaJAmMNjAH%2Fn%2BmIFT4npmy10OOydx2p93WgOGe%2FG%2BGjldc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c01ab8d24c0-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
675 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638389
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lPxnwpwvEAzoQLgevJPoE5WY%2BhyTPdqBHQKTEv6a3raS1dG4tqJe7wRF%2FKbyUa%2FyWPlS9l46yUIV6PNMrh8os7ndt8RnLG8cJPXp4i0AOW4Q9B0s8RlSuZiKoFqBq%2F7ernM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c01ab9024c0-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638389
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gNZwgMBqRO0SWw77tNjgSvnNhxOs8tw271ivIVghyfsnEER8P6tqU1SPXlUtO4r4QU7dd4nIDBAfImSazM8fNUF2Y5dUmrviv6no1XEa8Zse0bMfxxTDEa083vsmZlOA3WA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c01ab9124c0-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
666 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638389
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sN8oPsvxL0h9Z1qgZNFe%2BT%2FrU2GsABhf0Lgi2koQCGt9mPkIaXLkwnxY7d4PlAjtxru6bphlJhF3g2FL4KDJsMBvY5J2QBaBLwC6Pa7TGMUcOSudI5L6qrx0Bgkxq3V0HR8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c01ab9224c0-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638389
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KOO4tIcTO%2BjOU5rG78bJs73P99eIQRFS8n0INCWpqHDn1VyIOilN5k650XnZYpwiwKijKpD6vs4WbFHOkDTOovfo1bQXArMeqCmjJoGuBMimqac2QqSV7GVxtuwoa7Ziy%2Bs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c01ab9324c0-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638389
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RWQJQ9VO0MFGgsYIhr3LwQ34MsL3g%2BX9rT4Ib4YVC%2Femxx5sb0eRDl80d9vlEb0bxPAj19PWIUXwZZpY9WryhQnzvoZxpDqOnOjC%2FpAzs3AZHttCUxb%2F9Q%2FhYrr0OF0%2FQQI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c01ab9424c0-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638389
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2y6ZFcF%2Bj2oCEardGAj7oDehfOAu6tlqldYi5g0DGdjaXThS85dT%2F3GO50BbFL78Gn%2B9Y20kKI744Y7VbTP7LSt0uU7AlUfWpFigfIGN7HTy158Z1tXLh%2FM7YWICgZF4dgk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c01ab9624c0-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638389
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l2aoEKszYfz2YDzRgDovEqpmKuTs4vrFohB%2B%2FlKIv1qK%2FVcTJkOmX5XBRWM9EYiHIaYk1110iG%2B57omvpSNqgK190CyVZhMKHU2QJK1%2B0sJKpFN1pYCcsB%2FBOYtfFDP2iJM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c01ab9824c0-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
609 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638389
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hvBtkv0fEbQIExBMsMsJQikusJyvdZCbZeRd8lOxI%2Fnu7%2FnxOlLankotHfQzD%2FRkmqE19AtX%2BKF4RfjIHhdUOGD4LTWVtPoxqj4BAc3OnPyjM9kO1d12KbjYybE35VxBLMo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c01ab9a24c0-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638389
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=whgFzW2XT2yGhVRTyWiyfsN0tTg5kIeoo0rt4dhxYuAomZh3GCCcCD9GWX9NuJHGvL7yCXNfbPN%2BDm3ngvXkAj%2BD2ZMZjQ3GMD7trC%2Be2iwM4JlxKbfz6w4%2BkUKcQde0DSE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c01ab9d24c0-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638389
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wq7rPWHOGaDiPcI0l6BwmpKgOi0jZv2vZCbWw9rlV%2BtLMnW8XfLpsUgXdBeudzalB9%2FWhru0RJ%2BWHxOlK%2FnxkLqS%2F0FmR4pwd2TPc%2FNM274vvyT4kH0rbUnMeoaOmTi4lsA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c01ab9f24c0-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
551 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638389
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qz17gbDLwOWsziC1ssyPYC4%2FCw%2BNphiF%2BsuebMDsmv%2FAbl86xpa19pt441T3ecK4kNZqTtL%2BwUXj7RSmF7sdtr0tVgY2QIQu%2FcLLHj6mAYEQnYgre%2BJJq3Dz1ABw3tPJNfQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c01aba124c0-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638389
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xo8IKZe%2FXPlhuGsAs0Vh%2FF9knHTn%2BK52APFXEyeVNZeCDjQRVjKXrzl2BJRg14mtRcgn8ymb51Slaq1Y3Cv%2BzSmQ1LQKQ2Yslr9cBe%2BWdyoJM6Eh6UYKKaH2b8xpMR3kHzQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c01aba224c0-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
792 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638389
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NF2hZfcmADDUaTToGxCGe8yAaGj8iX94C2WTBizEXf7l9LIz8QAPmZiyDPnYNgXy59%2BUc45Spq7fxWeANouk6EvLcDrI5E2FbXHv2g7x79S78EsYPq3VuHbqZXmQKl1jr9w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c01aba324c0-ZRH
map
bcp.crwdcntrl.net/6/ 		156 B
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.65.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-65-19.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
b428e9530ad078976c75304caeb75aeadadb4e21a0dddfca40689fd5e2e38382

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:27 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://folkd.com
cache-control
no-cache
x-server
10.45.20.47
access-control-allow-credentials
true
content-length
156
expires
0
encrypt
esp.rtbhouse.com/ 		201 B
474 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
17a676d0e8889ed344c64917a3a57efe9e39250df9742350d989a9844212a84c

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 18 Nov 2023 09:26:26 GMT
via
1.1 google, 1.1 google
server
Google Frontend
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
21c30f4f3ffbb694afc9eec8ec614da9
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With
content-length
201
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
post_index_feed
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/post_index_feed?pageNumber=2&latestDate=1700299585268
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.186.193.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-data-source
Access-Control-Request-Method
GET
Origin
https://folkd.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 18 Nov 2023 09:26:26 GMT
expires
Wed, 20 Nov 2013 09:26:26 GMT
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
x-frame-options
deny
x-xss-protection
1; mode=block
post_index_feed
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ 		36 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/post_index_feed?pageNumber=2&latestDate=1700299585268
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@xano/js-sdk/dist/xano.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.186.193.35.bc.googleusercontent.com
Software
/
Resource Hash
8b6e88cad582b90c8a2b96b27bfd31501118856fe08346ec86ec4f9e24033018
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
X-Data-Source
live
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
Authorization
Bearer eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiemlwIjoiREVGIn0.zl4iyT2FEhZ7t_GtvctvloHg6DaXYVJ5wyHcn0xNZKPmYoq5wLzHtArlDd-1I7pZ6rcajjTMjm_yxA2Le6fHai2Ytw3x5RkU.9c6mnVGI41WO7f4429nOgw.q-7MJ7mvni-ZViGR6vc7vP21iy5LrQEb0vDnuLc6Jg7rtlhy2DGeiH5eXnj-c9tv7SiU56HyBymP1uTq2k9ABS8P0biOl3r0cxT1r4xPTbjJ7MdNOukofnRFopXiGa42lEB9K_PFgLA1KyXMp-_2Ww.syJUo0JCMR2wnkaD_XNmtg0BKkyii5wtQVaYadM1FoY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains;
x-query-cache
1
x-app
hit
x-xss-protection
1; mode=block
pragma
no-cache
x-frame-options
deny
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-headers
*
expires
Wed, 20 Nov 2013 09:26:27 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=e634ceb0-a884-47c5-9981-592178c50d0d&a=s.d&u=5327c943-1992-4d6a-a6d8-9b7622d89dab
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 01:42:22 GMT
age
805444
x-guploader-uploadid
ABPtcPpCkonmBGjk2dfiQa2Hgo3mEfBmcptQk_6vFkluw7dOFBMkIE8fNVKxW9vwBa_JDINMl-T2rh3GKAzhRv97Ly1w76nqU0GE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Fri, 08 Nov 2024 01:42:22 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		50 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4076639824696142&correlator=441460176231338&eid=31079673%2C31079657%2C31079527%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=2&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie=ID%3Df6676ae0cc69b546%3AT%3D1700299586%3ART%3D1700299586%3AS%3DALNI_Mb_8Yh8MnZHce-l5TVMb7fI6XRqOQ&gpic=UID%3D00000ccb8be8a1b0%3AT%3D1700299586%3ART%3D1700299586%3AS%3DALNI_Mb_FBPpqCanBhi_O_G1TpevmZthKQ&abxe=1&dt=1700299586669&lmt=1700299586&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&rumc=4076639824696142&rume=1&vis=1&psz=0x-1&msz=0x-1&fws=132&ohw=0&psts=AOrYGsnPlnkquG54sxLdFdENYCEzSjAthvPN7qkcwxPkI2YN&ga_vid=1211143656.1700299585&ga_sid=1700299586&ga_hid=399394579&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY4fOCjr4xSABSAghkEjsKCnB1YmNpZC5vcmcSJGNjMDE3NDNmLWJjODItNDE1Mi1hYmY3LWQ5MzQzY2I4Mzc1NBi59YKOvjFIABIdCg5lc3AuY3JpdGVvLmNvbRjg84KOvjFIAFICCGQSFwoIcnRiaG91c2UY4fOCjr4xSABSAghkEhQKBW9wZW54GODzgo6-MUgAUgIIZBIZCgp1aWRhcGkuY29tGOHzgo6-MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y4POCjr4xSABSAghk&dlt=1700299583262&idt=1106&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D1%26allowNative%3Dfalse%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D9_ZH_notchrome%26browser_hour_refresh%3Dundefined_9_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dfalse%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=494828697&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
8201b5c040cc1a6478e5738920ca0b8458705c85e7a8adfc149f225aae121f0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
121759
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21019
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
445089
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://folkd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
958 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1481350
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FJT3cr4%2FdAbLMwpxQWrAFBT%2BNMGN0RK948RlBOwe5HPaOp9s2Q%2FT05iuMAzvN3iHc8W5%2BmgluvQMU4EfS5FPq9D9%2F5HZuHyUBhJgBJ2jFwt66Ma1CYz%2BIyQxvaNAj459NOY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c064f8c24c0-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
891731
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g8pgZJZnEvsQTXQUyT7bjzU92lQFqw0ociByCgGhnd3waeuNvujh5JtXtSlz3oprQUbF00VA%2BbDvDbvvu0jn5VxdrwPrCSNXph%2BbBRSo6g9jdgNxXDg%2FbcrmgRIBCieT3y8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c066ff624c0-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
590 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1411100
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1R3ByM7V6ZjZE37mi1XXhyyincmgG0%2BIPT2ki2p2zLiDVyghXukDkVj2s7RuCi9%2BU8mvqgy72%2F81jd6ptEs6BdS8D6ekZZZkDqn82dc1yYcatswDDZYAtHMOCvttwSpuz4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c066ffa24c0-ZRH
Alliance%20Logo.png
storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/m1QSTiARpsIqLV2hv8UT1QvWcu8/XgYFfQ../
Redirect Chain
  • https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/m1QSTiARpsIqLV2hv8UT1QvWcu8/XgYFfQ../Alliance+Logo.png
  • https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/m1QSTiARpsIqLV2hv8UT1QvWcu8/XgYFfQ../Alliance%20Logo.png
14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/m1QSTiARpsIqLV2hv8UT1QvWcu8/XgYFfQ../Alliance%20Logo.png
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Server
142.250.184.251 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f27.1e100.net
Software
UploadServer /
Resource Hash
edfba6505429028d5a2cfba8da6c7173996f0e0debdd996b02bcbf23016ffa12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
x-guploader-uploadid
ABPtcPozr4VghEv9cmM5eIQz2CSbmvaAOcNqqVFeWjTVK_b_jauQJgGov5NXk7awQhnHuGUYNoI
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14549
last-modified
Sat, 21 Oct 2023 12:17:31 GMT
server
UploadServer
etag
"9328e712d625d9d7a9072c928b7fb98f"
x-goog-generation
1697890651721915
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=YKiDEw==, md5=kyjnEtYl2depByySi3+5jw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
14549
accept-ranges
bytes
expires
Sat, 18 Nov 2023 10:26:28 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
x-frame-options
deny
access-control-allow-methods
GET, OPTIONS
content-type
text/html; charset=UTF-8
location
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/m1QSTiARpsIqLV2hv8UT1QvWcu8/XgYFfQ../Alliance%20Logo.png
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-headers
Cache-Control, Content-Type, Content-Length, Authorization, Accept, Accept-Encoding, User-Agent, X-Requested-With
x-xss-protection
1; mode=block
expires
Sun, 19 Nov 2023 09:26:27 GMT
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1481350
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bZgN5Eia84%2B0JfHEYenj%2BGw8TA%2FRMjCEx8Ac2axO8oz0Ky61YEh2wTi90RorDdgQySUx%2B97VGOPYQu3NLsyMitvnQnV5faDuQmJBqbnPQxFeUKx2YvV%2BRgz0MFVeDL2vtqw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c066ffb24c0-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
891731
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MfQ84kolfGjROVHmT3J%2BLcddGcjK5jk%2Bgvd5Co8jOTgvRZ2EUsAY13LSHiY4Pas5iQJcWrQmh9Y2JFUzwJXyNj2010VF9WiMDtj2AnDDb3GI%2Figg4YLsoOeZ1cBosKtvecI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c06883d24c0-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1411100
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uKJZZ1WOITZRXlhvece9Tk6WGlkwbqLIh4whixoTeC3GkFQoi9zDFF2J8uuTWJFq07MmGPtiuspTynGeLRgDpbAKSahDMt6yhaMurbc81JhEkWXzySm2pFM%2FgVR9TuZ5WTA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c06883f24c0-ZRH
imgpsh_fullsize_anim%20%2840%29.jpg
storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/SIS_C_cghKTIufXnH2iHKIozqzk/mAPCew../
Redirect Chain
  • https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/SIS_C_cghKTIufXnH2iHKIozqzk/mAPCew../imgpsh_fullsize_anim+%2840%29.jpg
  • https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/SIS_C_cghKTIufXnH2iHKIozqzk/mAPCew../imgpsh_fullsize_anim%20%2840%29.jpg
95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/SIS_C_cghKTIufXnH2iHKIozqzk/mAPCew../imgpsh_fullsize_anim%20%2840%29.jpg
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Server
142.250.184.251 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f27.1e100.net
Software
UploadServer /
Resource Hash
ffe4a5420562d83b96d0098fdfc95c5e4d31f9bd74cbd3415a39bf78da65d3d3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
x-guploader-uploadid
ABPtcPq0HG_mur61K_Zy6TA33285Zx51ZRKak12Wa3G-ULJuMowTzKsC3GRBBjPdWbmELJgaVW4
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97412
last-modified
Thu, 07 Sep 2023 07:07:36 GMT
server
UploadServer
etag
"0e47796dcd8de7a9777436972312ddaf"
x-goog-generation
1694070456379214
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=EpAUPQ==, md5=Dkd5bc2N56l3dDaXIxLdrw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
97412
accept-ranges
bytes
expires
Sat, 18 Nov 2023 10:26:28 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
x-frame-options
deny
access-control-allow-methods
GET, OPTIONS
content-type
text/html; charset=UTF-8
location
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/SIS_C_cghKTIufXnH2iHKIozqzk/mAPCew../imgpsh_fullsize_anim%20%2840%29.jpg
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-headers
Cache-Control, Content-Type, Content-Length, Authorization, Accept, Accept-Encoding, User-Agent, X-Requested-With
x-xss-protection
1; mode=block
expires
Sun, 19 Nov 2023 09:26:28 GMT
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
952 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1481350
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bk01KNwum1WODL3FAuNHTN%2BEqwWKOuDOM8Ko7Rr0nxLcILcje1zF9%2B1DeCbkq8mWK6B%2FgoIXySy2WbVGKTOf8QSAZosaFF%2FDyCNQmIiK2rLZeRtrgmD7s%2FW70fvF8XCEhNU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c06884224c0-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
891731
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D9B9IW35enWSv6DMLazKZ5TBrrgNCTY9BH5JAWQBhPcCSXA8c12ljRBcqTODyl6oJr9ziGCUJ3WFE0S6WsMSzET6JKrZ5Q%2Fw2tZmtDaq4HlXiD8fYaiWc%2F7D8pEqUK3bfY0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c06884424c0-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
595 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1411100
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jaunkHHuwCl6mtVkV%2FsaC%2F2%2FN2LKAef%2F5Q3shk%2BtEn8PpvT3VWw5hz475CIhJBdS3ZrMs3bo%2FQSiBplLx6isI9OTjRdkLy7fKMS5FtNDGcWQ8yhF9wBg3Qg5xB8rRwp7dQg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c06a87224c0-ZRH
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1481350
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZw2Q7i4A2o%2BdDcgcJ4OR5udx9W1lGLpj4OrE%2BObdXYaqbolroe0lqH7QssdwTmTtA3rpp4jRRgEemlGygjH0Vm%2B04tACYTUXA21YEAJz3mwjXEUfZzUN%2Fr4tHqbX6txDOY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c06a87924c0-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
891731
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=798VI3xfK84FEIyQkBiONJUaGIXMsr6YxgOWxNsZs4fCz7goR8JBH05W0XX6P3jmo3Kr0X0q4yzok7Yl7cmc2pKj8qQ1SAGyu%2FlIKVwGUpT%2Bp0nlNSUEpuEC3vuzAodZqMA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c06a87b24c0-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
754 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1411100
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yidJ%2B7xLQCrpLAYKZ2IvbPniYETVZYl9FdiPj3LM6iOdcYCJrUkMFd967tspQJk8hRfWUV5j1%2BOh5QMJ4U%2Ff5Ggzgri99gArzLyHVgLzYg2nnOg8d9lCSHq7UiKsZ6UzsuY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c06c8bf24c0-ZRH
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1481350
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iLtGSbc94lRYCP9k1WD0pyzSTlHNSf76jwHYvaEXbcZq32TPLEkkBTAMHFspmqYg1dsJSqx1k1ulrICH1jLpf3fXLf5YkmpIy3TZr3T3f9hP%2FXRoDHywLIlaU2j5FTMxmN4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c06c8c324c0-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
590 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
891731
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MtBGE6gJDEMZb18b4W%2FSsRdUWcDQTMrzdv1Sl6KswnRRbvSfyltsniej3UZ75oD39NdFd5Qjt3lRpJdQoYYWjBv2Bq3Rd8uwtb0p44sFnm%2BJqcqm1VncPeF4uBfJsBIVzDo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c06c8cd24c0-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1411100
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y4ZXb0uOP8ew4tyaHnCMf%2BAo%2FZvh2mHFDuFFkReuzGad530MPUv1JtEbER1Xdi8146Ff37zNP3tdkf%2BJ9dXa3IKFXj8BS34yxZoEeDk42yQk4Y0cF2toUOr80JeBhD2nRR8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c06c8d424c0-ZRH
Cardiac%20logo2.png
storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/_XBg19V66Ye09gUMGf4BI0Z9lWo/tFityw../
Redirect Chain
  • https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/_XBg19V66Ye09gUMGf4BI0Z9lWo/tFityw../Cardiac+logo2.png
  • https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/_XBg19V66Ye09gUMGf4BI0Z9lWo/tFityw../Cardiac%20logo2.png
53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/_XBg19V66Ye09gUMGf4BI0Z9lWo/tFityw../Cardiac%20logo2.png
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Server
142.250.184.251 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f27.1e100.net
Software
UploadServer /
Resource Hash
013cca5b5676b815201b3271ab86133383cba9435c42577efbf97733673c7f14

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
x-guploader-uploadid
ABPtcPo4as3uEaJux_mzV7g4Q8W7uOunkMsSnaYRjTCLmPcDAHJ4_V8o-9czbNl4FcND8hoznjQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54081
last-modified
Wed, 30 Aug 2023 09:37:33 GMT
server
UploadServer
etag
"cf86323c5804cb07316c6234efc1a628"
x-goog-generation
1693388253926150
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=UsZnTA==, md5=z4YyPFgEywcxbGI078GmKA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
54081
accept-ranges
bytes
expires
Sat, 18 Nov 2023 10:26:28 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
x-frame-options
deny
access-control-allow-methods
GET, OPTIONS
content-type
text/html; charset=UTF-8
location
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/_XBg19V66Ye09gUMGf4BI0Z9lWo/tFityw../Cardiac%20logo2.png
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-headers
Cache-Control, Content-Type, Content-Length, Authorization, Accept, Accept-Encoding, User-Agent, X-Requested-With
x-xss-protection
1; mode=block
expires
Sun, 19 Nov 2023 09:26:28 GMT
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
707 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1481350
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sCzuOMJ23y3B5EjpiF0X3yYjlkpa3Mwm2twp8kOOTj4zVOP1Ze53yMsfwxqvFG1oLylnzyWK1yeu%2Fwo1z8X7%2FBQjaP2HNzXAnzlSW%2B89K5nFulWNjLKeREn9E7f9dhdV7Ho%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c06e90924c0-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
891731
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U6dfSc%2FpAhxJC37KqqhC042GyZ%2Bk3VBsevlK%2BUGHDcVb7N%2B6FQl9%2B6B8Fc1qRhBrl3PWKzIvr1KRUKgHI%2Bep3GNjlQHJYvGAstT2JytpbC5QUvvu%2FgWmPJZ4qGYFURHZZZA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c06e91f24c0-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1411100
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ASH%2BG9Bh845Ni22Z28Hz%2BePoRwxL4hTp%2FcvwTBYbFGdGZwTwQTzdejHuKFo0G%2F5kxFqmyhOMpdv8tRI2Wm6nKy193rscLxGrHV8sEe8m105uciAQJdxXzx7S3YT8seJb4m0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c06e92924c0-ZRH
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1481350
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKZGb5m9%2F9OiaTZww2X6hHCe8PT82jA21fSfKliApS0l5cb1FMWKiC0g2O30rEOmiZh9H2u3IOzMN%2B%2FyIm9TPFrieF9B8j7PSTp%2BgP4dWpajGUKkSCNXiliH6Cs6bhr7l2c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c07095b24c0-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
891731
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQRMqnPb2tTMPVRHN8gkBuHEF5zKgt3laovcQUovaBD1okp3%2Fvugt4r4UVFVhC1rNfglFN2eq3%2B%2BfpG7uc%2Fz1908vUOc6VK%2BR8tmoSArCcYJ2JtaKb6RPgxFur5NjNPyQIE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c07095f24c0-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1411100
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5P%2BLyaLSI5Bfmp4j%2FEwDQg5gRLQZ4L1RgKjnbczYqPEazAo99A6qRbxJkV0HFTvxJqS6vf2K2PkmTxk%2B%2BiG2u1MCxXuNFHQ2iXPDXgIDKnDKFEo3QxCuMe09pP6PhMawUss%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c0729a224c0-ZRH
Logo.png
storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/_Z2XjDaDMcbWLJ0DTTmEooBDNYU/-hYzXA../
Redirect Chain
  • https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/_Z2XjDaDMcbWLJ0DTTmEooBDNYU/-hYzXA../Logo.png
  • https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/_Z2XjDaDMcbWLJ0DTTmEooBDNYU/-hYzXA../Logo.png
305 KB
305 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/_Z2XjDaDMcbWLJ0DTTmEooBDNYU/-hYzXA../Logo.png
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Server
142.250.184.251 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f27.1e100.net
Software
UploadServer /
Resource Hash
c5358760da2cf42ae62c22a703d2f7d019a5ec91b95942aa75a960dabee6d9d1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
x-guploader-uploadid
ABPtcPpC4gHEH9QuqPrv5WUTbflflnVCpeul2dB2-8VRIJMCSsj8ieZCpsKSjiVbmjkkuyIknf0
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
312057
last-modified
Sun, 27 Aug 2023 11:46:22 GMT
server
UploadServer
etag
"96d1cc6c37213451a14614aa4c7c8cfe"
x-goog-generation
1693136781998216
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=vFt13g==, md5=ltHMbDchNFGhRhSqTHyM/g==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
312057
accept-ranges
bytes
expires
Sat, 18 Nov 2023 10:26:28 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
x-frame-options
deny
access-control-allow-methods
GET, OPTIONS
content-type
text/html; charset=UTF-8
location
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/_Z2XjDaDMcbWLJ0DTTmEooBDNYU/-hYzXA../Logo.png
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-headers
Cache-Control, Content-Type, Content-Length, Authorization, Accept, Accept-Encoding, User-Agent, X-Requested-With
x-xss-protection
1; mode=block
expires
Sun, 19 Nov 2023 09:26:28 GMT
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1481350
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SjGCss9Pya8I9fMF4XTS40b0fk4XOlTCQA7QTVYHKDI2OsbM3RpW0U0iaql3%2Fk4mUBs5RV%2FKGbimR2oSJLxxajJHggk0Eyua2tc1hbHiSFqQacXR5nsBSmFkMc4kIZauYaI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c0729a624c0-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
835 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
891731
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xgeh3OiLm5mdWoZ%2FzUPRs3i2dRdotZ1UjioSNn1ODjFKclHDxW9nATJLAlLSp8qkVwsGqpqNwxhlL2DJfplxE%2B46JztHfx6ZlFL6x7n8VerfZGMMK6zl%2BwudZAm9x1GqTtY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c0749df24c0-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
631 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1411100
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MKV%2F9LRNyoje6gp3WKn8ze0j32d6YL7kAqe4YbkgqinNjQuGOAXCGHS6FouHg0DcdBrYJv5CD%2FzuSPf6AM4Q5yb1KR3vY%2B0YCWv2g5n2iLdZOY2vjdXd7%2BNe0%2FnmykcQH0w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c0749e424c0-ZRH
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
585 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1481350
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5gp5J8gpmllletjAenUkaCvJrYBgTxnzzlgiee9bHagIMwTzODn31sIC6mlBTIfXc636JONt%2FBC7uTttq1NGcCEhOIowxYPa0uTjEDM3EYyzTb0Ywq6bxOHaWiSM3fq01wY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c0749f124c0-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
891731
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P8%2Bs50muOoNTrIy%2FdtDQ1BXYkdaqCP7LQRLD6tjeJupeKtuWo6O9%2B2XKPJ7MDVSlCw2kiXd2upPZtDVeOgLbE8mgi22NC0bnCiWh3hHCRxjKicAyeSPTFy3nnxXCqit%2B%2BRo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c0749f524c0-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
582 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1411100
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8mpmFU7Y6EpUDZaLF%2FNtQczdf6ofNGIX9EkSP%2FrlBAAEH9Hh%2FtzUthNEx5MxHIxBgSskPbRr7iOu9ilIl2FYz8eDPdpBlOd7ctZfbno%2BJt8QowsgcuezsoL4pkoBuaev5U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c075a0524c0-ZRH
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
772 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1481350
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MqkA5RPbbHt%2B6kvbAzt2rpp3U6ohLR3JYUBDSBzYNkQVpWmA%2BMxOk4gO5plZ7onktZkXfiWzPazjG%2F1zh8b2lb%2FuCz4BlCEB4a9cbeMpG9Qw5zMdNENThFfG861xlRTE88o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c077a3a24c0-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
891731
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cw%2FZ2dVi0vEpZp%2FTFFXGHgg1OXDRn4iiavLB6cKANrUNUyeZqMPfXhLhZF8HtlOLq6kdwEbCLwMiXSGZbz54WCKdHLygRcOi7ygRMtcLI1WTz8%2F%2FTZuD21l7YvH6XVQ6qs0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c077a3f24c0-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1411100
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2BSP5bE7uTyw3uMdRwpP3gkjhF%2BNEfE5CE%2BfSVNuK53j9YJJ36OvBHEy33BK77RrxfAaIulqio2UBZ%2B9bam5NFV5KVs93Sag50o86QBzahb0bJ3Z9GcAl6C6DxiIsa5pqlI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c077a5324c0-ZRH
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1481350
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cqtJulEzJyHGWZMu2Bn69rzMqOO3ArJFIPzyvjVcmfnR74mO6r11c%2BHeBIdAE9Xg8ResOxS99JAdVGqIw6gTJxxU%2B4YYELBG%2FseApkiFInvIqVG6fgJ61%2F%2FjRxkmv3RIqvQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c07db3f24c0-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
891731
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E3X4FJwouydQi62w%2FX7oIKq48ThglZu2JKPORvHe3d5E7YQuPM0zh736bR6MHGwz0dVETQOAVNUUO51stsHhNL%2BziAS5hHeTrmjakqzTsmv2Mgsnd%2F7IL0Iq1uRTVCxj58s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c07db4624c0-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1411100
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v2qSb%2FQfAN%2FMzAahrQQe8zqaTWMY7qtoOb0IOm1wArgN68m5UsZbju%2BYqtZzrrLcAYhG7qfrlOV3%2BloO0XnPrwyHCORuniCXICYYKxu9WNT4UYG6OWy3uU0fTQLHVW3PAq0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c07db4824c0-ZRH
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
597 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1481350
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cNYxkbB0bi54f95HwHak0vkjAo%2BSH5rRBijtypv%2FYLkNsF%2BF3%2BWMyuou31Lmm6xN2pX2Lwt6e6Xry%2BoyA01G57wohnn2eY3aSa9LPJHKPQQ33tPIxHop%2BAAQ5Fijsk0BvtY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c07db4a24c0-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
891731
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WoSqV%2BtFEiP8AMtNFFEB8FsSCsrjzSDhElSxHZD1gy%2BMfflQWnaFOsiIfD5dWB1IUKHBAHTLrSMF0LTavaO%2B87nA270GszIvjF4d29eBXgXXzVxR2uttIGgTtNTvBnnqHnI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c080b9524c0-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
589 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1411100
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hYjrE09gFtny8OuaSGIRR8O0st1%2Ba%2FrXBk4TU1OjaMRROI1jUizqoOWA0bu2hsMzSFxt409sKIx7nXc1ATMmy4vJGkIjecgYAh088o14%2B2iyzlPA4viyb0q8lUmGSDDB5Ko%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c080b9824c0-ZRH
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
773 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1481350
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u7%2FW%2BEq3m5DyCcprgXEtriXFDSPTy5nFYoxyvBw%2FZ%2Fg8CejglM5omGf0bXed2u6RDkcysmO2PjTYIpuDWRuXGrp86IXxzfC1rTd227z6SWpsX1ouOe2rYl%2Fx53zgiJnEXNs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c081bb924c0-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
891731
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8xiH1u%2FRU6v3ZMUIpj%2FBv85IqpCRwlCSvuN7%2BA5IhdmgAr%2FNL0PWnUBUltjoTY%2Bz9YcZOQeYz9fwtGcSQKwHaEgMMXaO21iLBlLiyzhlPF9y%2F1vImwHvr0Gzsp3NbEzxJpY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c081bbb24c0-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1411100
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H1CHY8XkL98kOKJAXRHwR1Au2Pcf1DvJ3jtyso5UOs%2FpgDFcSqQTqkNhsV1iBhxzCXv2FDT7pJFdXnCwZa3kfZBXkeCOYPZrPRSGYZaoIx%2BNW%2BCH0lf%2BQiDrscjRC%2BoHU%2B4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c081bbe24c0-ZRH
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
587 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1481350
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12MQdc9D12I7%2Bn9zKb8k1jTF0Dpp2Wro80rWrGQtSep42JgXwIkEKIBdT%2FvW0mTf55Co7t8rXf09nAgwNbOZpua%2Fh10VI9u6ZxF5Yba2FG25uTdKtwQQUxGpeTe6Z74sReU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c085c5d24c0-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
891731
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ro%2FVMlo9%2B3rNpIub%2FFRzqLyyZsOgnMngHcztDpYhwjZ0xGFWeNua05YKoPxRZNWpaigLDxH54J7gWcKX6FMO5%2BIMfludZBf7zgLT7KqJVwL5wpqI%2FUCsrzdUOPknqqfs3FI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c087c9f24c0-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1411100
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2FVKpv5mo5vgClhERMklOKJlziTik633np6mwES%2Bj37npIhxdoSAaDWV5FJIytiJQDoDK7CkXMMmvBhpBZijrK3JE6N7opIRQQ0rL1sVGyLZqgrGVuaAs%2FjFSWYGmoYE2mI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c087ca224c0-ZRH
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1481350
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gsPNxPujTI5LpG31KZhoSKghKNwIJ%2BB8IfhSIt5Ohx0d%2FL99cALbiJbLDt%2Faq%2FWFqGpOjj4Pku8e%2BXUGBJhVixMj5EoiNylEi1skpvkJSqK1BF82PHzFpnESVz3Rb6DLvVk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c087ca424c0-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
769 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
891731
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ftxmW7ktHWerTWIsLlcVTlt4KstSZIcvvIBm6d8BMwhL2%2FDlQ%2FT5quneoUzHX1uD%2BFBMpOy0RtkFw%2B8Lso3m%2FmfU%2BbRmdK2KcRqbAA3YWm7GcKgZLpDFEPXHj0NTK%2Bz8FWw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c089ce724c0-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
513 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1411100
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WxTXgTgnjrzmRebFWGby5HAW77AN3MT4FYIXF22GC8bTRxsgzLnZwv%2FmDO4NcBGPQPDkRKLew6grHQh0kGfc0A%2B9Sd9VCtT6LqinXQhoWC%2FPZ8jAxJYrjzSCD1KFJcrjcSg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c089cec24c0-ZRH
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1481350
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HeK6wbmUN5FpZtDfEd78LA%2BxnqZgk8rD6%2B1%2FDABkk4mbzI2t%2FwA54uineD9T8inQ8Xr9S1UNr8n8LjkeSHPKIPRjY8Px9KJ9E2EGYdxLtgtN%2FmkujpH%2FPaFQnkHM1hMQcCI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c08ad2024c0-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
891731
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=If%2BfHI4Z727nDNd%2FFRc2vs1rVBVk66ozgwkT5fdXJAEbs033hS5JZ6sHUr8mXXTwOtWhnKfXaEGStsVrLJ%2FBakvkfR02V8%2BPzVMh67rf3c4SowcoluuDKZeg5aEdL9bbebI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c08ad2324c0-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1411100
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KoLZU%2B%2FtujPp99qYORoOqj%2BMaPA3OMvH9ne0Weuu7pDFA6MuKfaaEdlv9P9Cq%2BLq2XwFzclU5kXe%2BqFVxwYJflerhguK37PAVYRaw%2BjLMhXdxihAfd8KG2Jz7FJgVn0EKIg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c08ad2524c0-ZRH
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
596 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1481350
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RlgexOe6MtIbbRI0hd0PhtR5eMo3ytz9kXaNCSSfDwhOeFOOGsxWCghJrDwDVGmqvCKJympc%2Fy8dd%2FejJDx3A%2BnZniGoOp3PvvpRNigAD%2BERE2ftB5qd0q8bx7qIWsw6kLg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c08cd5224c0-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
891731
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f41P%2FgzpXmm4yz5vjjWDl%2FaoCM0fhbDcdJPZ6MQ4dt8ZiQ3eNhD9eXyR6kmQO4BtuR5sZdVIfzN2FNBBae8BUqyRBSlPaasEMWfxextWFZaWw3X8bikqpZOajsuNxT7fVXk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c08cd5524c0-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
587 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1411100
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Up9dc9yonDc0qE4XBMa%2FnGc2o0AAibf48lxSn5ywW4lqXuFK2G6rCrfTt02Y8pgZY12AI8DgQgwMdQPqu8jvYX4jba2ipreiC3zAsMmRAssufrV9Lcqb4797Ajd44%2BnXAXw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c08cd5724c0-ZRH
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
771 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1481350
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QO8x%2BgrzkfAT2v0BqWDdGp1GoNBHp0i9VRT10wzWEqpScml%2BiE2b7Sys8lrzmm6jPZRJ749nXnu90wE2cHwvwZDWU8Ya1hzTRew6V%2BccR%2BlKkQbHYeTz5p1s3J3XpeaQUlM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c08edab24c0-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
661 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
891731
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FD3DksqWGk59JEbAjP0VL35uErcgKE%2BLgv7TT91pKcrYFIhzpslHjsy496L9N8ZQMVTI4EImTgM8mbBOZJtU2g2FimEis%2Bvydpkz9n5Ceud7wfT3BP3j8cDvIu3nkE3qldY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c08fdbc24c0-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
508 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1411100
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R0AtBEcLMx83g0tAQXNGapJj5kDAsOxteYWieDwcHr28mwEaCbfsXaM9dZiMn8R0GqTwlf9WF7ZV0Tca4Erg9NcQV2XxS80GG%2BZ0wKX1xVq4TR1WJxEz9fPUGiM6OoAoTsM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c08fdc524c0-ZRH
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1481351
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AHg5hFc3rhnawiBfoTGQRAaAePmSzsdDmCx4t0Fn0ZTuwJD6TAapdtj4g%2F1LU2hYeD1BPFLu1gxafJ3qbp%2Fx3Fs0E4WMtCySTdDcg8sfdOx%2BIhCP%2B1QDC9t0t81FGr6VIQI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c090e1b24c0-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
596 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
891732
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dLsRbz9ArUf7A%2B%2B3K9kXUDmaikMCFx1%2BNNCgKZoTSjZEPpG1qGhkQrSuJHjyL4Cj5lyj9uwtqf2OfOEm7JDOnN09%2Fl3EOPdX6iMTpW1fb482BKWS2Oi6UjpmZhoqM%2BMa1E4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c090e1d24c0-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1411101
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t89Dal4WafyRApnxq2QQ15tymK0rCiDHV0woUKCTvItGHdtELNI%2BbtFjSEy5esgcv8FLH2kB3gUp5KpbM3HuUmmfcu1f189f3YGhZ8MV%2FywqxAwqW6FpaYOwzxEiFqD8nBk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c090e1f24c0-ZRH
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		359 B
916 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1481351
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6naY2q8qA3a7goB%2BdAEIVe83qAUqhi8l0N9MTnD3XstMoBFPx9psSPDQeeF0oz3TpIcDSTxwbqN9leRDVANTaQCyKZeJB5ygTBlhG88j7Adcxv295qX791WWmX6aBLZBH3w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c094e9f24c0-ZRH
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		365 B
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
891732
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FtiP9Eg%2Bz3vaZbMrqBRcALWxFY0Lout8KkeEsW868QPUN1A%2Bi50WzwFKmLVWfDMAlplhahpzu%2BCKQ3%2F7yJUAEt3VpZqXChYGRgaqzF%2Fv7s%2BiulFv3Pi5N6uE1mhzDp%2B3H4s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c094ea324c0-ZRH
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		330 B
586 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1411101
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DyZKgLLJ95uMArdHFJGHm5jyzLu1ZVGZtoqwsdtvvBVzk6W1Ea0pHCbptwDoz0YqRD139pjSg2wEcomsmST4jvwGPx2xWapu6E0CIlKpLh6EsiNPPC6gEl3ApiyvuekFTl4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c094ea724c0-ZRH
628246f25d5c1_Viconssmtlcrosslegs-bigthumb.jpg
apkainterior.s3.amazonaws.com/50236/conversions/ 		152 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apkainterior.s3.amazonaws.com/50236/conversions/628246f25d5c1_Viconssmtlcrosslegs-bigthumb.jpg
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.62.108 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.ap-south-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e734e7fa48fa0f104d9af196b4fcbf0ae9c2c9bc3d22b9be5093e0a0e31d434e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 09:26:29 GMT
Last-Modified
Mon, 16 May 2022 12:46:40 GMT
Server
AmazonS3
x-amz-request-id
6J7GXNYHEWG8TY8V
ETag
"2f093f29722eda5774c630b5b8207daf"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
155512
x-amz-id-2
csKS6vfKlsTIGmZMGqNf5dbuZmyMIok/e3TrAoum4VQVnzPsMo6xdoFhRjl8yctfZUeAc0hd+O4=
recruitment_agencies_in_south_africa.jpg
alliance-11536.kxcdn.com/wp-content/uploads/2017/04/ 		227 KB
228 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alliance-11536.kxcdn.com/wp-content/uploads/2017/04/recruitment_agencies_in_south_africa.jpg
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.148.132 , Germany, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
f7968fcb271b6ab80dcbd0ab70188c3bd5940168a622da5fa9cb8a9464d1c87c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:29 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-edge-location
defr
x-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
232585
last-modified
Fri, 04 Jun 2021 05:27:19 GMT
server
keycdn
etag
"38c89-5c3e9f2089bc0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kernkrb1IdX%2BMBYNni74ljQ5iO2vZ4t7malcH7HqXTvubZ280cbCigBBd4%2Fr%2B53D%2FLN8gKml6tW4xS6RHo0%2BetW7fFFMXSSpXrWEGH05Vajwc5i%2Feolt5mtBlHWZgxc1tY4kmjtCfK5iMRj678p%2FmEdq%2BZs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31556940
accept-ranges
bytes
cf-ray
827f2c0c5aec9bca-FRA
link
<https://www.alliancerecruitmentagency.com/wp-content/uploads/2017/04/recruitment_agencies_in_south_africa.jpg>; rel="canonical"
expires
Sun, 17 Nov 2024 15:15:29 GMT
O1CN01rfOfXq1q41aMtqPHv___1602475441_grande.jpg
everlighten.com/cdn/shop/products/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://everlighten.com/cdn/shop/products/O1CN01rfOfXq1q41aMtqPHv___1602475441_grande.jpg?v=1594232799
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
12f803faa28a1090ee2ab1b5af6bcd94f810a929de20032ced4b2554343f2a22
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
source-type
image/jpeg
server-timing
imagery;dur=119.903, imageryFetch;dur=88.724, imageryProcess;dur=30.570;desc="image", cfRequestDuration;dur=121.999979
source-length
64452
content-length
11030
x-xss-protection
1; mode=block
x-sorting-hat-shopid
4415520842
x-request-id
0988e2bf-26db-467a-ae5e-b803c3a7f0e5
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 17 Nov 2023 07:05:16 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oL%2BEK5Xa9rJX%2F3PZoFJqJNo1jcmo%2FVfThbDKI2RjKCAmgdEgDoA0qwH7LTuQf0JREQ0UWVeZect92tA3SpN9to%2F3R%2BKADJ7zqQ%2B1Whf8BDC2a%2FmGnfkeKLpzSUWwHZlQdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
827f2c0a2f999bb9-FRA
x-sorting-hat-podid
73
622ed2e492718_10414219a-bigthumb.jpg
apkainterior.s3.amazonaws.com/43355/conversions/ 		356 KB
357 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apkainterior.s3.amazonaws.com/43355/conversions/622ed2e492718_10414219a-bigthumb.jpg
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.62.108 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.ap-south-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7bdcaf0ea3548e1276a0f200bada6b8f08cfa8a6f7580a609204216e9eeb1085

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 09:26:29 GMT
Last-Modified
Mon, 14 Mar 2022 05:33:42 GMT
Server
AmazonS3
x-amz-request-id
6J7R1PT02JCF3920
ETag
"594af925d8d0f45ff40be9a726f762c1"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
364829
x-amz-id-2
0++GjO+ude9w7nWT5VkxizO8nqQVWlKugstrZYCHhz3873e8grMHXuERU9a7X9JYpDmWzGZlKlo=
00c5c5b37f6c71ad480e3c3959eb93aa.jpg
indotoursadventures.com/public/storage/categories/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://indotoursadventures.com/public/storage/categories/00c5c5b37f6c71ad480e3c3959eb93aa.jpg
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
148.72.215.239 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
239.215.72.148.host.secureserver.net
Software
Apache /
Resource Hash
0227847b36c05f5f0b26af8ed48a6e114319dd955c1ef531bb1fc1a92d2ee200

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 09:26:29 GMT
Last-Modified
Fri, 17 Nov 2023 12:29:48 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1595786
2-2.png
www.novalabcardiac.com/wp-content/uploads/2023/08/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.novalabcardiac.com/wp-content/uploads/2023/08/2-2.png
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.41.157 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
157.41.180.107.host.secureserver.net
Software
Apache /
Resource Hash
891662eefdc7e00791f5c3ea2ffd20f8ff597d6cd4ccfa5c3e539219560f1dcb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
last-modified
Wed, 11 Oct 2023 06:35:46 GMT
server
Apache
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=10368000, public
accept-ranges
bytes
content-length
5725
expires
Sun, 17 Mar 2024 09:26:28 GMT
what-can-you-do-with-a-horticulture-degree.png
fallandfallow.com/wp-content/uploads/2023/11/ 		547 KB
544 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fallandfallow.com/wp-content/uploads/2023/11/what-can-you-do-with-a-horticulture-degree.png
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
68.66.226.83 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
az1-sr8.supercp.com
Software
Apache /
Resource Hash
d0d5fdba2d7a0ee4d7830489b4aa75ef643de12761a646b048f7cb1fb358db69
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 09:26:28 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Sat, 11 Nov 2023 08:16:29 GMT
Server
Apache
Content-Encoding
gzip
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
image/png
Transfer-Encoding
chunked
Cache-Control
max-age=604800, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=500
cropped-Big-Acrylic_Final-Logo1-200x200.png
www.bigacrylic.com/wp-content/uploads/2016/02/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bigacrylic.com/wp-content/uploads/2016/02/cropped-Big-Acrylic_Final-Logo1-200x200.png
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
208.78.227.195 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
host.bigacrylic.com
Software
LiteSpeed /
Resource Hash
4118cacf914cb83c6e62f65bd76d189c4a9110f58027377465c40450d4808e89

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:30 GMT
last-modified
Fri, 10 Jun 2022 14:57:37 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
18524
expires
Mon, 18 Dec 2023 09:26:30 GMT
https%3A%2F%2Fvmsbiomedical.substack.com%2Ftwitter%2Fsubscribe-card.jpg%3Fv%3D1535371890%26version%3D9
substackcdn.com/image/fetch/f_auto,q_auto:best,fl_progressive:steep/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://substackcdn.com/image/fetch/f_auto,q_auto:best,fl_progressive:steep/https%3A%2F%2Fvmsbiomedical.substack.com%2Ftwitter%2Fsubscribe-card.jpg%3Fv%3D1535371890%26version%3D9
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-123.fra56.r.cloudfront.net
Software
imgproxy / Express
Resource Hash
b89cb45bf7db7e853ada26a94b1d10bacf0db8d4fbaaf2ad1e6c5f10ee225466
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 08:58:11 GMT
content-security-policy
script-src 'none'
via
1.1 a383f82b5d4e98bbd66535c2c4b20c9e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
1697
x-powered-by
Express
x-cache
Hit from cloudfront
content-disposition
inline; filename="subscribe-card.jpg"
alt-svc
h3=":443"; ma=86400
content-length
50811
x-request-id
K9CdCZ8L51l_HB7CaFx95
server
imgproxy
etag
"sJCYNzr1VoOy12g1f3P0LGdJ8QsGGWeHJEKnwyOD62Q/RVy8iMTA1ZmMtbnBjMXcrZWRZRlBYeDcvbnV6MklMZDdieWtRIg"
content-type
image/jpeg
cache-control
no-cache
x-amz-cf-id
vM9w8YMVXHUG9i4sld_LJubvp5T3VW21zSW4BlrjBHFQx16ApX7d5A==
1234-1.png
turkeyyachtrentals.com/wp-content/uploads/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://turkeyyachtrentals.com/wp-content/uploads/1234-1.png
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.221.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
929a8778efb23891b66c2d9c86b2ee1c65b3352b3fa115f7123e0b35f6bca7e0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
64948
alt-svc
h3=":443"; ma=86400
content-length
2435
last-modified
Wed, 20 Sep 2023 10:39:32 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lnjC55Dzere21cF5akRbDSflhhYpgzc78eGU4BYQpPUFytib1HA9V3ZxAiEejRflR8ZF9AtG1lvh4K%2BImXADFIdvM3MCv%2BHwHEviHX3xwm1PdYBwC9WRzJPvoeEyzQ1ya%2BJ7uqI6vZx2"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31557600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
827f2c0c0aad364f-FRA
expires
Sat, 16 Nov 2024 21:24:00 GMT
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
627 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638391
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rkxsmM8mBHtnefjdjPGGAtcXSh6aorcXi%2BLzyg0RrQmJxm2dsEYkmNoJ3P%2FBEijNMIOrJwNhKSZe%2BdRiZv0xglRMI9azmjcySYsx4E7gh3WbrvUCvTLZLVCOmu6yHiKqK4o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c096f1524c0-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
554 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638391
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nt06FtvoNWsCsjh%2F%2BEUWkopKuOBt7XYRQ73dzsnOWhpP8gY9ZEX%2FBJQ38QV%2B33%2FuspclTvYMQMQXf58oZtov%2FA5sMSUmuqesTXxpVZ%2FvFLEcVOxKc23dP1G9TOZcpOk%2Be3k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c098f6c24c0-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638391
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q4TtX%2Fe8eCs62is9C3PBGmvJbN4WCjq8e%2B5meo9NVcJLHwCzQl9%2Byndcv9cpdSKzRcziSddYqYXQfiFruE%2F7aHjOnMSq%2BqoWfba0JxBlQ1HvyOr0gorOS2vxSFkrGMUXvWY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c098f7224c0-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638391
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mj0IqXDk1XcwPZfAH8mJqC1omkyV4uE4Zli6W3JjOQ2AMPsz37BKG%2BfgkODNJaRwfeu5GeHsKagRqPmPS9VhhgrxvtzWBVpcDxJe6n7crt%2FXGX1%2FtKQpW%2BmmJ8QwKCv7oeg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c098f7424c0-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638391
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I6YXAQUz%2FvbOYY%2F%2BgUbg5sLwFNhyr%2BuM8DGqEwga79ELvBvP54GsLL0gRlyeVUsonI%2Fq9pCu%2FSEqsUCQ%2B2BMhZGV%2B5J09YhhMSS%2B4AnRIJM%2FAly7jDG468LJ%2FHXEXz%2Bn%2FaU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c098f7724c0-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638391
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NHUO97ogVblX5bF4mYeNeFWk45vISBoD82MZa33h0nYMqBMBw57F53hj6l4LlXQAv6Ox4LHrtmgXq5%2By%2BA6Mpr8rLc59EJP%2BNiRpCKnNLPxfZAax4nCIA2U0lETR1Lh055c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c09af9f24c0-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638391
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vZiJyb7aqse%2FiApF4n%2FA0trBPepicelOf5uBM77Dw6Y80AtaDu%2By%2FmR9VjFut4SAMgJ%2B8v%2B57YgWuoVC%2BNdESDgHKqq9iyg6g7g2LIuVlzBrsSJE4UEFf7k15bPeVv230q8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c09afa124c0-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638391
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4SD9if7pSO6xfZBtww9y5wg6GRKtl5iII9ZAyOdiAjNu7rj9bUkJkpLq3RVGV52iSG6EwsZZP1rjh0JhhktHHS9uEt3aqEb288wsWywd1UMO7PjqnTxowdMK3YgX73RGxcI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c09afa624c0-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
894 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638391
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oREIJ7mObN7eaN4qy0ti51PDN%2F14C6wqR3S0U0R1M8YTp3H34AYehuraOmSuUIKwPpc%2BY36mYPJwAT6%2FEnf7keRDFwKluXSXVRCFyCQBQNX3shelp7yrTiu%2BAD4kNLMIlT4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c09afa824c0-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
638 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638391
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jmw4PmI21ngU5BkYsdExnwgzbcafbLZMl%2B9LEYyH8XHiXsXt%2BLLt3YBcRdl%2FqZqBbwkpxWDxodtgD%2FWYgs3SSLc%2BQRt6tRRGDGKJiCOeXhx86srzRo2BevqSGTkoJy8raaE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c09bfb624c0-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638391
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MnBsimh3fL5DF4aK%2FiiFSR5b1uj9HJXu1bKcsF3pIY6rYlBlbU463st0Wgt1yod73uBq22gd4QJY5ShBMUBOI%2BFRmL8wGru08bGww%2BWvD80kbN%2BLuP72uKatiTckOofZ2C4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c09dfff24c0-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
898 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638391
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bfsJ%2FvUr2Dy2fSxy5XeB%2F%2Bv%2FlQJmnrRqETdP3%2F1Mz6s6fJrh0HcTiALWDK0shvOV4AcNrqXaImI2NaKyFf2RreRAsbQ4mfcv%2B7jUz5k6ZXT9DHRO6LJIcJ5C0%2FnsF4qkxcw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c09d80924c0-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638391
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=89PqER8nfBmCX6%2BNu%2FYOWyFQIGtshdrvmFZO9lG6VlR7G5tiK1F%2FfV58xUgXjbdgsyK8QPzxtAv3w1nm6LQARP8irzGrzO9xJFNs0DqngfPpS6gummkzUNPBmTLLuwAxx8M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c09d80d24c0-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
639 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638391
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o6%2Fa5G3mUKI3%2FWKdJZLiyQFsqF5%2F3j1iR1jGZcClFiN%2FESzUIwirf0v9ytwibr4RqB7Wj4bzlP8wY%2FY8uZSEEn5GG45AcZDDI8lGU1BiLCSCJBrsuOoUlVJ37Y6TYLmPAiE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c09e83424c0-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638391
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bOxpF1R%2BBWzstQOjkZm5yv9N3zLliY6bO096BL18h4LEaBQAFGasnzPokst3DzXhpFzXNu44fT57UDN%2Fcbk2xDIN3HT5C6%2BQi%2BshTNkqXOq0q9CJR6fcpfQUMOuVPRJ6QMc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c09e83624c0-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638391
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Oa92x05xIb1nbWDKirwqAI%2BBUu%2BxDy0N2Zfnik59VhBNUokVY2Tp1XpFgVPPo3YbUrSQQXM88jmlIq5Uxs4lbm3MMTY%2BJo8snhJYHST6U9Qfyk1u7789%2FIERjNVCF3dOec%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c09e83824c0-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638391
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vAo2kEpnZWRW7i%2Bj4ftTBCCBJmTpwaGPdfuahv6PilZXr2ebi%2BR3qNFMYzJnfls%2Fx7mukC5MfzaW4hSZhuwZptOQBpExCl9qtUHsiSTLvW9cPpuyfDg0D98vgQ7ICGg77gQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c09e83b24c0-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638391
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HfislBZU3BCXHYPGqLsVHVfh7PzbRh1oaPUdBN%2FJjMKyzj4DAFIKPmruY1J8o2im%2FfUc1MktBzZdGqfSDPu3TGpT2v6db1TRKCwDxw06LrdBm7nr9dIHsT8kgmBSLbbxWHY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c09e83e24c0-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
551 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638391
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Px1LxClP5hd0Y4uWz4e1NlsP%2FnGt%2FBkrMm5dZQGJg3OEA%2FBG7vJHVuemqpXbOXR5kJi3d2FHV0YpPZ%2FAqFBmJXJQdkRmzfvS%2BQMNu0DdXvOavqUfnwTw9cuf1ESWdEq1UmU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c09e84624c0-ZRH
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		404 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
638391
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230048-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=peEphdWv6r75XaR9oMcTrHt72kKf1C0gyQeqr9NZ1KFPgtYY7rQdBY129V2iw1CVfGRsMhBVrg4gji0Wrhmm3pk7JCstqSKEgIQrCpXBhJ%2BIQCs8UpM9RL2gfkUwWVbReOo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c09e84924c0-ZRH
ads
securepubads.g.doubleclick.net/gampad/ 		59 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4076639824696142&correlator=1920815678619136&eid=31079673%2C31079657%2C31079527%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=3&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie=ID%3Df6676ae0cc69b546%3AT%3D1700299586%3ART%3D1700299586%3AS%3DALNI_Mb_8Yh8MnZHce-l5TVMb7fI6XRqOQ&gpic=UID%3D00000ccb8be8a1b0%3AT%3D1700299586%3ART%3D1700299586%3AS%3DALNI_Mb_FBPpqCanBhi_O_G1TpevmZthKQ&abxe=1&dt=1700299588162&lmt=1700299588&adxs=386&adys=1813&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&rumc=4076639824696142&rume=1&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=740&psts=AOrYGsnPlnkquG54sxLdFdENYCEzSjAthvPN7qkcwxPkI2YN&ga_vid=1211143656.1700299585&ga_sid=1700299586&ga_hid=399394579&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY4fOCjr4xSABSAghkEjsKCnB1YmNpZC5vcmcSJGNjMDE3NDNmLWJjODItNDE1Mi1hYmY3LWQ5MzQzY2I4Mzc1NBi59YKOvjFIABIdCg5lc3AuY3JpdGVvLmNvbRjg84KOvjFIAFICCGQSFwoIcnRiaG91c2UY4fOCjr4xSABSAghkEhQKBW9wZW54GODzgo6-MUgAUgIIZBIZCgp1aWRhcGkuY29tGOHzgo6-MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y4POCjr4xSABSAghk&dlt=1700299583262&idt=1106&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D2%26allowNative%3Dfalse%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D9_ZH_notchrome%26browser_hour_refresh%3Dundefined_9_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dfalse%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=2233693956&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
267f1354fe7b08e720a91d3ca48cf802087db8f658d26ca558e54880ce3059fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
121759
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24424
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
445089
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://folkd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		58 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4076639824696142&correlator=1125332095500073&eid=31079673%2C31079657%2C31079527%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=4&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie=ID%3Df6676ae0cc69b546%3AT%3D1700299586%3ART%3D1700299586%3AS%3DALNI_Mb_8Yh8MnZHce-l5TVMb7fI6XRqOQ&gpic=UID%3D00000ccb8be8a1b0%3AT%3D1700299586%3ART%3D1700299586%3AS%3DALNI_Mb_FBPpqCanBhi_O_G1TpevmZthKQ&abxe=1&dt=1700299588180&lmt=1700299588&adxs=386&adys=2722&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&rumc=4076639824696142&rume=1&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=740&psts=AOrYGsnPlnkquG54sxLdFdENYCEzSjAthvPN7qkcwxPkI2YN&ga_vid=1211143656.1700299585&ga_sid=1700299586&ga_hid=399394579&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY4fOCjr4xSABSAghkEjsKCnB1YmNpZC5vcmcSJGNjMDE3NDNmLWJjODItNDE1Mi1hYmY3LWQ5MzQzY2I4Mzc1NBi59YKOvjFIABIdCg5lc3AuY3JpdGVvLmNvbRjg84KOvjFIAFICCGQSFwoIcnRiaG91c2UY4fOCjr4xSABSAghkEhQKBW9wZW54GODzgo6-MUgAUgIIZBIZCgp1aWRhcGkuY29tGOHzgo6-MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y4POCjr4xSABSAghk&dlt=1700299583262&idt=1106&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D3%26allowNative%3Dfalse%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D9_ZH_notchrome%26browser_hour_refresh%3Dundefined_9_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dfalse%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=2566420883&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
453b9181fc79425a085b4b893c52831e09deec9346bf79e92a8c2c187986a431
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
121759
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23988
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
445089
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://folkd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		57 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4076639824696142&correlator=2102063555613327&eid=31079673%2C31079657%2C31079527%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=5&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie=ID%3Df6676ae0cc69b546%3AT%3D1700299586%3ART%3D1700299586%3AS%3DALNI_Mb_8Yh8MnZHce-l5TVMb7fI6XRqOQ&gpic=UID%3D00000ccb8be8a1b0%3AT%3D1700299586%3ART%3D1700299586%3AS%3DALNI_Mb_FBPpqCanBhi_O_G1TpevmZthKQ&abxe=1&dt=1700299588189&lmt=1700299588&adxs=386&adys=3607&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&rumc=4076639824696142&rume=1&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=740&psts=AOrYGsnPlnkquG54sxLdFdENYCEzSjAthvPN7qkcwxPkI2YN&ga_vid=1211143656.1700299585&ga_sid=1700299586&ga_hid=399394579&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY4fOCjr4xSABSAghkEjsKCnB1YmNpZC5vcmcSJGNjMDE3NDNmLWJjODItNDE1Mi1hYmY3LWQ5MzQzY2I4Mzc1NBi59YKOvjFIABIdCg5lc3AuY3JpdGVvLmNvbRjg84KOvjFIAFICCGQSFwoIcnRiaG91c2UY4fOCjr4xSABSAghkEhQKBW9wZW54GODzgo6-MUgAUgIIZBIZCgp1aWRhcGkuY29tGOHzgo6-MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y4POCjr4xSABSAghk&dlt=1700299583262&idt=1106&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D4%26allowNative%3Dfalse%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D9_ZH_notchrome%26browser_hour_refresh%3Dundefined_9_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dfalse%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=752999773&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
bf425165b6951afcf5f4b417135f6ec8bc2f19b4a615523f556c07810d7da77b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
121759
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23760
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
445089
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://folkd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		31 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4076639824696142&correlator=1477810099653618&eid=31079673%2C31079657%2C31079527%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=6&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie=ID%3Df6676ae0cc69b546%3AT%3D1700299586%3ART%3D1700299586%3AS%3DALNI_Mb_8Yh8MnZHce-l5TVMb7fI6XRqOQ&gpic=UID%3D00000ccb8be8a1b0%3AT%3D1700299586%3ART%3D1700299586%3AS%3DALNI_Mb_FBPpqCanBhi_O_G1TpevmZthKQ&abxe=1&dt=1700299588195&lmt=1700299588&adxs=386&adys=4491&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&rumc=4076639824696142&rume=1&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=740&psts=AOrYGsnPlnkquG54sxLdFdENYCEzSjAthvPN7qkcwxPkI2YN&ga_vid=1211143656.1700299585&ga_sid=1700299586&ga_hid=399394579&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY4fOCjr4xSABSAghkEjsKCnB1YmNpZC5vcmcSJGNjMDE3NDNmLWJjODItNDE1Mi1hYmY3LWQ5MzQzY2I4Mzc1NBi59YKOvjFIABIdCg5lc3AuY3JpdGVvLmNvbRjg84KOvjFIAFICCGQSFwoIcnRiaG91c2UY4fOCjr4xSABSAghkEhQKBW9wZW54GODzgo6-MUgAUgIIZBIZCgp1aWRhcGkuY29tGOHzgo6-MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y4POCjr4xSABSAghk&dlt=1700299583262&idt=1106&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D5%26allowNative%3Dfalse%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D9_ZH_notchrome%26browser_hour_refresh%3Dundefined_9_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dfalse%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=2414587748&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e4bea54ec45f1938d4686e74e804a2b19adc7b220d4712331d01dc7ba5c27350
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13862
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://folkd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		57 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4076639824696142&correlator=2557237429340051&eid=31079673%2C31079657%2C31079527%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=7&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie=ID%3Df6676ae0cc69b546%3AT%3D1700299586%3ART%3D1700299586%3AS%3DALNI_Mb_8Yh8MnZHce-l5TVMb7fI6XRqOQ&gpic=UID%3D00000ccb8be8a1b0%3AT%3D1700299586%3ART%3D1700299586%3AS%3DALNI_Mb_FBPpqCanBhi_O_G1TpevmZthKQ&abxe=1&dt=1700299588202&lmt=1700299588&adxs=386&adys=5376&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&rumc=4076639824696142&rume=1&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=740&psts=AOrYGsnPlnkquG54sxLdFdENYCEzSjAthvPN7qkcwxPkI2YN&ga_vid=1211143656.1700299585&ga_sid=1700299586&ga_hid=399394579&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY4fOCjr4xSABSAghkEjsKCnB1YmNpZC5vcmcSJGNjMDE3NDNmLWJjODItNDE1Mi1hYmY3LWQ5MzQzY2I4Mzc1NBi59YKOvjFIABIdCg5lc3AuY3JpdGVvLmNvbRjg84KOvjFIAFICCGQSFwoIcnRiaG91c2UY4fOCjr4xSABSAghkEhQKBW9wZW54GODzgo6-MUgAUgIIZBIZCgp1aWRhcGkuY29tGOHzgo6-MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y4POCjr4xSABSAghk&dlt=1700299583262&idt=1106&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D6%26allowNative%3Dfalse%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D9_ZH_notchrome%26browser_hour_refresh%3Dundefined_9_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dfalse%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=2954782562&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
d4172543fee747f16fc31ca9f7e2506a4e561fc2d6a0260e1564da4245207759
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
121759
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23469
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
445089
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://folkd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		384 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4076639824696142&correlator=697919150107284&eid=31079673%2C31079657%2C31079527%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=8&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie=ID%3Df6676ae0cc69b546%3AT%3D1700299586%3ART%3D1700299586%3AS%3DALNI_Mb_8Yh8MnZHce-l5TVMb7fI6XRqOQ&gpic=UID%3D00000ccb8be8a1b0%3AT%3D1700299586%3ART%3D1700299586%3AS%3DALNI_Mb_FBPpqCanBhi_O_G1TpevmZthKQ&abxe=1&dt=1700299588207&lmt=1700299588&adxs=386&adys=6261&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=6&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&rumc=4076639824696142&rume=1&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=740&psts=AOrYGsnPlnkquG54sxLdFdENYCEzSjAthvPN7qkcwxPkI2YN&ga_vid=1211143656.1700299585&ga_sid=1700299586&ga_hid=399394579&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY4fOCjr4xSABSAghkEjsKCnB1YmNpZC5vcmcSJGNjMDE3NDNmLWJjODItNDE1Mi1hYmY3LWQ5MzQzY2I4Mzc1NBi59YKOvjFIABIdCg5lc3AuY3JpdGVvLmNvbRjg84KOvjFIAFICCGQSFwoIcnRiaG91c2UY4fOCjr4xSABSAghkEhQKBW9wZW54GODzgo6-MUgAUgIIZBIZCgp1aWRhcGkuY29tGOHzgo6-MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y4POCjr4xSABSAghk&dlt=1700299583262&idt=1106&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D7%26allowNative%3Dfalse%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D9_ZH_notchrome%26browser_hour_refresh%3Dundefined_9_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dfalse%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=3024330878&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
8e6e6907d263851c3ac40a80f9f764e325ad44ffc17ca3f9b3839777cba161fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://folkd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		57 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4076639824696142&correlator=630193283709924&eid=31079673%2C31079657%2C31079527%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=9&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie=ID%3Df6676ae0cc69b546%3AT%3D1700299586%3ART%3D1700299586%3AS%3DALNI_Mb_8Yh8MnZHce-l5TVMb7fI6XRqOQ&gpic=UID%3D00000ccb8be8a1b0%3AT%3D1700299586%3ART%3D1700299586%3AS%3DALNI_Mb_FBPpqCanBhi_O_G1TpevmZthKQ&abxe=1&dt=1700299588210&lmt=1700299588&adxs=386&adys=7146&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=7&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&rumc=4076639824696142&rume=1&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=740&psts=AOrYGsnPlnkquG54sxLdFdENYCEzSjAthvPN7qkcwxPkI2YN&ga_vid=1211143656.1700299585&ga_sid=1700299586&ga_hid=399394579&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY4fOCjr4xSABSAghkEjsKCnB1YmNpZC5vcmcSJGNjMDE3NDNmLWJjODItNDE1Mi1hYmY3LWQ5MzQzY2I4Mzc1NBi59YKOvjFIABIdCg5lc3AuY3JpdGVvLmNvbRjg84KOvjFIAFICCGQSFwoIcnRiaG91c2UY4fOCjr4xSABSAghkEhQKBW9wZW54GODzgo6-MUgAUgIIZBIZCgp1aWRhcGkuY29tGOHzgo6-MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y4POCjr4xSABSAghk&dlt=1700299583262&idt=1106&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D8%26allowNative%3Dfalse%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D9_ZH_notchrome%26browser_hour_refresh%3Dundefined_9_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dfalse%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=2533869661&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ee89a1ed030ed2aba51498702726f0a7251da11229681c4eb6dc84558c39751b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
121759
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23792
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
445089
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://folkd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		46 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4076639824696142&correlator=95385519914393&eid=31079673%2C31079657%2C31079527%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=10&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie=ID%3Df6676ae0cc69b546%3AT%3D1700299586%3ART%3D1700299586%3AS%3DALNI_Mb_8Yh8MnZHce-l5TVMb7fI6XRqOQ&gpic=UID%3D00000ccb8be8a1b0%3AT%3D1700299586%3ART%3D1700299586%3AS%3DALNI_Mb_FBPpqCanBhi_O_G1TpevmZthKQ&abxe=1&dt=1700299588214&lmt=1700299588&adxs=386&adys=8031&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=8&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&rumc=4076639824696142&rume=1&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=740&psts=AOrYGsnPlnkquG54sxLdFdENYCEzSjAthvPN7qkcwxPkI2YN&ga_vid=1211143656.1700299585&ga_sid=1700299586&ga_hid=399394579&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY4fOCjr4xSABSAghkEjsKCnB1YmNpZC5vcmcSJGNjMDE3NDNmLWJjODItNDE1Mi1hYmY3LWQ5MzQzY2I4Mzc1NBi59YKOvjFIABIdCg5lc3AuY3JpdGVvLmNvbRjg84KOvjFIAFICCGQSFwoIcnRiaG91c2UY4fOCjr4xSABSAghkEhQKBW9wZW54GODzgo6-MUgAUgIIZBIZCgp1aWRhcGkuY29tGOHzgo6-MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y4POCjr4xSABSAghk&dlt=1700299583262&idt=1106&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D9%26allowNative%3Dfalse%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D9_ZH_notchrome%26browser_hour_refresh%3Dundefined_9_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dfalse%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=2606919589&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
a137f2dfc6b798320f0ad590149faa424ef840f2559cbc5117ebdf6d4452a1c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
121759
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19227
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
445089
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://folkd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		57 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4076639824696142&correlator=2560151064596360&eid=31079673%2C31079657%2C31079527%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=11&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie=ID%3Df6676ae0cc69b546%3AT%3D1700299586%3ART%3D1700299586%3AS%3DALNI_Mb_8Yh8MnZHce-l5TVMb7fI6XRqOQ&gpic=UID%3D00000ccb8be8a1b0%3AT%3D1700299586%3ART%3D1700299586%3AS%3DALNI_Mb_FBPpqCanBhi_O_G1TpevmZthKQ&abxe=1&dt=1700299588219&lmt=1700299588&adxs=386&adys=8874&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=9&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&rumc=4076639824696142&rume=1&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=740&psts=AOrYGsnPlnkquG54sxLdFdENYCEzSjAthvPN7qkcwxPkI2YN&ga_vid=1211143656.1700299585&ga_sid=1700299586&ga_hid=399394579&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY4fOCjr4xSABSAghkEjsKCnB1YmNpZC5vcmcSJGNjMDE3NDNmLWJjODItNDE1Mi1hYmY3LWQ5MzQzY2I4Mzc1NBi59YKOvjFIABIdCg5lc3AuY3JpdGVvLmNvbRjg84KOvjFIAFICCGQSFwoIcnRiaG91c2UY4fOCjr4xSABSAghkEhQKBW9wZW54GODzgo6-MUgAUgIIZBIZCgp1aWRhcGkuY29tGOHzgo6-MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y4POCjr4xSABSAghk&dlt=1700299583262&idt=1106&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D10%26allowNative%3Dfalse%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D9_ZH_notchrome%26browser_hour_refresh%3Dundefined_9_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dfalse%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=4085529275&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
073d91268a1870e23cbe6d36d477e5f28d291ebd4fee55837fc2d1294bc657cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:28 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
121759
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23515
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
445089
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://folkd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame E7D2
Redirect Chain
  • https://google-bidout-d.openx.net/w/1.0/pd?plm=5
  • https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
572 B
709 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
5fa8401ed118fbb119282f02964c88b75f94376250abab0e186dc8ce97693bc0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
375
content-type
text/html
date
Sat, 18 Nov 2023 09:26:28 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 18 Nov 2023 09:26:28 GMT
location
https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
container.html
fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B063 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.193 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 09:26:26 GMT
expires
Sun, 17 Nov 2024 09:26:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
mmt.gif
imps.monu.delivery/ 		37 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=e634ceb0-a884-47c5-9981-592178c50d0d&a=p.f.i&u=JYM01M&d=%7B%22c%22%3A%22CH%22%2C%22r%22%3A%22ZH%22%2C%22p%22%3A%22%2F%22%7D
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 06:53:14 GMT
age
527594
x-guploader-uploadid
ABPtcPpY7imjaJdnkVO6i_GPmBn6c-3SbFw2xaTZmP6AKmYYtgiU0vX7WBCsegBLkONR-PrN1G9PaH6m7PoEZgyzttlU3A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Mon, 11 Nov 2024 06:53:14 GMT
syncframe
gum.criteo.com/ Frame 9246 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=folkd.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 09:26:28 GMT
server
Kestrel
server-processing-duration-in-ticks
342107
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
increment
id5-sync.com/api/esp/ 		0
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Sat, 18 Nov 2023 09:26:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
sd
eu-u.openx.net/w/1.0/ Frame E7D2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3216836833839915637
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3216836833839915637
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:29 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3216836833839915637
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame E7D2
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=137abedb-edf6-8c61-8fa4-c53f19d55588
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=137abedb-edf6-8c61-8fa4-c53f19d55588&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=137abedb-edf6-8c61-8fa4-c53f19d55588&dcc=t
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Protocol
HTTP/1.1
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 09:26:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
B22WWMTH4PVBMFN99VDM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 09:26:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
77P39VSFDSMEXC64NBMP
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=137abedb-edf6-8c61-8fa4-c53f19d55588&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame E7D2 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=4bacc2a6-f15c-379b-4faa-47a871e69e68&gdpr=0
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:29 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame E7D2 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjdjMzExNmMtMzgyYi02OTNmLTVhNGEtMWQxMWJiMDQ1MDA4
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame E7D2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGNX44yRl-Bn2F24BARhufI&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGNX44yRl-Bn2F24BARhufI&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:29 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGNX44yRl-Bn2F24BARhufI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DEB4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.193 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 09:26:26 GMT
expires
Sun, 17 Nov 2024 09:26:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FD3A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.193 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 09:26:26 GMT
expires
Sun, 17 Nov 2024 09:26:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F7F0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.193 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 09:26:26 GMT
expires
Sun, 17 Nov 2024 09:26:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6063 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.193 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 09:26:26 GMT
expires
Sun, 17 Nov 2024 09:26:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C9B3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.193 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 09:26:26 GMT
expires
Sun, 17 Nov 2024 09:26:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6391 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.193 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 09:26:26 GMT
expires
Sun, 17 Nov 2024 09:26:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
log
protected-by.clarium.io/ Frame B063 		0
0
log
protected-by.clarium.io/ Frame B063 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://protected-by.clarium.io/log
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.49.34.168 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-34-168.eu-north-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 18 Nov 2023 09:26:29 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-max-age
access-control-allow-methods
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-headers
ym.1.js
static.yieldmo.com/ Frame B063 		471 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/ym.1.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
NbkkeiEKbyQy0u3FDjr4KUZdjNHSllZV
content-encoding
br
via
1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
date
Sat, 18 Nov 2023 08:09:10 GMT
x-amz-cf-pop
FRA60-P5
age
76016
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 31 Oct 2023 14:12:13 GMT
server
AmazonS3
etag
W/"85b25619738a6e04dd868ea9b98ac8e4"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
private, max-age=1800
x-response-headers-policy
static-yieldmo-com_js_text
x-amz-cf-id
gThyG2qfe8oQJ7tJTEnGfvoCoUWm-AqNRPflAr1o8vqdn06xqRV7ZA==
/
track.adform.net/adfscript/ Frame B063 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=67903448;rtbwp=806C8143FF24DF89;rtbdata=qv9ejJzjOeY0mZ6kelq-8rCsK4l_2OrbyrWNLVyijSev9q7VT4QsEn8WJY_TAOcRKottOvZdx2gcEiFQAXk0L81D5ldv-icmD7TriWI_HNKXcAwlMqKl9b_M7cVgQJceqq8HGtFeB_QK6FpHMkg1aJ9nofLwBviHe9hsTx5gWIzfHjlKoWIM7bxm-9bbr7k1GEbEH4l0xcnxR4cnqKPElcgoE-BgNjqVlLBmWJ6IOjRftqkaem0r5Z9rX14qzbssOf6xLZNG6FPuXFK4uqwgo614bYjQ2y0BC9fw_n_QWtVctNMQfXi_9jaQopJ01OkwOuaDf_o-wm4gKQoJeufOeKIGF5b3gnf93_xcUB520rDSSFdHB1pKgTnba820HxKTWPwCPzq_Z3WKpjMRdn3So8N4iOtIBxgX0;;OOBClickTrack=https://beacon-nf.rubiconproject.com/beacon/v3/t/fra2/0/7ee0698c-2b2f-4da7-a2ce-3841c102f763/
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
208d9ab59856c960e751717d6bf40cd27694e5e8757564dfa3e4c6c2c0f7f2e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1114
expires
-1
ev
ads.yieldmo.com/v000/t_tkr/ Frame B063 		43 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3409479147974783662&pvt=1700299586968&plid=2521236318193655889&imp=6114423632850686324&rep_meta=mN4WpyQsj7QNnF5O9Zy6Oj25zLc9fZadnoU3nNrtmD7xreTeckMr9H_lrniBAehRswAqsHqZ4F-qDBPO_SA7un2OSM54M0SVWi0eWoZIag3da00tCvMi0G-273CNRB0GtHanV_IfXRL-y6-SlDpXf_K02tmpFwgzv2vTtErNgTO-UEpkLt08YHKhC15P3vKStOaRP1GirjaM9U2gkUGpFukcfSZa8dT1v9bkV1FjTAEUHgRckbk6DHO6iBrkYJ1E-ZLBn3SuZoaY_ma1bXd9vfUzN4OPRkC6aido33vazLfBGgtPIXSJb18LzBe0MCvQv8zPkTrQrdkCvwkHCPHBZVttXDf7OaXf-OZNkw9ukXOA4C7gh3D8mGHn1W6yt4Xt
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:29 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43
ev
ads.yieldmo.com/v000/t_tkr/ Frame B063 		0
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=r&pvid=3409479147974783662&pvt=1700299586968&plid=2521236318193655889&imp=6114423632850686324&rep_meta=mN4WpyQsj7QNnF5O9Zy6Oj25zLc9fZadnoU3nNrtmD7xreTeckMr9H_lrniBAehRswAqsHqZ4F-qDBPO_SA7un2OSM54M0SVWi0eWoZIag3da00tCvMi0G-273CNRB0GtHanV_IfXRL-y6-SlDpXf_K02tmpFwgzv2vTtErNgTO-UEpkLt08YHKhC15P3vKStOaRP1GirjaM9U2gkUGpFukcfSZa8dT1v9bkV1FjTAEUHgRckbk6DHO6iBrkYJ1E-ZLBn3SuZoaY_ma1bXd9vfUzN4OPRkC6aido33vazLfBGgtPIXSJb18LzBe0MCvQv8zPkTrQrdkCvwkHCPHBZVttXDf7OaXf-OZNkw9ukXOA4C7gh3D8mGHn1W6yt4Xt
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:29 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
/
track.adform.net/rtb/billing/ Frame B063 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/rtb/billing/?bn=67903448&rtbwp=806C8143FF24DF89&rtbdata=qv9ejJzjOeY0mZ6kelq-8rCsK4l_2OrbyrWNLVyijSev9q7VT4QsEn8WJY_TAOcRKottOvZdx2gcEiFQAXk0L81D5ldv-icmD7TriWI_HNKXcAwlMqKl9b_M7cVgQJceqq8HGtFeB_QK6FpHMkg1aJ9nofLwBviHe9hsTx5gWIzfHjlKoWIM7bxm-9bbr7k1GEbEH4l0xcnxR4cnqKPElcgoE-BgNjqVlLBmWJ6IOjRftqkaem0r5Z9rX14qzbssOf6xLZNG6FPuXFK4uqwgo614bYjQ2y0BC9fw_n_QWtVctNMQfXi_9jaQopJ01OkwOuaDf_o-wm4gKQoJeufOeKIGF5b3gnf93_xcUB520rDSSFdHB1pKgTnba820HxKTWPwCPzq_Z3WKpjMRdn3So8N4iOtIBxgX0&winparams=E6eVfkogogFxURYYTdNpB4p9HM83XWaiy2nYn4UiJoNxC31HnPXspgsptvGhoNX88SToQFloQbO8U7EuhrBf8VX0b5KNHciw286-tUrNWNyoy-4otgeXJ66ULKRXfpdmXEDQ0DWF9WL0bDtFsQztHPV6eYhim5RemEtKXzSXnR-4f47lQKHAawroWkcySDVon2eh8vAG-IfZ03UjYHMsPA2
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:29 GMT
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
expires
-1
7ee0698c-2b2f-4da7-a2ce-3841c102f763
beacon-fra2.rubiconproject.com/beacon/d/ Frame B063 		43 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-fra2.rubiconproject.com/beacon/d/7ee0698c-2b2f-4da7-a2ce-3841c102f763?oo=0&accountId=17070&siteId=157298&zoneId=749704&sizeId=2&e=6A1E40E384DA563B9074368DBF92E98DC587529979409DE7D4825FC48FAD1C6A0D92985675D9975CFCEE2859E2EA1D170B20BB617D05D10F8029A4EF05BF6B2EDA116DF704F3A00E603ADCF9E6B5CDA79178B5277F25D94A113E078FE25335AC2D71AE439E23C7A1EBCB9DDB564CD792FD681CACF1B474553F76E2D30EB456789ECCE30F5F21466B5B712B6AF4141FB124F5207A2458AD77E4684371C7477EEC48E5B231CD0D7FBA2F016C1072CD7ADB94AD55581A7184C173DD3F83E4643498CDA10306204D320B
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.152 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:29 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
register
token.rubiconproject.com/ Frame B063 		0
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/register?khaos=LP3UH1V1-21-638U
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame B063 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 14:28:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
68255
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 14:28:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame B063 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:24:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
101
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Dec 2023 09:24:48 GMT
l
www.google.com/ads/measurement/ Frame B063 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTjSH9CArp17eiAe-09kAkOZcK6oxL8hrxBp0FAa3isyc_xN-VEOJCaq8bAxCFHr7pQSjLR4DTpoMh1xfjZ_MdOskPfUg
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B063 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:22:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
205430
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Nov 2024 00:22:39 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B063 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 09:26:29 GMT
pixel
protected-by.clarium.io/ Frame B063 		68 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hfgs1hnf&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYl8xXzFfYWQifSwiZHNwIjo3M30%3D&cb=7154414&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.49.34.168 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-34-168.eu-north-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:29 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
container.html
fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C48E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.193 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 09:26:26 GMT
expires
Sun, 17 Nov 2024 09:26:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A740 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.193 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 09:26:26 GMT
expires
Sun, 17 Nov 2024 09:26:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
u.clarity.ms/ 		0
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://u.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.227.249.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://folkd.com
Date
Sat, 18 Nov 2023 09:26:29 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
ym.1.js
static.yieldmo.com/ Frame DEB4 		471 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/ym.1.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
NbkkeiEKbyQy0u3FDjr4KUZdjNHSllZV
content-encoding
br
via
1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
date
Sat, 18 Nov 2023 08:09:10 GMT
x-amz-cf-pop
FRA60-P5
age
76016
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 31 Oct 2023 14:12:13 GMT
server
AmazonS3
etag
W/"85b25619738a6e04dd868ea9b98ac8e4"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
private, max-age=1800
x-response-headers-policy
static-yieldmo-com_js_text
x-amz-cf-id
aSZA5awr5i6-s5ZbhA_C1fvkcOZaYOwhUoD6pNCBmDUVqxh3vztVdA==
pixel
googleads.g.doubleclick.net/xbbe/ Frame 69D3 		281 B
459 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGOXS1voBMAE&v=APEucNUhp3iJKyaK9BHAqRIe5CrQy8Aj0QgRknqoO111E4GaqlEz1kn_bCkgyrSV3mbFl5kQ5jrnkWTUScH9VxVQCSYzf7O29G-Kg9C1f0U0dcS_MHRC1aU
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
a0f95dcad4811c2b85289326687f5e63764a1a24b5f8bd2d4ad59da3858f7992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
104
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 09:26:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame DEB4 		92 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
1f40994eab15b92af5183f9acf338e0354771054c65024e0aa679b6506f9eb87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32789
x-xss-protection
0
server
cafe
etag
17194431578830737671
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 09:26:29 GMT
ev
ads.yieldmo.com/v000/t_tkr/ Frame DEB4 		43 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3409479159525883826&pvt=1700299588345&plid=2521236318193655889&imp=3026408538004655441&rep_meta=wp0oTkO9jiLS7M397yo0MNNJIY2FplBJelJkJKX0j6lfrds6ZxfAs1nDhF0Udv24iHcWB0td7YNrEzGMF2Eh9KXI5lTIwPC-c9-_XHMKTB4gNbKfsetKqbDuZuDNeKdCesapgjWnbS1JzLTNTrW54qOeV2URqpH1Q34O-6kcVEWdTjVCryw9Q20Dnrr3lbRS7WACAjrYy5W8McjQP-DD69U7UX_CzIdWQB1zFgnQr5gBP4yfPmNgTst5lEblcY02NQlEQ5PukekAyLKWPxFpcb5Lum0WvccVS2cZVi3vg2PrR9B2ivpealeNsJaiAeYZasy1i8YjF-rhZrJI3qCCtps1JHt6XzrR43ZUSU-kz6aMzIk9Yoxae-kE1xXEZMJyjo3hiRCO-ZeHsPRFbRC6dw
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:29 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43
ev
ads.yieldmo.com/v000/t_tkr/ Frame DEB4 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=r&pvid=3409479159525883826&pvt=1700299588345&plid=2521236318193655889&imp=3026408538004655441&rep_meta=wp0oTkO9jiLS7M397yo0MNNJIY2FplBJelJkJKX0j6lfrds6ZxfAs1nDhF0Udv24iHcWB0td7YNrEzGMF2Eh9KXI5lTIwPC-c9-_XHMKTB4gNbKfsetKqbDuZuDNeKdCesapgjWnbS1JzLTNTrW54qOeV2URqpH1Q34O-6kcVEWdTjVCryw9Q20Dnrr3lbRS7WACAjrYy5W8McjQP-DD69U7UX_CzIdWQB1zFgnQr5gBP4yfPmNgTst5lEblcY02NQlEQ5PukekAyLKWPxFpcb5Lum0WvccVS2cZVi3vg2PrR9B2ivpealeNsJaiAeYZasy1i8YjF-rhZrJI3qCCtps1JHt6XzrR43ZUSU-kz6aMzIk9Yoxae-kE1xXEZMJyjo3hiRCO-ZeHsPRFbRC6dw
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:29 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
gen_204
pagead2.googlesyndication.com/pagead/ Frame DEB4 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AWvlVFM2iHtQ3MW2DizMpCyn6Q5mQym81hASDKH6Dl38jasSZtulZOnw3fqJsqfyY4LSSdNoH5POabUFghi8psguAIWFx5cbeHLiTg_hSjkvZV_7w
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DEB4 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1832682424014107497&x=67&ct=76
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame DEB4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 14:28:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
68255
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 14:28:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame DEB4 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:24:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
101
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Dec 2023 09:24:48 GMT
l
www.google.com/ads/measurement/ Frame DEB4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTljojJY-PdNelGaY5hDNCqzyQKX3WGtu6UXwaIG9diBe-77TwDLWCYEIVv22nQickT-fFKOD9sO2F-0XGwrsmMuVVIhQ
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame DEB4 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:22:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
205430
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Nov 2024 00:22:39 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame DEB4 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 09:26:30 GMT
pixel
protected-by.clarium.io/ Frame DEB4 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hfgs1i8j&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYl8zXzFfYWQifX0%3D&cb=3967202&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.49.34.168 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-34-168.eu-north-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:29 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
ym.0.js
static.yieldmo.com/ Frame FD3A 		471 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/ym.0.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Xck034tCEhxPRJeQDbLy1jkP4sAxLMlx
content-encoding
br
via
1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
date
Sat, 18 Nov 2023 08:23:23 GMT
x-amz-cf-pop
FRA60-P5
age
4651
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 31 Oct 2023 14:12:13 GMT
server
AmazonS3
etag
W/"85b25619738a6e04dd868ea9b98ac8e4"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
private, max-age=1800
x-response-headers-policy
static-yieldmo-com_js_text
x-amz-cf-id
jhbLWGp3tYTZRdq7UmDmEqAeeFFAg_peMpp2U0uzRMduxzYaJ68fOw==
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7773 		281 B
167 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGOXS1voBMAE&v=APEucNUGUV6SeJ9kA3MLnFNWJNzA2QZE1I2vvaTxEKLKPC057OMRtu786wMLrnse4hV5zSH59VHtbKqpMgO2rC3sKpbpsQTEl7V3bRFj4wAoaqtLraw8_H0
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
a0f95dcad4811c2b85289326687f5e63764a1a24b5f8bd2d4ad59da3858f7992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
104
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 09:26:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame FD3A 		92 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
1f40994eab15b92af5183f9acf338e0354771054c65024e0aa679b6506f9eb87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32789
x-xss-protection
0
server
cafe
etag
17194431578830737671
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 09:26:30 GMT
ev
ads.yieldmo.com/v000/t_tkr/ Frame FD3A 		43 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3409479159559442991&pvt=1700299588349&plid=2521236318193655889&imp=8262271627682735842&rep_meta=21lvrm9ZWBMrxS0sW5t_NoqZvwci0Jd8LCvX42FNDpGxY47o75rCZvAfd6blbnNiSa85lumwb_R2My-5vaAtCaa0sVtRZ3RB67LGFp9CqnHC8XvTYpBWJzuNJhnwaiMpmnYTG1gZC3Br8Uz_2RMYtJ4QeBP0iz2gIVETz548fvilJ52kj_8sQJQwhCAcOI8mWx_xQP__dMfBFJKVDKr067vE7lmMOBVuuArEb-K1MZdld9PgpnA4KeGA6Un9XmgfXbC-l8fe7GyYWTL0VgqOcSwCwbYVAxxLMbH85gxtCZGP_huN-3Rorzaqgm6qoLaR5dcyoBPDS42qhx2dF4BQ_Z8wSQhRtNs82CkGTUQ5iELHqqP_OR8TwyXyaSZEeBkJK4PrFbm04H9SXGZOjLHwsw
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:30 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43
ev
ads.yieldmo.com/v000/t_tkr/ Frame FD3A 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=r&pvid=3409479159559442991&pvt=1700299588349&plid=2521236318193655889&imp=8262271627682735842&rep_meta=21lvrm9ZWBMrxS0sW5t_NoqZvwci0Jd8LCvX42FNDpGxY47o75rCZvAfd6blbnNiSa85lumwb_R2My-5vaAtCaa0sVtRZ3RB67LGFp9CqnHC8XvTYpBWJzuNJhnwaiMpmnYTG1gZC3Br8Uz_2RMYtJ4QeBP0iz2gIVETz548fvilJ52kj_8sQJQwhCAcOI8mWx_xQP__dMfBFJKVDKr067vE7lmMOBVuuArEb-K1MZdld9PgpnA4KeGA6Un9XmgfXbC-l8fe7GyYWTL0VgqOcSwCwbYVAxxLMbH85gxtCZGP_huN-3Rorzaqgm6qoLaR5dcyoBPDS42qhx2dF4BQ_Z8wSQhRtNs82CkGTUQ5iELHqqP_OR8TwyXyaSZEeBkJK4PrFbm04H9SXGZOjLHwsw
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:30 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
gen_204
pagead2.googlesyndication.com/pagead/ Frame FD3A 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AwRpEUZtjYbViwaBRqCDM9u6AmkBtrcKJ7uiBhw4K8s16drbd-nd2IXjI3j8xNX2nCTfiOvHZyeJnPkN6cBb_Q5KVHGus-WVJVyxYUdJdt5GBaTOA
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FD3A 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=18129275253088823558&x=67&ct=76
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame FD3A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 14:28:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
68256
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 14:28:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame FD3A 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:24:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
102
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Dec 2023 09:24:48 GMT
l
www.google.com/ads/measurement/ Frame FD3A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRSNTPlcaW0T63yStCLoAkH59_mREMCXlKKJpy6_hwaGFa9yG3O3da6lay55K_De2aiaX8w6OZKniwpc4WReQNfAzUssA
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame FD3A 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:22:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
205431
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Nov 2024 00:22:39 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame FD3A 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 09:26:30 GMT
pixel
protected-by.clarium.io/ Frame FD3A 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hfgs1ihi&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYl82XzFfYWQifX0%3D&cb=8580789&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.49.34.168 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-34-168.eu-north-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:30 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
ym.1.js
static.yieldmo.com/ Frame F7F0 		471 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/ym.1.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
NbkkeiEKbyQy0u3FDjr4KUZdjNHSllZV
content-encoding
br
via
1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
date
Sat, 18 Nov 2023 08:09:10 GMT
x-amz-cf-pop
FRA60-P5
age
76017
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 31 Oct 2023 14:12:13 GMT
server
AmazonS3
etag
W/"85b25619738a6e04dd868ea9b98ac8e4"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
private, max-age=1800
x-response-headers-policy
static-yieldmo-com_js_text
x-amz-cf-id
hf5YyR6xjhnd4eSw1LzUBRHlmt6drCNDM2sBpCPFZrU8UmR_fC44vQ==
pixel
googleads.g.doubleclick.net/xbbe/ Frame EEE0 		278 B
167 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGOXS1voBMAE&v=APEucNWLqJOKGvxTVVncG64Er8BsAlgkyLnw_mjbNgOXuakI4bxPlviphAQqlDR1GGNxxmKEAqlSazHLn7VNvPaAUgjZalr5uDbGhwqLf8ENO5puFLOLC2g
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
1a87985707fa8a2cd12b5d3879626eccd92c19372ed032b91a7c6f9ea00b6ea8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
104
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 09:26:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame F7F0 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 09:26:30 GMT
ev
ads.yieldmo.com/v000/t_tkr/ Frame F7F0 		43 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3409479159609775368&pvt=1700299588355&plid=2521236318193655889&imp=1597194828996417213&rep_meta=nnvbVSBf0xiPLz1TuRLkfws4Bpl7gyeOf1y443prV5bEBQFx_QEo9R-0blWx7Rs_4Hw96AVy-sp0SUvc7Dp62g_VVeBIQU1Ft99d6x45swylQ7z317kQ6EpWMU4ZixqjlbGDzB6mMbsLNZQTUn7Fo-EjjFBU2e--5SQ8so2z5Nd9sGOmSUBqWnRdlLG1tzAUjRkKMrIZdVMjxgyj48ddJqpZiz03xuRX9swu41EU3bXRUoeade7_mTfqRVOoWUy8jONr6tFE0JRYP2pAvEa2Q6Kr61hcYfoUcsEUiBrWqrtn35utJtM3_QXkjTFeErgbkEMFD_GCUNByqVaDR0xdvgIQt_U5XxOfSWh8nOUgsLMR7ScGdOhQSlFKFDUQec4d7Df5tgt2I1KTqu3DI73m9A
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:30 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43
ev
ads.yieldmo.com/v000/t_tkr/ Frame F7F0 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=r&pvid=3409479159609775368&pvt=1700299588355&plid=2521236318193655889&imp=1597194828996417213&rep_meta=nnvbVSBf0xiPLz1TuRLkfws4Bpl7gyeOf1y443prV5bEBQFx_QEo9R-0blWx7Rs_4Hw96AVy-sp0SUvc7Dp62g_VVeBIQU1Ft99d6x45swylQ7z317kQ6EpWMU4ZixqjlbGDzB6mMbsLNZQTUn7Fo-EjjFBU2e--5SQ8so2z5Nd9sGOmSUBqWnRdlLG1tzAUjRkKMrIZdVMjxgyj48ddJqpZiz03xuRX9swu41EU3bXRUoeade7_mTfqRVOoWUy8jONr6tFE0JRYP2pAvEa2Q6Kr61hcYfoUcsEUiBrWqrtn35utJtM3_QXkjTFeErgbkEMFD_GCUNByqVaDR0xdvgIQt_U5XxOfSWh8nOUgsLMR7ScGdOhQSlFKFDUQec4d7Df5tgt2I1KTqu3DI73m9A
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:30 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
gen_204
pagead2.googlesyndication.com/pagead/ Frame F7F0 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DxE4OfTTHJft1zEJW_1l0Nb_KluljICGNxwF1h-TsIkt9ZFILRy2AmAadon-YofJKs_gtkfgyzCf1SDGTjUwGuAOMyaf9xceeb8sJcGD67NmV4bow
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F7F0 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14211877173526102365&x=67&ct=76
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame F7F0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 14:28:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
68256
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 14:28:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame F7F0 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:24:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
102
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Dec 2023 09:24:48 GMT
l
www.google.com/ads/measurement/ Frame F7F0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRMosHc5GenQNbNosiVJX1OzQWLdSRWzEzg_PlaDF1BJhQrenRlYFAmO9f6eqDQ8lDa3VQAPVwuvS7T-d89X6WYxtdMsA
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F7F0 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:22:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
205431
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Nov 2024 00:22:39 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F7F0 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 09:26:30 GMT
pixel
protected-by.clarium.io/ Frame F7F0 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hfgs1imh&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYl8xMF8xX2FkIn19&cb=3844362&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.49.34.168 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-34-168.eu-north-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:30 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
log
protected-by.clarium.io/ Frame 6063 		0
0
log
protected-by.clarium.io/ Frame 6063 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://protected-by.clarium.io/log
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.49.34.168 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-34-168.eu-north-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 18 Nov 2023 09:26:30 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-max-age
access-control-allow-methods
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 6063 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CuX0dRINYZeWDEYSqgAfpn4qwD4f0kpBc6Oum6fUEwI23ARABIABg9YXKgdwEggEXY2EtcHViLTM5NDQ5NTQ4NjIzMTYyODPIAQngAgCoAwHIAwKqBIwCT9Cz_vNdA8Gi0ZXI9VmxaZD1RFGiW_WgCGcMK9phEd4iImOIszoFlx2gE8NEK9lzT9_BEjOuv6cGJQt0RMn1mK1_3Xt7Qf1smnlcPDboyW0ovQ9QPMfmaRhJmZMHMCrBzkmXrp9SU3Il0X0ZKyO3sbpheGxpNPXD0yWELx3vUq_5ShZG4fifEE_dCxAZltycaB7lb6WtSxYdbwNgIuLBjtmLJgrqAXxTVL_Nu_WGDREo8uDDFfLXlA8K0_e865FpC0SAg7nDgAaawfM0nY2En5yO8wGUNs2ES-gbyUKf22WSzUpuviqmWzd1sj39Oc18-bB5YqVzar1IhZmv0bah0b2GKCJ_h7jpR9O7q-AEAYAGj9C3wt2doosboAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKA_oLAggBgAwB4g0TCM-94cedzYIDFQQV4Aod6Y8C9tAVAYAXAbIXHAoaEhRwdWItMzk0NDk1NDg2MjMxNjI4MxiY2xA&sigh=NfbjId7X7Lw&uach_m=[UACH]&cid=CAQSPADICaaNFTCpOhp12i6Y9zNZV-x-CxCxII0XVk-eUL5tidpjlbvvAy_hg4bXugZItvTY_vbE8tHiGnfZ1BgB&tpd=AGWhJmtqKECFNnwcaQ8hRsiIuymceggCndX8_1xI2MMcnlBYFVFgbFPkc9xM95QTWvivrtrS8t5frZ0UDB3K6pONbh_oQI1W9OtFUW0quBx7bDumOZ4qHYLde13Yl7_J8Ml5o9FOacr3iX_RCWBZhnIXAbWDcfh_e2WvZ6_2wqP1d1PBLUSi9q4ZJEVppthzUm9y2oxILOL91kXnh4BrIAmE_82I-NkvRehWXBtd0r7w6emr0rMK-EJ-ADEy-vA6q7XGfwcWJRDlWCUOAMkEevTziGLCPV0rVc8REsGSKJIKD_m22F-ADnsv4f8tN3HkLLZ6tTPR1Ejsj6i-V4ja3RLnrPOW4unKuzwSrnxKoGG5R7ZH9-eeZmfDIgIIttZHm3KCY5ddMJ_hQH-vMbFGYUio3hojQFIcyxHWQGQzwmyQ5Xb0fvzfQyUJElFbAx0NnPAW2fHivL4-Ebx2WKvtnwOOicY5I4blBfZCBIct9pf7xzs81BeZqc8wR5hBMUgbH78EaLATeAfUdC9NL3uVia3r2htk3ljJ9fpbrvMWUT8J0JlhvY_QNMuyd9h0-MWx_RFDDqczNECOpgCVyHiHEC60Zb0K397pUwQcbPVcIhtaRQIb6G5z7L3ZB_aKA_EIORy-PE-Yn13ULXGl89BRD30Oz5sJo95AJhpis7bL7i0L0SUk6Pl8U6YhzB3zCXJrZ8lXyBnHoPSj0zQ-USw60ro3qM_0AqZNKdNgDhgcbT9qj8hsJHfedVg5b9MtMP2EHto
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ym.0.js
static.yieldmo.com/ Frame 6063 		471 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/ym.0.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Xck034tCEhxPRJeQDbLy1jkP4sAxLMlx
content-encoding
br
via
1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
date
Sat, 18 Nov 2023 08:23:23 GMT
x-amz-cf-pop
FRA60-P5
age
4651
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 31 Oct 2023 14:12:13 GMT
server
AmazonS3
etag
W/"85b25619738a6e04dd868ea9b98ac8e4"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
private, max-age=1800
x-response-headers-policy
static-yieldmo-com_js_text
x-amz-cf-id
Skd6JFEcZ9FPrGvggGVjwM1FyN1nnPbQSQZejBEmPli-EhBdcZBxAg==
/
track.adform.net/adfscript/ Frame 6063 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=67903448;rtbwp=806C8143FF24DF89;rtbdata=hr0tc4rGZKtBkPOZ4CyAqQiIR6h9G_dH0Qe5DpKDkTihj8DIp4vZlDRAlcaGQKf1KottOvZdx2ieJ9xSGafp5ZIohd0iHcHlq0I86wkOZ5r47_wGtAykz1_F168shqS56sztV9463nUK6FpHMkg1aJ9nofLwBviHe9hsTx5gWIzfHjlKoWIM7bxm-9bbr7k1GEbEH4l0xcnxR4cnqKPElcgoE-BgNjqVlLBmWJ6IOjRftqkaem0r5Z9rX14qzbssOf6xLZNG6FPuXFK4uqwgo614bYjQ2y0BC9fw_n_QWtWC4y3Pls7WAjaQopJ01OkwOuaDf_o-wm4gKQoJeufOeKIGF5b3gnf93_xcUB520rDSSFdHB1pKgTnba820HxKTEmBGrmdqXcmKpjMRdn3So8N4iOtIBxgX0;;OOBClickTrack=https://beacon-nf.rubiconproject.com/beacon/v3/t/fra2/0/7be6e088-f854-4d6f-ae55-35d46ebf8ca3/
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
44ecc66f68a78f1b410c9ea65e7fe807bce38569356a51b1557c6a274d6dc410
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1104
expires
-1
ev
ads.yieldmo.com/v000/t_tkr/ Frame 6063 		43 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3409479159551039566&pvt=1700299588348&plid=2521236318193655889&imp=7835065700266075432&rep_meta=67blbcalxOfIkrIcYn3ui1U9u3839e22pV5VMBdNUnN-VwCjfjc0yNfg-EvTCMk47twfGz9mH4QvGl_UVXtScq0X_AkOpaPWhF3e11YpXV1CJzPCOJKUFVf1a9CiRpqyLI1LdcRiM_l3diSpqTvm9N3zTPpv-80dxJfTmDDlzS9IW1OoKFAWoak_fyDnQmM50wD5rxozsiwy1gIq49qsbuvkMvIjJupJyFq8FnRG69M4aMhTH0Frs7FjMN3eitZ-d3z4i5LXbRv-r3dKgjL97tGAG_c74q-nJ1FKFB7dYo5zNsJU-k3zpXY9S8ZHABBevdwh9jOWjovxfYc7iqjfNRf2pPTtV-2_AtN_YQnSTEeVj5LadZuvnieTAlebLl-h
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:30 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43
ev
ads.yieldmo.com/v000/t_tkr/ Frame 6063 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=r&pvid=3409479159551039566&pvt=1700299588348&plid=2521236318193655889&imp=7835065700266075432&rep_meta=67blbcalxOfIkrIcYn3ui1U9u3839e22pV5VMBdNUnN-VwCjfjc0yNfg-EvTCMk47twfGz9mH4QvGl_UVXtScq0X_AkOpaPWhF3e11YpXV1CJzPCOJKUFVf1a9CiRpqyLI1LdcRiM_l3diSpqTvm9N3zTPpv-80dxJfTmDDlzS9IW1OoKFAWoak_fyDnQmM50wD5rxozsiwy1gIq49qsbuvkMvIjJupJyFq8FnRG69M4aMhTH0Frs7FjMN3eitZ-d3z4i5LXbRv-r3dKgjL97tGAG_c74q-nJ1FKFB7dYo5zNsJU-k3zpXY9S8ZHABBevdwh9jOWjovxfYc7iqjfNRf2pPTtV-2_AtN_YQnSTEeVj5LadZuvnieTAlebLl-h
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:30 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
/
track.adform.net/rtb/billing/ Frame 6063 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/rtb/billing/?bn=67903448&rtbwp=806C8143FF24DF89&rtbdata=hr0tc4rGZKtBkPOZ4CyAqQiIR6h9G_dH0Qe5DpKDkTihj8DIp4vZlDRAlcaGQKf1KottOvZdx2ieJ9xSGafp5ZIohd0iHcHlq0I86wkOZ5r47_wGtAykz1_F168shqS56sztV9463nUK6FpHMkg1aJ9nofLwBviHe9hsTx5gWIzfHjlKoWIM7bxm-9bbr7k1GEbEH4l0xcnxR4cnqKPElcgoE-BgNjqVlLBmWJ6IOjRftqkaem0r5Z9rX14qzbssOf6xLZNG6FPuXFK4uqwgo614bYjQ2y0BC9fw_n_QWtWC4y3Pls7WAjaQopJ01OkwOuaDf_o-wm4gKQoJeufOeKIGF5b3gnf93_xcUB520rDSSFdHB1pKgTnba820HxKTEmBGrmdqXcmKpjMRdn3So8N4iOtIBxgX0&winparams=wFicMMlWuulxURYYTdNpB4p9HM83XWaiy2nYn4UiJoNxC31HnPXspgsptvGhoNX88SToQFloQbO8U7EuhrBf8VX0b5KNHciw286-tUrNWNyoy-4otgeXJ66ULKRXfpdmXEDQ0DWF9WL0bDtFsQztHPV6eYhim5RemEtKXzSXnR-4f47lQKHAawroWkcySDVon2eh8vAG-IfZ03UjYHMsPA2
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:30 GMT
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
expires
-1
7be6e088-f854-4d6f-ae55-35d46ebf8ca3
beacon-fra2.rubiconproject.com/beacon/d/ Frame 6063 		43 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-fra2.rubiconproject.com/beacon/d/7be6e088-f854-4d6f-ae55-35d46ebf8ca3?oo=0&accountId=17070&siteId=157298&zoneId=749704&sizeId=2&e=6A1E40E384DA563BEC1CC788DC2CB33AE5773C6C5B4C71E86B6797D845BE59682D207BADE80E2CBB6CF185A4254B3451FD26845D400FBB25F65900B1955461D949502B63C4FD8D93603ADCF9E6B5CDA79178B5277F25D94A113E078FE25335AC2D71AE439E23C7A1EBCB9DDB564CD792FD681CACF1B4745596046CA728734E760016A0DE1D03D62B0F5D117150DC2F01CD9AD9F41429F2A391812DC46DE664A84BB750D97F700E7C882CE952253562964FEB35012ADA6A89D4405DBC96D2533DE82A954C1004678A
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.152 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:30 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
register
token.rubiconproject.com/ Frame 6063 		0
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/register?khaos=LP3UH2XF-I-LTSG
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6063 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 14:28:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
68256
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 14:28:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6063 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:24:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
102
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Dec 2023 09:24:48 GMT
l
www.google.com/ads/measurement/ Frame 6063 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTVBBe4OX8g3WQalzjBO3wJwaIOCraynUH0ALOJElSDB-IOKvN2oPmdqK-pEJuVMFTBC_-RMlNtx6pgo_X-Gz3GwOmXiA
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6063 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:22:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
205431
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Nov 2024 00:22:39 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 6063 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 09:26:30 GMT
pixel
protected-by.clarium.io/ Frame 6063 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hfgs1j02&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYl85XzFfYWQifSwiZHNwIjo3M30%3D&cb=1027409&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.49.34.168 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-34-168.eu-north-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:30 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
ym.1.js
static.yieldmo.com/ Frame C9B3 		471 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/ym.1.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
NbkkeiEKbyQy0u3FDjr4KUZdjNHSllZV
content-encoding
br
via
1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
date
Sat, 18 Nov 2023 08:09:10 GMT
x-amz-cf-pop
FRA60-P5
age
76018
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 31 Oct 2023 14:12:13 GMT
server
AmazonS3
etag
W/"85b25619738a6e04dd868ea9b98ac8e4"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
private, max-age=1800
x-response-headers-policy
static-yieldmo-com_js_text
x-amz-cf-id
CSnKSlGxLusE2_qb5GNkzZ1AYN2RHiYXSUWeudCaTFpxsDP2_lrV7A==
pixel
googleads.g.doubleclick.net/xbbe/ Frame 93FA 		684 B
308 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGOXS1voBMAE&v=APEucNUvhgIRcDireww9JybqCUQbz5hFKCh_FzGk9fetEg85grXXy-L7Bxanwx4qj0I353TyPWEMmBOCtEavFYLcSNBqLtpa0BLJ6Z8aGszfdRH1l8Jk7Uk
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
68e12a98552e1d10d74c35c38a6324b2ffc6e1b552ca386894875ee9b60ea169
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 09:26:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame C9B3 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 09:26:31 GMT
ev
ads.yieldmo.com/v000/t_tkr/ Frame C9B3 		43 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3409479159567851862&pvt=1700299588350&plid=2521236318193655889&imp=457930348028165939&rep_meta=2_rwIr9_sXif7kt92CAOOq8Oqj7G4DyQc73-bdqta64cpSZnpHwPrc0LmwHc2Ik_Fmle3_26D6FAFze967Ynd6k5bu5LKFRyRHP5xdln36t_l09GZz_yyt31R7czmVA66vAGt0ErEbLDJi49r9DWsjN7dlrCrv_Fsvx6N-A3GldcXzM8NvabHXyDrR_tClE9XhWex0SYt2ac7E3Jvj2STfPy9HWZE8gEQzFDLF2fjEopoqUNDaQ55IDkDg7Xybna5U8PDEiFws5t-XDO8Nd_aMGn3bFMLNTsHx0TVcql-DifWzap42bih-ZmaiZomiOprGw638t1yRHgEnWEqUw9M5zMJRR6EB0Fb_Ygao0gYF1z56MVjXpZsS7lLnbBOEj3KLftjZYLnys2gyvhevS-3A
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:31 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43
ev
ads.yieldmo.com/v000/t_tkr/ Frame C9B3 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=r&pvid=3409479159567851862&pvt=1700299588350&plid=2521236318193655889&imp=457930348028165939&rep_meta=2_rwIr9_sXif7kt92CAOOq8Oqj7G4DyQc73-bdqta64cpSZnpHwPrc0LmwHc2Ik_Fmle3_26D6FAFze967Ynd6k5bu5LKFRyRHP5xdln36t_l09GZz_yyt31R7czmVA66vAGt0ErEbLDJi49r9DWsjN7dlrCrv_Fsvx6N-A3GldcXzM8NvabHXyDrR_tClE9XhWex0SYt2ac7E3Jvj2STfPy9HWZE8gEQzFDLF2fjEopoqUNDaQ55IDkDg7Xybna5U8PDEiFws5t-XDO8Nd_aMGn3bFMLNTsHx0TVcql-DifWzap42bih-ZmaiZomiOprGw638t1yRHgEnWEqUw9M5zMJRR6EB0Fb_Ygao0gYF1z56MVjXpZsS7lLnbBOEj3KLftjZYLnys2gyvhevS-3A
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:31 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
gen_204
pagead2.googlesyndication.com/pagead/ Frame C9B3 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CZjMjTEFIxar3CMD-U5Ft2IhM2qC__KsCwT_wZ5GCW2uQOk9MJfd-vy_KBKNCwuapW2Ne1bltpkjSmIBuIw2DryZnMFA5hMqysT003eJXnpPWyNx4
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C9B3 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12428669718799270538&x=67&ct=76
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C9B3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 14:28:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
68257
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 14:28:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C9B3 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:24:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
103
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Dec 2023 09:24:48 GMT
l
www.google.com/ads/measurement/ Frame C9B3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ0XwIpPuQnGT31hbCFPoD7wXLWnUstH9VHTZSfGKztFOO7AeYgyYaLaRXU-VFtJh6KwIiqsqlnPcIQhIvT0Pvj67f-nA
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C9B3 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:22:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
205432
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Nov 2024 00:22:39 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C9B3 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 09:26:31 GMT
pixel
protected-by.clarium.io/ Frame C9B3 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hfgs1j58&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYl80XzFfYWQifX0%3D&cb=7482459&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.49.34.168 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-34-168.eu-north-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:31 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
ym.0.js
static.yieldmo.com/ Frame 6391 		471 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/ym.0.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Xck034tCEhxPRJeQDbLy1jkP4sAxLMlx
content-encoding
br
via
1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
date
Sat, 18 Nov 2023 08:23:23 GMT
x-amz-cf-pop
FRA60-P5
age
4652
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 31 Oct 2023 14:12:13 GMT
server
AmazonS3
etag
W/"85b25619738a6e04dd868ea9b98ac8e4"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
private, max-age=1800
x-response-headers-policy
static-yieldmo-com_js_text
x-amz-cf-id
axU8046BZij4aRxivLEGHNc884ulO37qel8ZsDb_-KWsojdip4_1SQ==
pixel
googleads.g.doubleclick.net/xbbe/ Frame A143 		511 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGOXS1voBMAE&v=APEucNXDMjfm7qx0706so6P1faVquYfujxA2gQP12GrWiJmRKHScFMprymUE_xigDnGLWSqUv6M0EHZePF7jywAJIMi4P_5M3xEoYp_WXAW6qNf8gOgH5W4
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
b9c77b52464985c96557e8d7c3030b01e75ca95174764105a9251401f74e08d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 09:26:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 6391 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 09:26:31 GMT
ev
ads.yieldmo.com/v000/t_tkr/ Frame 6391 		43 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3409479159727219652&pvt=1700299588369&plid=2521236318193655889&imp=5806630140544576432&rep_meta=iJ1LvrXG10yYbB59D0hj_93zo-GBG5FhjtI4Z73Eg2bt7v-KnD3O6D0IoQkRTxsB8KfEmx24wrCy99bwhud0aL-Zd9FdB1oNTwZw5CFNyFAoDMNIcM_iefuv5Cw8QnV5Hs4AH6pIIHpUCnUVw_k3nACGy2pyF9vKFV0eUg2Us9WjtdP3Tlcl4fpu9_9B4LFyeRvSkkuptKbCb-_49jqX3DhgX1gXNsCfdCrteC_ZgUqKSYpIGTY0Nqk_6tZj-HhNGYNc52PYi5BBdrhcwq_lya2XeZWZ9LylqqU4bekkmQ3_xFZRy2GX9fDaYlnMQ-1YZJ5R1S8eisUF_Wk-UaTUx5EwcZOS77qR13sgAbNrYS_CJbvoTA_1QawWAvM-rhakq2Dkuhx7iLt7uNXEIQrILQ
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:31 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43
ev
ads.yieldmo.com/v000/t_tkr/ Frame 6391 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=r&pvid=3409479159727219652&pvt=1700299588369&plid=2521236318193655889&imp=5806630140544576432&rep_meta=iJ1LvrXG10yYbB59D0hj_93zo-GBG5FhjtI4Z73Eg2bt7v-KnD3O6D0IoQkRTxsB8KfEmx24wrCy99bwhud0aL-Zd9FdB1oNTwZw5CFNyFAoDMNIcM_iefuv5Cw8QnV5Hs4AH6pIIHpUCnUVw_k3nACGy2pyF9vKFV0eUg2Us9WjtdP3Tlcl4fpu9_9B4LFyeRvSkkuptKbCb-_49jqX3DhgX1gXNsCfdCrteC_ZgUqKSYpIGTY0Nqk_6tZj-HhNGYNc52PYi5BBdrhcwq_lya2XeZWZ9LylqqU4bekkmQ3_xFZRy2GX9fDaYlnMQ-1YZJ5R1S8eisUF_Wk-UaTUx5EwcZOS77qR13sgAbNrYS_CJbvoTA_1QawWAvM-rhakq2Dkuhx7iLt7uNXEIQrILQ
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:31 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6391 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B1ZPBC7MQhbiE0Dnwv0DWOd0AJ_xrOIgGUFbSc1hv5PP-3nvIee1UKrFaCNuzywAhGwmlrrtZhCYqJiz2Bvp7FhsJyongKw5vEBTAoIPjsqcMH8hs
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6391 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5306489620349901639&x=67&ct=76
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6391 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 14:28:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
68257
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 14:28:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6391 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:24:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
103
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Dec 2023 09:24:48 GMT
l
www.google.com/ads/measurement/ Frame 6391 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTRL8Q9vgMfdjNOqTac3ocea8a-bFwWZ9Rc0c98mhehJbjqYIbsdYe_BfGULkQmeLflgnWGXNlAWrTI6UZZJWqbUBklog
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6391 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:22:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
205432
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Nov 2024 00:22:39 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 6391 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 09:26:31 GMT
pixel
protected-by.clarium.io/ Frame 6391 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hfgs1j9d&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYl84XzFfYWQifX0%3D&cb=3233303&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.49.34.168 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-34-168.eu-north-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:31 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
json
gum.criteo.com/sid/ Frame 9246 		422 B
555 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertagids&domain=folkd.com&sn=ChromeSyncframe&so=0&topUrl=folkd.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=folkd.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
84d5a19c33c97c3c9f15c06922e09fc158b5888195afafd4d7461ec6edead15b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=folkd.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:30 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2112909
expires
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1F4A 		640 B
305 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiZyYjGATAB&v=APEucNXFQzo8fe-9aiSKUxQS03VldIi5qQKspew5UQfEQZDGBZD2reM7xQkZW47vZ5vdNabEdBOwH8fYWMkPGVuQbedIZnFIow
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 09:26:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame C48E 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 09:26:31 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C48E 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AqUKMBXS9Ol0s16B6Peclla0gVd8IQPV9DaQTPq_-sDoK69NXM6ztoLrKmxU-oUyxw5l6sB8YbKMveFjw-CJhOC0QkXToFTXbqxXDyprXvGXjKMSU
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C48E 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1507710450055739933&x=1&ct=77
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C48E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 14:28:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
68257
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 14:28:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C48E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:24:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
103
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Dec 2023 09:24:48 GMT
l
www.google.com/ads/measurement/ Frame C48E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRNFbLMPvblVjzCWAV89gQFqeALLUUB_OaKXu9-ObNzJk4MQj8_AndU5w6X5OKiPuq7xREt6gK-Nbr_is1dxbWp-aytAA
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C48E 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 09:26:31 GMT
pixel
protected-by.clarium.io/ Frame C48E 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6NzI4eDkw&v=5&s=v31hfgs1jfs&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYl81XzFfYWQifX0%3D&cb=8595971&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZOekk0ZURrdyIsIndkIjp7Im8iOjIzNjcyNTUwMTAsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.49.34.168 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-34-168.eu-north-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:31 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 69D3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESEED6INo9-3DJ-dWeBXvuZx0&google_cver=1
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEED6INo9-3DJ-dWeBXvuZx0&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=70c99497079bc5780b34933ab779e2bb&uid=70c99497079bc5780b34933ab779e...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGOXS1voBMAE&v=APEucNUhp3iJKyaK9BHAqRIe5CrQy8Aj0QgRknqoO111E4GaqlEz1kn_bCkgyrSV3mbFl5kQ5jrnkWTUScH9VxVQCSYzf7O29G-Kg9C1f0U0dcS_MHRC1aU
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:32 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 09:26:31 GMT
Last-Modified
Sat, 18 Nov 2023 09:26:31 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Cache-Control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection
keep-alive
Expires
Mon, 28 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 69D3 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGOXS1voBMAE&v=APEucNUhp3iJKyaK9BHAqRIe5CrQy8Aj0QgRknqoO111E4GaqlEz1kn_bCkgyrSV3mbFl5kQ5jrnkWTUScH9VxVQCSYzf7O29G-Kg9C1f0U0dcS_MHRC1aU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 7773
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESEED6INo9-3DJ-dWeBXvuZx0&google_cver=1
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEED6INo9-3DJ-dWeBXvuZx0&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=70c99497079bc5780b34933ab779e2bb&uid=70c99497079bc5780b34933ab779e...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGOXS1voBMAE&v=APEucNUGUV6SeJ9kA3MLnFNWJNzA2QZE1I2vvaTxEKLKPC057OMRtu786wMLrnse4hV5zSH59VHtbKqpMgO2rC3sKpbpsQTEl7V3bRFj4wAoaqtLraw8_H0
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:32 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 09:26:31 GMT
Last-Modified
Sat, 18 Nov 2023 09:26:31 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Cache-Control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection
keep-alive
Expires
Mon, 28 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7773 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGOXS1voBMAE&v=APEucNUGUV6SeJ9kA3MLnFNWJNzA2QZE1I2vvaTxEKLKPC057OMRtu786wMLrnse4hV5zSH59VHtbKqpMgO2rC3sKpbpsQTEl7V3bRFj4wAoaqtLraw8_H0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ad.sxp.smartclip.net/ Frame EEE0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm&gdpr=0
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEEo6ERVL2ClrvEeYd1EMHV4&gdpr=0&google_cver=1
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEEo6ERVL2ClrvEeYd1EMHV4&gdpr=0&google_cver=1&ang_testid=1
42 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEEo6ERVL2ClrvEeYd1EMHV4&gdpr=0&google_cver=1&ang_testid=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGOXS1voBMAE&v=APEucNWLqJOKGvxTVVncG64Er8BsAlgkyLnw_mjbNgOXuakI4bxPlviphAQqlDR1GGNxxmKEAqlSazHLn7VNvPaAUgjZalr5uDbGhwqLf8ENO5puFLOLC2g
Protocol
H2
Server
35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.194.186.35.bc.googleusercontent.com
Software
openresty/1.19.9.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:31 GMT
via
1.1 google
server
openresty/1.19.9.1
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sat, 18 Nov 2023 09:26:31 GMT
via
1.1 google
server
openresty/1.19.9.1
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEEo6ERVL2ClrvEeYd1EMHV4&gdpr=0&google_cver=1&ang_testid=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
m
ad.yieldlab.net/ Frame EEE0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm&gdpr=0
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEHQ9KRGYAgPpDbxWcssOSeI&google_cver=1&gdpr=0
0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEHQ9KRGYAgPpDbxWcssOSeI&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGOXS1voBMAE&v=APEucNWLqJOKGvxTVVncG64Er8BsAlgkyLnw_mjbNgOXuakI4bxPlviphAQqlDR1GGNxxmKEAqlSazHLn7VNvPaAUgjZalr5uDbGhwqLf8ENO5puFLOLC2g
Protocol
HTTP/1.1
Server
23.32.185.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-192.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 09:26:31 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Fri, 17 Nov 2023 09:26:31 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEHQ9KRGYAgPpDbxWcssOSeI&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
299
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		59 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4076639824696142&correlator=1264474778502348&eid=31079673%2C31079657%2C31079527%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDS.B&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C160x600%7C300x600&ifi=12&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie=ID%3Df6676ae0cc69b546%3AT%3D1700299586%3ART%3D1700299586%3AS%3DALNI_Mb_8Yh8MnZHce-l5TVMb7fI6XRqOQ&gpic=UID%3D00000ccb8be8a1b0%3AT%3D1700299586%3ART%3D1700299586%3AS%3DALNI_Mb_FBPpqCanBhi_O_G1TpevmZthKQ&abxe=1&dt=1700299591244&lmt=1700299591&adxs=1140&adys=459&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&rumc=4076639824696142&rume=1&vis=1&psz=300x-1&msz=300x-1&fws=516&ohw=300&psts=AOrYGsnPlnkquG54sxLdFdENYCEzSjAthvPN7qkcwxPkI2YN%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1211143656.1700299585&ga_sid=1700299586&ga_hid=399394579&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABjjhYOOvjFIABI7CgpwdWJjaWQub3JnEiRjYzAxNzQzZi1iYzgyLTQxNTItYWJmNy1kOTM0M2NiODM3NTQYufWCjr4xSAASHQoOZXNwLmNyaXRlby5jb20Y4POCjr4xSABSAghkEq4BCghydGJob3VzZRKYAXJ0aHJSQkpoU2dDSENwOHdTUU16b0ZRcE1CWEZLbUJjKzU2ZFpBZHZJU296bzNkOHh6WENxSkRaSE1iV2FLK0Zsc24zbTVTT21Xa2lWY2dOcnJZRHM4S3pGaUNnejVVMGcrUFJneG10L2xNb3RNVlFUWGlZM2dvQjFIV08yVzErNUZXR3AzWFNJcmRXYWh3MktQL1JCQT09GNuPg46-MUgAEhQKBW9wZW54GKKFg46-MUgAUgIIbxIZCgp1aWRhcGkuY29tGOHzgo6-MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YoIqDjr4xSABSAghq&dlt=1700299583262&idt=1106&prev_scp=pos%3D2%26monu%3D300x250-160x600-300x600_B2%26slotNum%3D1%26placementNum%3D1%26allowNative%3Dfalse%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D9_ZH_notchrome%26browser_hour_refresh%3Dundefined_9_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dfalse%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=663577002&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
fa27c226f5eceab25cfffdf9a508044be7c9cbc7df91a3beea7d2dd9bb53140a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:31 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
121759
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24273
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
445089
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://folkd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ym.2.js
static.yieldmo.com/ Frame A740 		471 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/ym.2.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
NmPizok8zt2Bk2_G.9mKxQVulI9oNAbX
content-encoding
br
via
1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
date
Fri, 17 Nov 2023 14:51:15 GMT
x-amz-cf-pop
FRA60-P5
age
66917
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 31 Oct 2023 14:12:13 GMT
server
AmazonS3
etag
W/"85b25619738a6e04dd868ea9b98ac8e4"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
private, max-age=1800
x-response-headers-policy
static-yieldmo-com_js_text
x-amz-cf-id
hgx23DE_NUclFEilQdsGki7DtG_jr6Qky60G3b9xBjj5f4QUH17w4g==
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0E41 		581 B
328 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGJriivoBMAE&v=APEucNUVoi76mDDHo7QFi9cpSC19AGpTaKbBt7YyINgdNNH9iT3AdjA1pZ5TwaSiuHNtyFGqoqTivuqv73ddUDxxqsM-g3FAp0dwdxh0gKsHtvohmCRGh0E
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
a1aca13a5b24687b2213a2a9d87cbd7f140a6eb4d4db480d4867a81a433813b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
262
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 09:26:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame A740 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 09:26:31 GMT
ev
ads.yieldmo.com/v000/t_tkr/ Frame A740 		43 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3409479159542676851&pvt=1700299588347&plid=2521236318193655889&imp=8278525682067731030&rep_meta=DpuWrUB5uqNskCOgZkDMrB4ufl-bXbP9Q5yy0s-f2GWMnsK51fqatA662olLlralZKacJIBwjGe4Fix1Cz_CvvElBkor2v-vwSA_amM1O7iv2zo6DBwrUS9lcsXKWPfBeYD8e5tGtGooxX0XwyOvGIexJBpemk-2Pl-Kd3pVdNv8Ysm_vftcO5DE4X8-cZynXD5FoxCmLWmMKli816150mmv2psG5lrI0BYFFHTF5mS6DXuZyqxedIk6YgkHf7iXG2eMAZ1oq1sIkylOS4q6b-LTR_i9kqD_klpFRGKMZWUmmgctIWRSyRGxgfucdorJh9s0RqK48tIbXbVglHB1WpwLNVamdn60OfsUYaA7FXoVl6cKzLSaMdHfq4SeBLQJ
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:31 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43
ev
ads.yieldmo.com/v000/t_tkr/ Frame A740 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=r&pvid=3409479159542676851&pvt=1700299588347&plid=2521236318193655889&imp=8278525682067731030&rep_meta=DpuWrUB5uqNskCOgZkDMrB4ufl-bXbP9Q5yy0s-f2GWMnsK51fqatA662olLlralZKacJIBwjGe4Fix1Cz_CvvElBkor2v-vwSA_amM1O7iv2zo6DBwrUS9lcsXKWPfBeYD8e5tGtGooxX0XwyOvGIexJBpemk-2Pl-Kd3pVdNv8Ysm_vftcO5DE4X8-cZynXD5FoxCmLWmMKli816150mmv2psG5lrI0BYFFHTF5mS6DXuZyqxedIk6YgkHf7iXG2eMAZ1oq1sIkylOS4q6b-LTR_i9kqD_klpFRGKMZWUmmgctIWRSyRGxgfucdorJh9s0RqK48tIbXbVglHB1WpwLNVamdn60OfsUYaA7FXoVl6cKzLSaMdHfq4SeBLQJ
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:31 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
gen_204
pagead2.googlesyndication.com/pagead/ Frame A740 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DQmPf9WxTDAS4k6FqakYmrtY-dN2redjlGsIE22SXQj3EamAY-RVBbTPioejjWGkFGUCY8fDlAj6M76PxeSDYxFG-bCkgISqMAzwzftNd-cUhoRYg
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A740 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11716939986703928695&x=8&ct=76
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
79b4ddc9-188a-48b2-b44c-f7301acc49d1
beacon-ams3.rubiconproject.com/beacon/d/ Frame A740 		43 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/79b4ddc9-188a-48b2-b44c-f7301acc49d1?oo=0&accountId=17070&siteId=157298&zoneId=749704&sizeId=2&e=6A1E40E384DA563B975C1FB7CF93D94E74813179417212976DD2E3A66BF61F27A5ADDE54F8DFB2A47B5B15D1C01EBF797B64F388DB70D0E9455B25074224A4246EF1EDC25ECECF7CF8F661001DCDF06151C859FBFEAA0DA102C9B03866D4275A979D2530BD56A61DB7E81FD5AEE1A7AE58B19A78D077B17F87DE30C9D87AB7890D0FC5720B6414D736F2E3902B89069556FC751508DD80C91512AF8D8D5BB90F7A18A7D994CAE091341BC2F8AF259F7E047D15B34442037946E0C338056D8A9A
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.67 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:31 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
register
token.rubiconproject.com/ Frame A740 		0
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/register?khaos=LP3UH2XH-15-GTN6
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame A740 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 14:28:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
68257
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 14:28:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame A740 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:24:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
103
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Dec 2023 09:24:48 GMT
l
www.google.com/ads/measurement/ Frame A740 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSNjxjO2tHBM0b5sWjebzliwVerHtx-ufR34OQUhno6ZN4QeYqbETRklkCFILT-DVOwwNfdF67O6jqor8GwJrmIcEPN4g
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A740 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:22:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
205432
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Nov 2024 00:22:39 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame A740 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 09:26:31 GMT
pixel
protected-by.clarium.io/ Frame A740 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hfgs1jns&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYl8yXzFfYWQifX0%3D&cb=6950018&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.49.34.168 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-34-168.eu-north-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:31 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
bootstrap.js
s1.adform.net/stoat/630/s1.adform.net/ Frame B063 		37 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c9b3df2175f6b51e8c7ca74de67d096dad198f28de115078f9332fa3fb379ab5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:31 GMT
content-encoding
gzip
last-modified
Fri, 17 Nov 2023 10:42:02 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sat, 18 Nov 2023 15:27:20 GMT
rid
matchadsrvr.yieldmo.com/track/ Frame B063 		49 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:33 GMT
via
1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
last-modified
Mon, 08 May 2023 12:52:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"674119d7f4205900ae84d7ee55ced021"
vary
Origin
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
x-cache
Error from cloudfront
access-control-allow-credentials
true
content-length
49
x-amz-cf-id
gujxsjMacD2kp1gcfMk3qRt4P0V8YJYks3eF8GqkdRpn2DUBSoPirg==
/
kinesis.us-east-1.amazonaws.com/ Frame B063 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
1226b33d464b11a65c26bd6670be3cf1d1ff966b2a4df1d76a11ad5573e07038

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=53a774bc4dcec4d85b39a77551cd1c4da3416e94d29b056c8c094f1ea3b31d1c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
55604ec540b4fbeb36742dba0efc01e6449c76b78d55aa8e45e23b54b0d55f9b
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092631Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:32 GMT
x-amzn-RequestId
f6312b20-224c-69d2-abe3-aea8379a86d9
Content-Length
133
x-amz-id-2
ZXVyOsjMFBRVG7qnmTG+9Bj2jiO9tLnrrojmnzgtX+TNOkm+bMQTumxNuNXi2s1XIfke5LIbpBq8PJS1gE+owYu8mVlJNtON
Content-Type
application/x-amz-json-1.1
ymcas
ads.yieldmo.com/ Frame 22BE 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1bb97dd60016de95a8169a1c84586724bebe58a03649b506aba1987a932a4466

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Sat, 18 Nov 2023 09:26:31 GMT
pragma
no-cache
vary
accept-encoding
/
kinesis.us-east-1.amazonaws.com/ Frame B063 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
3633901d9d73355d7ba291d8bb97b3a246ba6401ae6f43c9eb1b00e62a690adc

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=17f12f2bbb8ae8ff36a58e0334cd12b547536d6c6367976895d0f8ed0e87ecbe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
932e73ea4c3efa945d28555de6d9d2a3e611e89c49ecfaa4a4d1fe0712686b2c
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092631Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:32 GMT
x-amzn-RequestId
fe081af7-300c-994d-a3da-9f7fbd9f5e12
Content-Length
133
x-amz-id-2
8UTYFoSZotN9WXFe+sBtNULGQFT3RaLW6w7mMVi2+/moBwYvJYDoCFU5vZe7UpOAHYOBnA/wmkaGXj3C5gMWsqBCEQQ11quC
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame B063 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=0&fver=90&imp=6114423632850686324&plid=2521236318193655889&pvid=3409479147974783662&fmtid=90&e=16&offsetX=0&offsetY=0&pvt=1700299586968&stime=1700299591637&etime=1700299591637&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=90%2C728
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:31 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:31 GMT
x-amzn-RequestId
f719fe27-9133-0e1b-aacb-7ba0e10d1e91
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:31 GMT
x-amzn-RequestId
e4c18670-f206-fd46-b913-03f7286e2c6c
rid
matchadsrvr.yieldmo.com/track/ Frame FD3A 		49 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:33 GMT
via
1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
last-modified
Mon, 08 May 2023 12:52:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"674119d7f4205900ae84d7ee55ced021"
vary
Origin
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
x-cache
Error from cloudfront
access-control-allow-credentials
true
content-length
49
x-amz-cf-id
1qqpLZs5u_q0t8SGZGII0cpr04fM8wVzXUqn4C5b8MY4LfU-hFzfCQ==
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:32 GMT
x-amzn-RequestId
c471da2b-f5e5-a02e-99a3-5fa32f8d7104
/
kinesis.us-east-1.amazonaws.com/ Frame FD3A 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
b76e63b9195ee247c97ed104aa7dd4e83a8afafc2dddf252e8bc91b5cbaa5f21

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=72294c69cc0e7948762e52282aff2cdbfcf766e8ba37d4999ac9bd17424f60d7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
35ab22c3a6b954b48530a3ee05777b4bb5754c54bbdfcec3e317c2c4d468cdfe
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092631Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:32 GMT
x-amzn-RequestId
ed58596c-9e8e-cf48-b08a-dce448ad61e3
Content-Length
133
x-amz-id-2
y2NthiT3GMDRBDqzqnG3QX29C778t+cFiBWHvex8rZ9AIA2QFDZKlz3C5u70Rj/33bjAx5YjELeqxNVdZ97TJfjQoRjadA8N
Content-Type
application/x-amz-json-1.1
ymcas
ads.yieldmo.com/ Frame DA06 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
date
Sat, 18 Nov 2023 09:26:31 GMT
pragma
no-cache
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:32 GMT
x-amzn-RequestId
f756c72b-60b8-746f-aa84-42a3108664e5
/
kinesis.us-east-1.amazonaws.com/ Frame FD3A 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
6e90ce9f36bdb6893c0adf22eb844062cf9966f1c9d1bc2a209fa1a193548972

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=f08d9750e98c3334607e5db1b5f8345ff5a2d32c758cfc367e076a29132d856c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
5fe49bd20c22a938f45c08c93de7df27f531f59c7a5013d1b91113616f3695eb
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092631Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:32 GMT
x-amzn-RequestId
e7ae7c2f-f5d3-cf30-ba7c-f9a72fbb1e1a
Content-Length
133
x-amz-id-2
yyAqefNqHPhu8BJGgIzbnGXdEpJw+f6JwJDTJVE515/CZg1oG90PmvBEfgVkUPyoK1KWxQsBp8yMCSXVskcb2vWD1DKiDJsS
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame FD3A 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=0&fver=90&imp=8262271627682735842&plid=2521236318193655889&pvid=3409479159559442991&fmtid=90&e=16&offsetX=0&offsetY=0&pvt=1700299588349&stime=1700299591784&etime=1700299591785&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=90%2C728
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:31 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
rid
matchadsrvr.yieldmo.com/track/ Frame DEB4 		49 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:33 GMT
via
1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
last-modified
Mon, 08 May 2023 12:52:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"674119d7f4205900ae84d7ee55ced021"
vary
Origin
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
x-cache
Error from cloudfront
access-control-allow-credentials
true
content-length
49
x-amz-cf-id
kbkCnOYv3wobzMFfu9e93LICTCfKtzgN_q3hQNPkR9KgDZQ0esy2cg==
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:32 GMT
x-amzn-RequestId
fb23272e-2135-1d4d-a6f1-a2a6f10e222e
/
kinesis.us-east-1.amazonaws.com/ Frame DEB4 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
82cdf6256a99f6ad20720f85809e640d20fd45dcb474d1e6a230b90961121f80

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=bc474e2514cee690d6a82cd2c22580146dfc5fa728495d66a621eebd019fba2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
1c09cababc8241b8fe9a0f5028770c7dae6d7bbf701f2d14f86ff7d6c3b8d9a2
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092631Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:32 GMT
x-amzn-RequestId
d2ec6321-5b51-d983-8f3e-e6a9813908a9
Content-Length
133
x-amz-id-2
x0fJenipIPqPHEnvEcZqyw7mIwalHSKIwQYvBD+aBV5SkBv3rkwD6gC5vBNJ2t1SyFQZcYSYo1TKz174OlsRCZSQz/KTkjDV
Content-Type
application/x-amz-json-1.1
ymcas
ads.yieldmo.com/ Frame C68C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
date
Sat, 18 Nov 2023 09:26:31 GMT
pragma
no-cache
/
kinesis.us-east-1.amazonaws.com/ Frame DEB4 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
65fa365e0f8b9839c5933a2cd3552a00769d83f00ea7f78de4bc95c6a14056c7

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=2138dd76fe696cdd520d11abf6e2404925a251f66e9e0b91510c9cf3ca50dfc6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
e8ec4366949c939da4fc8466a9d776ceaf8cac8dd963bdaaf75e757b661842d6
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092631Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:32 GMT
x-amzn-RequestId
d8399170-98f7-7512-85eb-14f848cc4a71
Content-Length
133
x-amz-id-2
Qqt/PlziTo0eYxwImEbLR+lqwfjJFbqPf+D3b2cSY7FFaB2Vjgc4ewTkWNnPys9zQ/vUDDupQB2A1xPODkNLeSk8jj+JmnQc
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame DEB4 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=0&fver=90&imp=3026408538004655441&plid=2521236318193655889&pvid=3409479159525883826&fmtid=90&e=16&offsetX=0&offsetY=0&pvt=1700299588345&stime=1700299591891&etime=1700299591891&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=90%2C728
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:31 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:32 GMT
x-amzn-RequestId
e778ef11-b4ff-6075-baaa-6a99396ca72a
rid
matchadsrvr.yieldmo.com/track/ Frame F7F0 		49 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:33 GMT
via
1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
last-modified
Mon, 08 May 2023 12:52:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"674119d7f4205900ae84d7ee55ced021"
vary
Origin
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
x-cache
Error from cloudfront
access-control-allow-credentials
true
content-length
49
x-amz-cf-id
9uG3fEK6qzYZrC6u84l3LC40Vu9pdztDP0tI5Nl-GApD7g7ZeL8O3Q==
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:32 GMT
x-amzn-RequestId
de38ad8e-7627-537c-83ea-280663f1bc77
/
kinesis.us-east-1.amazonaws.com/ Frame F7F0 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
eb5a0c3f279524a8dd12e8abf5c95be423b17940fd33698aebbc5d3f7ac2e8e5

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=284359d6ad497ec38ba9c8eb904a18b38a53b4b76c814110210725b0cc741e82
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
0667a9112d526657859959ebda76f6e13e01aa13ee9d10ed5af970c14b05544c
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092631Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:32 GMT
x-amzn-RequestId
c920313a-6233-1b35-94f2-b4b2efa0dc6a
Content-Length
133
x-amz-id-2
vyQKfpQj4pg5pP8rgJ9UodRFxv+i0Fs/Xwyy6ib+usxCGcS0YI/BwyrtUAFqijdE1GbqmdM+avpEwIgOesOrHD4CrZNcFEhg
Content-Type
application/x-amz-json-1.1
ymcas
ads.yieldmo.com/ Frame 4D35 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
date
Sat, 18 Nov 2023 09:26:31 GMT
pragma
no-cache
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:32 GMT
x-amzn-RequestId
f0257354-f58e-c683-adf7-f6dc23ad6828
/
kinesis.us-east-1.amazonaws.com/ Frame F7F0 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
f4e321b188b9070939392700406a44cea39450b56a921c408fc71010652899af

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=bb912b6851f688e7495824c8ba6f4e14b0b053721f14811182ecd4373856c49e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
89c2667cee1c7d0541d14999708b58665df7662440948ae1dbbde71829a82fb7
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092631Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:32 GMT
x-amzn-RequestId
ff62ad61-6e79-25c0-a2b0-28e97bafcacb
Content-Length
133
x-amz-id-2
E8IMljn/IzhGhmV91IDAPyDug6Ib03evwG0IwZ6betLzT1HJaMRwj/uRyIr+uwxfBDzh2M0UPbu1IuOJbQ91zUBpLNhOPhuL
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame F7F0 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=0&fver=90&imp=1597194828996417213&plid=2521236318193655889&pvid=3409479159609775368&fmtid=90&e=16&offsetX=0&offsetY=0&pvt=1700299588355&stime=1700299591945&etime=1700299591945&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=90%2C728
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:31 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
rid
matchadsrvr.yieldmo.com/track/ Frame 6063 		49 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:33 GMT
via
1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
last-modified
Mon, 08 May 2023 12:52:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"674119d7f4205900ae84d7ee55ced021"
vary
Origin
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
x-cache
Error from cloudfront
access-control-allow-credentials
true
content-length
49
x-amz-cf-id
UzKTZveVLZBQ2m60XcW5aD6lXFeWU6awOY09AEQ5tZu87gt6aiuPXA==
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:32 GMT
x-amzn-RequestId
eccb63d1-a9d7-a3d0-b119-e65973bf72fa
/
kinesis.us-east-1.amazonaws.com/ Frame 6063 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
3f1434713cc9a02f37a27819793d64f704cea094f8fd400044d75b0c2ed12094

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=97340d0bab34665e634ce21340c47008d3446a30a3b765d9ec9e0fd08a40a9f3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
829e2ea9e3f0f139d1ff141ee8009bb7bfbc83645ce45d4950d490abc663fbe9
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092631Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:32 GMT
x-amzn-RequestId
f35fb1fc-c71b-3ff5-ae8d-34741138915e
Content-Length
133
x-amz-id-2
wCwW+PqMod4zOfvZpekaDj5ZYprKihpOlVCtyaN24eV61WQNqBJTCGRZ/YDtK11+vBhdmLAiNVpJJprSOv+SnEy4DU51y1YE
Content-Type
application/x-amz-json-1.1
ymcas
ads.yieldmo.com/ Frame F81D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
date
Sat, 18 Nov 2023 09:26:32 GMT
pragma
no-cache
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:32 GMT
x-amzn-RequestId
f0656973-2ed7-e9ea-adb7-ecfb5ee9f960
/
kinesis.us-east-1.amazonaws.com/ Frame 6063 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
1f0921a5c3540ef04de89142791e9b85306579df18e65d2767f41b37959966ed

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=14d88b65714624c3812dd787bc42946cb1d019e39fd2b286f06535f9e19c72f0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
c964e4b99a8ecb478c3ae4513ca531e192f93eab307b024cf948e7930a104fb4
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092632Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:32 GMT
x-amzn-RequestId
cfea06c6-a395-23eb-9238-834ed3ab3361
Content-Length
133
x-amz-id-2
XtuggoXojNOWMqWWkTboJcqwl1XMSLFESfZmmFdfjInq33Vr7iJCvuyHQ03O8g+rIdt40eKqxEU7dQBybtpYyRqgKNuZRTso
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame 6063 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=0&fver=90&imp=7835065700266075432&plid=2521236318193655889&pvid=3409479159551039566&fmtid=90&e=16&offsetX=0&offsetY=0&pvt=1700299588348&stime=1700299592029&etime=1700299592030&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=90%2C728
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
gen_204
pagead2.googlesyndication.com/pagead/ Frame DEB4 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2340849309513&version=m202311060101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DEB4 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2340849309513&version=m202311060101&ct=76&x=67&cor=1832682424014107400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame DEB4 		93 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AixbLui1GlE9ZxNPqW2MiyYPygsbr-gXdrooH9AsPDC0MnyXoyv-qWuRH047otBo50m1TfRgr75zwY6kHDm07p4t4ka9CklMUWw_7lEsWC3xh9RfYswFNohC72Ns2stY2yBGTCOytIsg-NPvpCsrBUWl85RTXc_Kk2Pj9uEr8uIw3etnE&dbm_d=AKAmf-A8Hosk3bL5_juNazovE1xz2gUeQJwW0zVb9UzUv9pSc4F-7f2ZM0sNZyf1fI0N3wx_uvL8ky--8Bk_rhECy-bUFdTH8aUVKPddBUmcqP2seTCZAw52Wz6sM6ePCQRXu1pevuiEsx9KwLi7X8DltON31fgi1NXdh1YKuXNCGvhlj5WQZe0Fk8tof13dxnEqlpjXWSdN3v-P64BET2EtUnW6PH_armJTH1kOJr9b_fNkTmadoGBMfpa_hv8WoV7n1HLq9Wdf4VdDG5aD2D5xOQp_LV-SS3MpCyp4dddkYwvF7Le-kQWPawmAf1a75Zo2kLM_i6Bo9cNTrluZxTs690KkoMgks8Ddk2jPJ6ZFdXX-hiSj7ylPNmWNcQb7iaKBzI0ZQSLb8rE98MfUfsP3yjHE7lbwF7ob2hZRVi4j4qb13nsqnsiBuOOJYqkU6NcKY965mxlvb52o0_ZhuclSvnA3WSYeHThXrP4F0YDjC_auYkSInFkkrrTcGdjvA-3biK0WecwLAXBrxjpBV_9gbfOxP1NfLbjXr43aDuiw4QVq1henwlLxye4MJVzPwnxgTyDRC1ubsF1mHs4TwYJEtViBh558GSvKLAlDTZALFt3BJJG3Ld43x548vx9HBMAmEqxd_EDsIh77wbCpzORot3sPB-XY1GkH_wY56LAAGCi2XZ1JF4EulssF4m6Rbt25ASm0RkAxVY-iOk2Xu4a9BFun5giNROWJ5UmGhS2uzdMr03VZXzGRFNbFK7sEd0dE0I_vu3sgmvvLaXwb9B0tky1KAVxJU84xHZuurciGRGeldGBe6o0D3VN7GLXrlU3YucrmB2xLbtn_SythyR0c-jJ65omqAQPUyGmwA6I-Xn-WDrPCLHUmHpj6V9lFzrNu18xSTizUceEgKeYL_PPu-seJnayoHsH55rsOrTmDEFIWXkr9ZTohedUHFLDlplESIZEJVFak9ezqLJRu0rN5vGfhzm-KOh-BwTp6WM0vdDjqNOcbMyDEHjgTirdDQxIWPEXJfTJs475iF51UGgj_v5zXYFZjbKOHMRWMxJUNqIurzQnz8uZQ_u8McWD7eHA2spN2ps1B-mpcRjDXEGwF0rqh56uDbGNgk6W_LL1C38OSx4gphcTPJND7MUOneh7RXDrfavFkMokbuVy6M9p4uo09AkK_i3Gg-zL3a9ZWyJN4EfSw65oR9AYsMRAfD4dCEdrUGKiAT8dxZl8JTWtHAEqKwncAfX3g5avu8ZSmWypg6626QeT7IusTFZ7HkUa7VwdUca3J328qU96iGiUjWgqPIhJueEx2Y2gooG18H-B6hw_4TPnSVokAepf43z6LAllwDonuw9PolCwwfzJBZoO61gUBy8qbkaeprUJXHv4yNQo-vz5JafXoovRBZi1MwShZpFebuElQxPgEqj1I8WxHpJvNje5bgfkK5R-29iAJnhvbA-8ZhqcGA1WzIwXhXKDETR_toRWC87vJyaYx8PwJt6rlMT9tmPtxnEObQvjamMoyAWi0uysyd5FfrXj5Fj_5MQDlzz8VsJ_u_jKMCK0tFD6Y9E5C0f6nX8Aa4q-R-Z1Xg5ObF7_DEGP6ncaJHF2RdDUV8iLgaGlA7-kX4NQVTac3_V3zosCKLSeN_Q22bcHP8fd2oIhPrfPMYKGJVGv3gZmlDT_gIi4XQ8wrwPKejDrIv_m6J3z0nx5zROQhgSdygW2DdWQaBfDzYq66WMqC67BCplk96Sy36oSAj4z9jiUap4jcYSXa_rCdZs5dURJgItlEyVG6Myu7CVUo-BIdKrlMAqUKpNV0EPWeS25jLjLoR_rLPkMwAkkLU_Wu8Ej6QaJUzCdUyXQ8tr5i7N4aExrLvo6itg3jqt-bIDbQ3TbFiPLxZomPEI7wTPuWg1rkLbb_aRXskv0i8O-qiYe9WLo-ScR5G2Njr7Uf4cdZGip2KIkn4yDeyFQWpQQ_gPe_RBFHHBG_3dJY3LrBdpLbLMqwp_T2C73xTYx5cmia41c1-K8-PFhzPRZ7x3e4zi__ZWKjzrpYmOtm5uE6ZDPxZB5BVZPhZh4w7AWeXulUodTSKW68Blf9aqQkqXYb7MqQh6eJl7UYJKI8d9Yb-wGGfd8DkNPKcWNje2WTAiB3_jxNnaYudGol12k8CUfwQNGzc6kgURvPOMLAvHcwThaBM96ZjFOVpWoi_mrAxr0BK-3l3nbBn5ElMK0reH5TE5V4ODaS0MLLiGVfb8mZJ1BDns_1MvZ5m7SYPL6Zop0uDd4f23aW2XxIq3bo7Hh1ijcY76GVx2R5EenZx9wIe8MAD3GYgjME7hwZD3sgHBL9xZpDQACffjjbWLZuX028fEtQfwrN-fbEjO_8DbkMn1AgPfDdnGuXpRsiIEtDzubCWOtVXJZF7234r2gI4m8L5n-Sh35vASErYFD1g8DY72F1PXRWTfZShbUnr6iecbSyhojoDrUI71Ml4J0lotmC8GseBUtFagsQue-4JkScEk-0zqUVaBXK8yURN7YzVE0Zyc2Pabf3PJaGWLUCMslRVz_TLcL54MCCsar4dv0JhDU7vBL43N_wnqxBcKgHsIUrmi63fiYhjoBdHM5nvTv1i2un0efyiqT5Jed8Vvfs-lhF8WXXtl-XkV1zTFPqSPH4PHeT3-RxgIq-UyQvcloTJIPuqoXUyCyFTtgxX1vwaz6RNpERcxRCerJgtXo3mryIDN07kEN6BUYGI6qXkaX-D3cWl18fppU98cDOi1fwAs4RB-3V5U4766Oa0dt72DeUkXpcYInQ53or6D_5ka_MSxEGzpQp5XTZtmKtrhTU8iudtzV48Fz9B-ReNH2QOBnAWmid6aQyBA1nf8vT9aPKzAcO18RYRre7HqgR1YApY7uzxFH731I-kc1GkIa3BlUjIBNLSYCgaPhWZJdZBZa2QsU6MA41haNpNUm1GpRVNpThqLfToGVA5Pu71e0OFs1TT6hYXqgZq9BDlhJv8SRO4R8bIKkftcgtUYL9eGOVOXLgVPwyMfP6xWKspoM5zoyOs8NupOB6pxeDZzw4Mwkwxpd9JgaF2DJBqc8APn44GOdkGzo_PDyZx48Rp7ecbPrw1egYs_t5uhDMlJ0wiO4V__cgD3WtohJXgF_Gpc1TVcRaF0_XNktfcJTwGnjvBd4sufDuixKarTHL2G0FuKcX6yYjRuMA36tfxPOObIGZgEdIiwzB7vi-wpgGvQNY9vcJ-9zAH2Wy7DSFGISyA5SiMcm_J-pvFYgNNnczv0XaMBM54Ddkj1ab_BhEyzzvIlmcwBXf3nGkhDWu60kG6-J79zmrskw9eIFlSBPL6HBhHdb-ZivHDpHD_lQERtWWdzVwoxAmKISAWVdi_W1gREAu-z3hyLa_4MSKKW-yZ7eWVEjJ_2x4XjEDGttFLx_erp0EsJPQ65MSmGZjT9TJOjSk67DKnt196XlwzkjKEA06IiWyKoxcVGGHGGboTRJFjroEyDfvwD8eoLCDc_WyYwNBuDEPmCxq5KC8sQCWT4YoG8aJjTAntvpPBbBhv1Hy-bJgihF4iFHcP3pekKuTMJHxMcTAfu4dIjVOFAsqh2n09AJl3_BXze16KPkvkCsaCubC6p_W5-lGgEuS0uOGsAsQZJVFqzr0-7EiDfpPwDxFXO9OIkefyiCl16g6tvdhRvkF7lakczeb3tRbETp9GfqoPZbOUVcpN82YZodChD-_S3FQJMDT5bN7u9Q0Kx8zdZT4D3uggMTBUja47dbM2FWWZ1Futa8n3wjQdHxGehFIokIsLdGGtHKZPJldQLHzpl8zZz9faw&pr=67%3A0.119843&cid=CAQSMgDICaaN0k0y2YdaxhS9FHmGkapXA6GSqMbXkoOvTlIy9Xk7y14RfojGZthN0R9U-NtMGAE&dc_eid=31079496&dv3_ver=m202311060101&rfl=https%3A%2F%2Ffolkd.com%2F&ds=l&xdt=1&iif=1&cor=1832682424014107400&adk=2872500770&idt=157&cac=0&dtd=128
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
6ff4dc588a37d8b57ff1ca89386d5c0f43a55661555ac14e8251682928f593a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39801
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:32 GMT
x-amzn-RequestId
e610f8dc-fb9c-aa87-bbc2-7d548ba2ba0d
/
kinesis.us-east-1.amazonaws.com/ Frame B063 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
e1f78818020ea1a0cb385514ae409a5b0ede82f9881c2354e651889693e40a3c

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=4ffd474f73977e4a8bd92025427cbd1aa1a81eb6ea9d7bb0054c12208948a0ed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
95d30702995e8f9f40bd775b8384f757e4e5e10ed0928475f9dc3ca946ade9a8
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092632Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:32 GMT
x-amzn-RequestId
f8e0224b-6056-66c6-a532-a7c31068764c
Content-Length
133
x-amz-id-2
UN1fbFNQgDo4roaPq9x2lPNMeghQ/XrZMaSQn/ymkzX+Car/xHbf6UlBgxRwrho9eJhvBSzsPoDHCAmVp2hShrLNrYR8DIc4
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame B063 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=v&imp=6114423632850686324&plid=2521236318193655889&pvid=3409479147974783662&fmtid=90&offsetX=0&offsetY=0&pvt=1700299586968&stime=1700299592208&etime=1700299592209&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=90%2C728
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
ev
ads.yieldmo.com/v000/t_tkr/ Frame B063 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=fv&imp=6114423632850686324&plid=2521236318193655889&pvid=3409479147974783662&fmtid=90&offsetX=0&offsetY=0&pvt=1700299586968&stime=1700299592218&etime=1700299592218&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=90%2C728
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
gen_204
pagead2.googlesyndication.com/pagead/ Frame FD3A 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3831359033749&version=m202311060101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FD3A 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3831359033749&version=m202311060101&ct=76&x=67&cor=18129275253088823000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame FD3A 		93 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DCqPfiP68nkzolPSv-wD3ACeP7M3ZkDbYXNJByZp5SrgmqcqP4U5SWYgOk5czdBkk2dQ4w-GsuAdGMgun8cQzFWSdwl4TPlw1ptKRbFoiEImLsz3AsmjFChmKztrVYzdv6Ds9_V4-V2m447S_gkETfCcSXiOVXhwFzR2mh2aqPJAWiClc&dbm_d=AKAmf-BrVB2IYuic-Xrrf1JL6CeIogwA30l1VG5sWLH4IE0WTwG683M0xcAjR4qbUkhasq-wCAkqFpgXOfpa4_HFCF6y_G4eyOqbZx5rndV7D7nc248a-4cHC9uc_b-rpPc3J8Rj98zZSl59gcj0FwK6Phe8BEPf2hz8tb1Qo1WRE0zqcqhVzHpfkSGM8rXRwPMDWeRioGQ3BDQEpKBnVi_tLDGj_5S9ZGyaYRDR2Yo5m0fXN5Gk0-gIRdsMi5hUvNXi3yxaSPi_6OcwB6q7vAFyH5oGb8t6Lj0G3kLMtJOqTz4nfSzB-hPOPqT14J9SG6L_EWbWzgrd-F2Sngujc2z1VhFSvUziiDL0bXt_7gZ7qxMYrBfmPFPYSYRVMa1C-xY-v_JggQKIduwwZBI7ONiTTy22ntLH9NDc3NaQefdEsgQyWSqA-db5DXorv9BqYfZvuLvNsX0QNdJL0_uhUP6T1JGjcLfFOLOBDhoB3wonEA0GlZgpqu_ucIuDag3h11QRuHlkcttpFa9NfEKEHKKiSQHeRzwRublxPP0E0GIrRkSAplbQbGjy_tTnxbYoADn6hKmEqnhrcJ4m7IfvlVA7REKnQRHH1LUN4grxw9bqTNWvShsGITYn2rdCFsPvf_OzYpNHcfLb0_81DkZdDwCAgUAQLeJcnL0cL4uL36qgP7YUhIbCSQ-vElUOM5ZnayFAMf49X17bQHPhOakXTz9OW1v_ygLwcAKSpJoheINpAYcFLkRm80e9whe57pS5t7C9aUj2B_DJObFx6l6VRcHE274ir1JYojkq0a_X2_-cobB27ulnUBnJZU09F36tWx6xEdGcd7ZGpvm0fIGqHnrauPHFx11rc8cHCKDqezMyMjbjwwreMiPgMi-u_CdRnYnLwxNn9e-81FO51q_3i64mqeCWVOk2ccEDJLaBR0NhFZxkqHit4LXK6MTxCD0bPVJJpm3GHSMmGizoZIBlQVYV7gyLTe9n4qPQGJV7dKOFArYpnZxxNBoQ4F28Q4Df19MCnFfs3v3-CagEWF9TDgCwlY6MTidRtT2yhm-cjyri6WHC1zFVr2-m_zxN-KSho7IQl1ZfZiAM2U7gXw-nPqY-5fFJ1aADSOfjj7do_W3sLTDJLICpishuAugTselfTqyJpeF0LVDvz-Yhn1lq0iLKBe2l3Z74jgB9JjKEs3X-yNGg77OwoGBPLVyEcM0E0YmlSaA2W2xATmiWnejlHJlgD6kL3YR7pfHS52SAUGBOgUcm5dEf17zDRNjvHjflBr92r2UCLLcJRW-AOkCBsqzoBEE-Gw9gzb8Sq-cryVZvWrlaAIpN062yk3BJJkVuEiJYZb97pkpdQ2CwGUGmKlU8eajK0YNw35b3B8eqzF45UFcSrIfVrbZDDaje-8oLhQYZhIUGu6g8ovw042YeygzDaTBuQsxwMNOXAhvmrz7jMUbyt4V5ms5MV8AvfxJ_VZK2paaC2g2HVxhrcbrTIElu8j9pOG0UH5hZ6qjUEcRCbmfUnnDCQBcrfQt0QL6y-C1OLXVdN19jh8ATMfYzu-VOfqyHsurUael6GCwRE-x9xD9Pyge37jNPgYb4ePYxokyVsukteOVR1d3qOOzjmaxqa6sWj6TS-21RN-qKlquXbOKktfZiSXhByHvW_1VAN9nFlO6fFXch1eNcEGCF-iprdxhuClE5dqF7YDCx-iK6e-c69lhiM9XVHiIHCKiqvgTHH0QVSLnG8ZHl--m4WC1pLvFNbNwYWQbD__w1nV-DHfBabGx82oKTuhtQmt4LT17s0xmm3QStxz5vdsba2lJwZLwOY0y2p9pAM573QhmPa71OqEQ_tQwY73V-axLt6xq6lgugQqVUiVAC4EzDWf_MHaVRdZp-v3Pp9shPbOE3NjXA_2YoQLQYVsOFTP5E2p48my99V3i3hMtA6An1C9e80mP3o-LDuzBtnNATVNjdtXihFUhnkUOTmcxji4lo2_wspqMvtXD2BS-wTwc0tqaaGgNz9i6dTpDUWbVMGKxx8JWP0OPuuCBo5BOP-JKVJezLBo9q1WbdAQMyJRMQoLu7S5eXoXkdokNFHhuw5R1PgV1E7SfubPT5XgaPpno0MwOVz2rtQqoyZaaIubrT_1sCotks8MSPHOdNhTWhjus2f5yuMtJLqIMnaGEljyYgFwXbdqbolTgi-xngcKn2PZietOt-upJ56LMJIAFoDJGJr5DVsrIIiogHkn009HzqgZTZaL_wt9XiugilOf7_rdPGBqCqrxDIjinmI77Sfth6_dOYWxPejRkJSWZPYWCbBLVW0yALIl53PJNY4f_i_2jvM3_aAqyijc6Ow0L0Nf1kUP9X1rI386VsjJs2yTSc1CL_85_TypRCAcUmBJrT7iqTlyyy9rpcgHZDjh6m_5eXFCkRs-S2lyjMapxNw533R2pC9rUrzdm2tw5X5Ark7h5p7FfgHIE48WhaVibqvtQRW9XI6Bmh513n2xYR2JRujpSiZHS0kh-SQPZakap80JYakXx4JQatXIsgAwNTc--eUakZB0VpnDGw4At_8aBrQZJjML0mpQJxoZE9U78nRZ3PeB3Dm3V0B0BUuG25PBaftA_t0vZKH-xCSYd7tM84OPERO6bx2bWHIb8QDx_A1neq2YRAPTJuQcBCJJNOq2NZYq5FFWhMGU7pMsG-D4iMXR0qeaDsQSA6N2BkyH93RMQWwp9rcN0Zs1ExYFE3a8IId8veZOvXFNo5C-zRj0kPMWfHXppqlBgDcwGbNxyhkDgZrypaqllisDp2uuoPGwce0cPOJ9QuCDl8VVaMdnODVaI-Z-Nbzfnow4_LHB0FZWxoIcNEJvdsK5mRWdZPe9Eo58wOh-PWb2iNLJZUW-FZ7QjYENQuktkv1CATlfnCJvhRadI788L74G1vQsw_bGn_HYMVLlvVB7nzP1xTYUrfzcmAD4_127nQ_Ptu0rrb-uwsq9qJMGF7T79QFJs1pSb-mMcT9Rwy0HrtgB66UeUsrbXfcgbZEf1e3DC3XQ-X5_wfJiXGNYwIFExGDmJ0py4Db2bcW5nFUe8t5FJzhdcDCh5MrtK3KjO4aJmVgts9jNHixLfruE6w78gUdReWY_MsOHM17-A3wFooH0BWaywst8yXkxBw0nH-CkmMAjk630yoBi3-iWscJwD_3ku_5TnWAt7dB5T1ayKAXAS1hmswaUcNw5P65m8kSB0tXUYrkKUO-3rU_1TGVnl_1mWM6MnflpVHp-DnullX0fshXxjNp_k6HQDYMylHRjCPwbxXJgjZHVSj9EmWx1Imfs8DicICn8RZQ-e1uU7vKsT1LO-SWEoXWYxr_Ftw-J9rtlO3rfPz6z2iK0Rp2Yd9CXaSS-kPJ1ORO5sAPYJMi5RZl2tKFP23dSHcm5_sAk9lCwNAAiNoCGY0A4iFc15SScA4a8F_TEfDltzXxLWoL64yNAlnTU75w6MTRutY5BRbKPFKWZGcH3R1IsPKEattdB75rv7oBLwoAoZq_85O0ftsblI7Payp0keZeJdfqNHqo1F3ldriNAGAywlM8qa9-qMVEoIoxxIvrPhm-YOZs-8uGtwBchjYicDleEgCmo7H498Rsp0Y3r3bTWRTfsqF_ItJ8KA9PFOJ7qhPvq4vaSOvLplUxOvMCC3WKzshncZ7hBZpW_zJc8mkx1aI3VOwsQ7lkDqV-VYiaayPMDlvSghdF4FtkPFqxYgmY2t0hc5QCH-qHdXvZfQiaWUlz6P98z1DCVerUFT-iVdHUrjJWaYCku2IBcOX1NgzWL8PudIga5pa_ZJ7QLRJCLJosA&pr=67%3A0.119843&cid=CAQSMgDICaaNUEcBsmRC4X83NWT0CehbNI5gOlu5BV_Vz1Wm0_gnvAlAb8PGe1ZOoheiRUm3GAE&dc_eid=31079496&dv3_ver=m202311060101&rfl=https%3A%2F%2Ffolkd.com%2F&ds=l&xdt=1&iif=1&cor=18129275253088823000&adk=3262101877&idt=123&cac=0&dtd=6
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
83468c563af63d83ee93ca292a1b82870c18e21b4a4b9d8e35bc966a983c21b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39702
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F7F0 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6786117196072&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F7F0 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6786117196072&version=m202309260101&ct=76&x=67&cor=14211877173526102000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame F7F0 		93 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D_sChuFqT9WtCxPbzwhtewf6xHMTTJyUMz1SxLvcoXRcECusid35rPywhrBA-kuIT7Lm86ZkOweFELzrWSsQnY68ERmR2dJpN09adFV9Mb7eY30zGctRNChwE2pL70xPcwqj7AggMqy5hFcYiihH7PD_d4h19rH5hQOC0uLrfDrCqAHMY&dbm_d=AKAmf-DgmT9nE8syqsRHxiQRTPxCtO4XnqMtgLbLM89d5G1rX3hKVj_bRLg7mYOVuS_2pYiK_9C1M6ZQHVXubMvSLwWRRLiCBqyb_Da8Z3KeOlLYsn6dvIwQBQwWzXge81_BhQ91MDxJk2hDLopfzww7xV6HJyXgxIHNzdP3ng4pm52y1JHpV9jpPbyd7ZsdDvIijq0609hTvjPiiFeH7viL_MUCh6BOP2d1nHVSToPPdd94hvo9OiBFwk6mBFJcnHbW8AvNkBh98naXx2UWIrJo9eoTLhir1F3NqPcnt-M6NV_XXRwAgekUwxz7fM1g2ZGjLzZRwHWRvb4XX8KV7KoXykovY-wQZkduyOFiGbwzmwCuOVuvCoZ8VCmn1OWzMYSfq83LByajJy-YHoMYg5MuurK9lRNL1D-UNidyzkYRsJMLsgwaE9GhSm-Bx6NlN4CRsrxtn2vT4ajF-dG1yY2l_tDwHNL57CpdEkU91YP4rnaGdsotWBsIiqfmrwoxnKqYdhWKAqYHyloWVuEHy21l3c-dpmDZn5ipIpyWY96C2BO1qrgjc8RJxopsNdX6CjopH0fW6zpkIzut1zjaMH4CamN9gt-dW96DsLlr0KJTEME9BqI9JPIEikdpZE1vdV2NzRyb2t79W8x3SwqAK1s0zkL68h1x94HiCsAnFQR8v24C7LYGUItu_dGcBqxpWdoXZYXrnScTfV2nsjdr0D0WoWHRxEHI4NOrrYsc70PIFzd2xDcO31HtOUlrtsXCtVYkOQOC40faOBvyvomPeoCm00PrxA3agP9qtLuMVnk1KGk6zmx7g2P2KHVbsZ2FlvC-Mz0kmRwY1l1P5vBkFDS4B2_YNV3fPcGsfyzdpOL5C6wTDNKuvaAV0_SuQdIaeZl4_kYrfKK_3SysUyBCbX0f5bWz_Kk4UIjqCVSMDNV3XVPNZ1_Ms8-ga_lqAxWMAL8WHb-Drn6j2_8BvNkuwWLBozBjiNqzn7Ii3007XpHImk7IrbiHxklJXz0UbP1FPf-jHpLl5ptWt_FIkbuyDv3igN-L5omqxN91M8Ew9_CM-Zf32D_2sZd5PYjS2r6IMJGPlAKfaIGA-glSrjV29WpBowvuHS5cAbOGCl22p0umZRzqnqqfL_4kIYm5ODHeqLXjeejuBu4iMoHPeYCfN8iQPmrXZ8m-dAVFhyM2-NWlyP9KMrBK4e98n1Jnh3JJzWYI_aVq-IT2uaQLQrVGU-IiAMFSa3PykxetI1hItlImRmdXQDyA7OI5rTQQXv2jGtQVCQocS2CLR0ZRD01rMvZERWSdI-JiQcOl2UYlHpXqP7JeZUKNUxScNnTjSZfBe9SUKvhy6or1iJ5g-3bjYtUuhfXh1PRXbBpDk0rqcooazipCH8a18gcIn5kc7XBOiEGHrWZGG3q6jrOaUyzswkeKzIw9ZkY2LxUK_tOeGRj1yiUwSVMzoB6pbkX8bpjMdjZsDRWNq5q5ktJXlxS4zAIgnCdYWhXsBFyOsx-88mM3Ay_D1e7tbxtF6HnbDDCvRdAnFLhFzxW3jLujwTWkSI7aYL38D_QvtOXo2rgmLpDjYrHHgGYnIqZZ46i4BredmUhxiJ6mcJ-3mqmWf9szJZG9faGPaImir9wMF-LbSAGs0tSTcFQOLHqtEYSVGiUkNGyIg6wUgLI3X_LArmvsviNDbhYzpngPBWbfsgZpbPXLGe5MKEMbuKhbikAvrY_W-YyM-a38qHQCXLIs0z7pcsyMoZTkNpnVqv1u7gbdihDUVuiA7zrwsK4foI5AiXCT_dCfYZ3WjHY40vUwonEYG7MgfvHTKlozc5DT145PldK06vgyEkBvrV63_DN_jQNxcUvSubNoBMn0gQugQsknne3HqhFvJbp_gFIQmD97QmXyo0LEu5xKSamO1670cBeYnmQPsv6gx-IchqO-DJo7XiADqIbAzqpZpkkbQS81_2Lq071qvoHm5UZwd-5ICIkYib0g6KO6zHcCsZSS5uonE0264Zwq7oHo95uEPIQqWZwhdtZN_O6rsRO1Wq3UPB70P_uotvyO_RcoQQHyh7nKtwEU6Z1jPuNASwEtbsdoUzoBnTbI4a_9obV3FakKxuZklwLihn5IWRPcN3cKnN1njzboTuVb-q5bD5ysaSM-u_3jMed7WPs9l43tAknesQUrGXYgWwrui4DZOG5d_XBjMOA7tYdXcOcCANp4SowDa3P1YO6dEIQ3Jwgf9XeHZ89zFY5OLoAVdF2vImfeU-k60g8axIZu1TfZG0DWFjwFupxVtEixZkr5cU1tJUhb2_FahA8ISAFWb3OfrEvD4_tCZibJmZ72EmoH6P3HKM2hSl-SGhbWPw6EcxZuEoxtDZOYWfDDi4d3Lt-dgjso0jsWhJspRGSDJcZ2U6g0A1ei3HHKlw5S69MYgk21j5-mLJ83PkfHyG0Si9vyimGqmGKda--dHhbUzymdcXTvecTLsfcH91xT2T3ZF-HWHMtlhImUG1-zEw5GJ0uU9L76C0B7bzdjf6avajkHASooxOpYCOeCOWOiyZUYEF-D8BO_RemFfTZu0zFwekU0LSlXrMaPI9fDrdLWIrX_Mlycc1bWyfN94Rk7cUr0NnEdhI9IMQ6cprJuGewvlPQArS3IozxGgQ9_kvRBiolVgPqfugc993QbQbwXH1CCv62KHn6fEpl6ffOtoP9rwZZrnvtTB6Dxs5geHC_Eq1OXjWaJh3GklDbsf-0znuA6pozSyuM76Lo2g-oBp_tU6W8eBaNenm6cEI12Vmp6hKnqgO5xhW3yum9GP7q6pHzI8UaG_yEXe2PR9c4yQI1oo1RUH2Zb-0UnctDEdAi5vIBuvByhA_jSK0ubkh6fO20J97ApFa7dgaYHeL1-hyAeBc3QBpESub65Sk770p_jPU-q3f0agEQXauk33fxWAeDFLRo3g3gOKOWQl_XgQwRVgccBKJLZzXh6l7P0Njmuu-jjNQH9HeBss31dGbX3SGQdXVhW_rD8MuXaJDMqDY9ThBcZ9jG_ddPMW3FNqCEEFYwYNUxQvT51omtqceYSIvUS5sSxQXoXtVpB_nRgdUCXGWDgytIoxhyFVKttxjELUcoUa_H2st8X1qsOrN89LFfp30UwyfoB08JccSLWwLNDJr6I2N9d2GX2KSHr0MO-aWSbVHfI_8IZu-7CkwnBauHSqOEUGjD6UAlJuiiHswjMXTQgKTMbyOuk3nHipeA6mlpdmlZUYjrEQOvAVB44c3iR__XbslPzn6m1G3MZ6JA2IOa0RxkjC3tOL9m47PXhnE6jmP3Fx1VLP52Qx7a6pckQ39qra_J9BjqfUnSrgj20F4uw4RcDRoK74oSWEO_M-4Acl-hPD_RyfewjZuTXWJ0rrS9PkPaTFU2uZo7F7fxV8wJCkfiyquYfNKCXypjBklQJKJ6RRlmLsk6sxTxJDaRG4duGQlz1ceWUPFt3yaMPwStch4PkwakL9r3-SZTvYug1rUoAXdahPk2_uTz5HwKuI5LLhIWZs1syn9GHKq8r8tB0F6u7MmT8z-qHhp727SE7u0X8H7MfOUxzq1pTdNTvqRhm6HfHKTf0xDQU6CwMJXtLEjjFhLuaCHBBZyf5OXNndGybUoTNzTQuKy6A71KvdZ_SDskxzTotT_Lmwoaq73Tq_d7_blP6u2IuTpisqWiACDwaLj7Eu9I6arNs5DIxTwxJKEdAoBU5BTC8aPRn1_Qk1QObbxhI4JNqJacjvv3nJhFHDB_HJKL5bPgjsB0UFuEoYCPuvy5c7rVMbzs4TFDo&pr=67%3A0.119843&cid=CAQSMgDICaaNpxvtVZXhvjHQdasBuF9bD4MkLddNgjLx9PfkYChAyubeqCbyPCegz98QZ-alGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Ffolkd.com%2F&ds=l&xdt=1&iif=1&cor=14211877173526102000&adk=243188015&idt=123&cac=0&dtd=13
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
be0c4f4a45da32a72b5a1497fdd99289390c11ae901d825768544a575bcc3b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39846
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bootstrap.js
s1.adform.net/stoat/630/s1.adform.net/ Frame 6063 		37 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c9b3df2175f6b51e8c7ca74de67d096dad198f28de115078f9332fa3fb379ab5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:32 GMT
content-encoding
gzip
last-modified
Fri, 17 Nov 2023 10:42:02 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sat, 18 Nov 2023 15:27:20 GMT
cs
cs.lkqd.net/ Frame 93FA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&gdpr=0
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEBisJp95zxnqMOPTj0tpo3o&gdpr=0&google_cver=1
43 B
534 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEBisJp95zxnqMOPTj0tpo3o&gdpr=0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGOXS1voBMAE&v=APEucNUvhgIRcDireww9JybqCUQbz5hFKCh_FzGk9fetEg85grXXy-L7Bxanwx4qj0I353TyPWEMmBOCtEavFYLcSNBqLtpa0BLJ6Z8aGszfdRH1l8Jk7Uk
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:32 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEBisJp95zxnqMOPTj0tpo3o&gdpr=0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
307
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 93FA
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=b19jbWMtTXNBTnc
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=b19jbWMtTXNBTnc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGOXS1voBMAE&v=APEucNUvhgIRcDireww9JybqCUQbz5hFKCh_FzGk9fetEg85grXXy-L7Bxanwx4qj0I353TyPWEMmBOCtEavFYLcSNBqLtpa0BLJ6Z8aGszfdRH1l8Jk7Uk
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 18 Nov 2023 09:26:32 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=b19jbWMtTXNBTnc
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 93FA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAHZzm7sfcsJPoxFrphqC5k&google_cver=1&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAHZzm7sfcsJPoxFrphqC5k&google_cver=1&gdpr=0&C=1
43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAHZzm7sfcsJPoxFrphqC5k&google_cver=1&gdpr=0&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGOXS1voBMAE&v=APEucNUvhgIRcDireww9JybqCUQbz5hFKCh_FzGk9fetEg85grXXy-L7Bxanwx4qj0I353TyPWEMmBOCtEavFYLcSNBqLtpa0BLJ6Z8aGszfdRH1l8Jk7Uk
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CyvvkYN9IOpm099Kd%2FdscyKn%2B2vEAUo3W0EmBsTdv6tSGkPlw1VRtexxkFLy80ACy22OYI3lEWBlfrklcGO258XyVV5vLcYSA%2FezAf7qpLzAG%2FA6%2BtouOFEWkEnA4uHZzxFcZftFi3zYDA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
827f2c26ad212397-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y8viPYXgKL%2BVvgycWTwi0KL586D92TtUmy0Y16y4LUv97jSXxxzAHefL7p1z9IqkQx5XDjxgjGZZdgfI2GF0dUHlgeV6qQxs%2FUxMEnl6ytEJTSZy9NcPYln1vnwTz9huA9kSJ0cTXZ5iuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEAHZzm7sfcsJPoxFrphqC5k&google_cver=1&gdpr=0&C=1
cache-control
no-cache
cf-ray
827f2c25db7c2397-ZRH
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 93FA
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZViDSBAZuaAbVWgtJXAc-QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAHZzm7sfcsJPoxFrphqC5k&google_cver=1
43 B
771 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAHZzm7sfcsJPoxFrphqC5k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGOXS1voBMAE&v=APEucNUvhgIRcDireww9JybqCUQbz5hFKCh_FzGk9fetEg85grXXy-L7Bxanwx4qj0I353TyPWEMmBOCtEavFYLcSNBqLtpa0BLJ6Z8aGszfdRH1l8Jk7Uk
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uZ0vmUeWQ35InRmWy63EGpFvhi6EBWfo0Fp0ZSdvA%2BW0mCtSHiN0NhhKV5r%2BeRpakrDOJ4duhIugJz%2FDdTIY1Z0wDUPawe7u%2FCn8JmCZ09CEXsHIGNlPB3ysMQS8X9EyAPBx2vUildvKyg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
827f2c281dad2373-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAHZzm7sfcsJPoxFrphqC5k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame 22BE
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561118&ev=1&rurl=https%3a%2f%2fads.yieldmo.com/v000/sync?userid=%%VGUID%%&pn_id=pp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=
  • https://ads.yieldmo.com/v000/sync?userid=FJM5RlkxxPgD&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
43 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?userid=FJM5RlkxxPgD&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://ads.yieldmo.com/v000/sync?userid=FJM5RlkxxPgD&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6b57df6cd5-bhg7b
expires
-1
sync
ads.yieldmo.com/v000/ Frame 22BE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fuserid%3D%24UID%26pn_id%3Dan
  • https://ads.yieldmo.com/v000/sync?userid=7815611394653132251&pn_id=an
43 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?userid=7815611394653132251&pn_id=an
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
an-x-request-uuid
18162748-f0b5-49bd-bc67-51dcdf2d4050
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.yieldmo.com/v000/sync?userid=7815611394653132251&pn_id=an
x-proxy-origin
82.197.161.4; 82.197.161.4; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame 22BE
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=3F7MnYYKKoY4yLG5eaIH
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=3F7MnYYKKoY4yLG5eaIH
95 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=3F7MnYYKKoY4yLG5eaIH
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:32 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Sat, 18 Nov 2023 09:26:32 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=3F7MnYYKKoY4yLG5eaIH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
ads.yieldmo.com/ Frame 22BE
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=yieldmo
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LP3UH1V1-21-638U
43 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=rc&id=LP3UH1V1-21-638U
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:33 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.yieldmo.com/sync?pn_id=rc&id=LP3UH1V1-21-638U
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
pixel
cm.g.doubleclick.net/ Frame 22BE 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=M0Y3TW5ZWUtLb1k0eUxHNWVhSUg=
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 22BE 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=3F7MnYYKKoY4yLG5eaIH
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:32 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
ads.yieldmo.com/v000/ Frame 22BE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEFCO-CToApRkAG5HCqeWnZo&google_cver=1
43 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEFCO-CToApRkAG5HCqeWnZo&google_cver=1
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEFCO-CToApRkAG5HCqeWnZo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
299
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame 22BE
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&zcc=1&cb=1700299592910
  • https://ad.turn.com/r/cs?pid=45&rndcb=161011386
  • https://sync.1rx.io/usersync/turn/7427790401613152250?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-906d15be-1972-4e9d-bd7d-18ae1ca45bb1-003?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-906d15be-1972-4e9d-bd7d-18ae1ca45b...
  • https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-906d15be-1972-4e9d-bd7d-18ae1ca45bb1-003
43 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-906d15be-1972-4e9d-bd7d-18ae1ca45bb1-003
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:34 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-906d15be-1972-4e9d-bd7d-18ae1ca45bb1-003
date
Sat, 18 Nov 2023 09:26:34 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX906d15be19724e9dbd7d18ae1ca45bb1003
content-type
text/html
cksync
hb.yahoo.net/ Frame 22BE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58529/sync?_origin=1&uid=3F7MnYYKKoY4yLG5eaIH&redir=true
  • https://ups.analytics.yahoo.com/ups/58529/sync?_origin=1&uid=3F7MnYYKKoY4yLG5eaIH&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58259&ovsid=3F7MnYYKKoY4yLG5eaIH&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1EQjBNY2FKRTJ1R3h2Sm5JMGJXR29IVjZLT3NabHZ0Ln5B&ovsid=3F7MnYYKKoY4yLG5eaIH&dpid=58259
52 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1EQjBNY2FKRTJ1R3h2Sm5JMGJXR29IVjZLT3NabHZ0Ln5B&ovsid=3F7MnYYKKoY4yLG5eaIH&dpid=58259
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
2.22.242.10 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-22-242-10.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Sat, 18 Nov 2023 09:26:33 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
52
x-mnet-hl2
E
expires
Sat, 18 Nov 2023 09:26:33 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1EQjBNY2FKRTJ1R3h2Sm5JMGJXR29IVjZLT3NabHZ0Ln5B&ovsid=3F7MnYYKKoY4yLG5eaIH&dpid=58259
date
Sat, 18 Nov 2023 09:26:33 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
dcm
aax-eu.amazon-adsystem.com/s/ Frame 22BE 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=81a53010-8b0a-49aa-889a-6006d15167c2&id=3F7MnYYKKoY4yLG5eaIH
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 09:26:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AEXD6CT7WMGPAA7XKY1Q
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
sync-pm.ads.yieldmo.com/ Frame 22BE
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.y...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.y...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Mzc5MzE2OTAtQUZFRC00OTcyLThFOTUtMDM1NzQzMkRGNDAz&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D37931690-AFED-4972-8E95-0357432DF403%26gdpr%3D0%26gdpr_consent%3...
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=37931690-AFED-4972-8E95-0357432DF403&gdpr=0&gdpr_consent=
43 B
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=37931690-AFED-4972-8E95-0357432DF403&gdpr=0&gdpr_consent=
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
52.49.140.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-140-195.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:33 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=37931690-AFED-4972-8E95-0357432DF403&gdpr=0&gdpr_consent=
date
Sat, 18 Nov 2023 09:26:33 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
ads.yieldmo.com/v000/ Frame 22BE
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=55&p=104&cp=yieldmo&cu=1&url=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dcriteo%26id%3D%40%40CRITEO_USERID%40%40
  • https://ads.yieldmo.com/v000/sync?pn_id=criteo&id=3f3b5356-533f-4497-a176-93f407a9c77d
43 B
615 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=criteo&id=3f3b5356-533f-4497-a176-93f407a9c77d
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:33 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ads.yieldmo.com/v000/sync?pn_id=criteo&id=3f3b5356-533f-4497-a176-93f407a9c77d
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
893646
content-length
0
expires
Sat, 18 Nov 2023 00:00:00 GMT
sync
sync-openx.ads.yieldmo.com/ Frame 22BE
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=d4c5257e-828d-4b73-90b8-97929e02d6c9&r=https%3A%2F%2Fsync-openx.ads.yieldmo.com%2Fsync%3Fpn_id%3Dopenx%26id%3D
  • https://sync-openx.ads.yieldmo.com/sync?pn_id=openx&id=2fa751bb-6358-0dba-12cf-5bc68d0d8bf6
43 B
615 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-openx.ads.yieldmo.com/sync?pn_id=openx&id=2fa751bb-6358-0dba-12cf-5bc68d0d8bf6
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
52.49.140.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-140-195.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:33 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

date
Sat, 18 Nov 2023 09:26:32 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync-openx.ads.yieldmo.com/sync?pn_id=openx&id=2fa751bb-6358-0dba-12cf-5bc68d0d8bf6
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
ads.yieldmo.com/ Frame 22BE
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=21
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=ICU9rQacXFJ_CB5fi3yQN1LFoQQ&gdpr=&gdpr_consent=
43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=stk&userid=ICU9rQacXFJ_CB5fi3yQN1LFoQQ&gdpr=&gdpr_consent=
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:33 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Location
https://ads.yieldmo.com/sync?pn_id=stk&userid=ICU9rQacXFJ_CB5fi3yQN1LFoQQ&gdpr=&gdpr_consent=
Date
Sat, 18 Nov 2023 09:26:33 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
CookieSyncYieldMo
rtb.adentifi.com/ Frame 22BE 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncYieldMo
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.239.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-239-169.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:33 GMT
sync
ads.yieldmo.com/ Frame 22BE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=yieldmo
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=yieldmo&ssp_user_id=c6bdb680-a140-4ff6-91da-0f9909356df6&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-lVvx8YhE2pmAyHE.TU7h1u2jqB7uWep4OKgYCA--~A&expires=5&ssp=yieldmo
  • https://ads.yieldmo.com/sync?userid=c6bdb680-a140-4ff6-91da-0f9909356df6&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
43 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?userid=c6bdb680-a140-4ff6-91da-0f9909356df6&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:33 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
//ads.yieldmo.com/sync?userid=c6bdb680-a140-4ff6-91da-0f9909356df6&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
date
Sat, 18 Nov 2023 09:26:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sync
ads.yieldmo.com/ Frame 22BE
Redirect Chain
  • https://yieldmo-match.dotomi.com/match/bounce/current?networkId=42851&version=1
  • https://yieldmo-match.dotomi.com/match/bounce/current?DotomiTest=392fd97937c3165c&is_secure=true&networkId=42851&version=1
  • https://ads.yieldmo.com/sync?pn_id=eps&id=AAAH_a2zdIOBtgMm6UK2AAAAAAA&expiration=1700385993&is_secure=true
43 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=eps&id=AAAH_a2zdIOBtgMm6UK2AAAAAAA&expiration=1700385993&is_secure=true
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:33 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:33 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://ads.yieldmo.com/sync?pn_id=eps&id=AAAH_a2zdIOBtgMm6UK2AAAAAAA&expiration=1700385993&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cookiesync
bttrack.com/pixel/ Frame 22BE 		35 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=6f15a88d-e42c-4017-8276-dff2b21d7926&secure=1
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.68 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
68.bidtellect.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-servername
Track001-iad
pragma
no-cache
date
Sat, 18 Nov 2023 09:25:33 GMT
strict-transport-security
max-age=31536000;
content-type
image/gif
cache-control
private,no-cache
content-length
35
expires
-1
yieldmo
cs.admanmedia.com/sync/ Frame 22BE 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.admanmedia.com/sync/yieldmo?redir=https%3A%2F%2Fads.yieldmo.com%2Fsync%3Fuserid%3D%7B%24PARTNER_UID%7D%26pn_id%3Daa
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.163 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 09:26:33 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Connection
keep-alive
sync
sync-beeswax.ads.yieldmo.com/ Frame 22BE
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/mo
  • https://match.prod.bidr.io/cookie-sync/mo?_bee_ppp=1
  • https://sync-beeswax.ads.yieldmo.com/sync?pn_id=beeswax&ext=1&id=AABcLU7KsQcAABQNiJcdwQ
43 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-beeswax.ads.yieldmo.com/sync?pn_id=beeswax&ext=1&id=AABcLU7KsQcAABQNiJcdwQ
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
52.49.140.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-140-195.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:33 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
https://sync-beeswax.ads.yieldmo.com/sync?pn_id=beeswax&ext=1&id=AABcLU7KsQcAABQNiJcdwQ
Date
Sat, 18 Nov 2023 09:26:33 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
sync
ads.yieldmo.com/v000/ Frame 22BE
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=yieldmo
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=yieldmo
  • https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=f8528bcd-c48c-4b08-b45f-da71def8b187&gdpr=&gdpr_pd=&gdpr_consent=
43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=f8528bcd-c48c-4b08-b45f-da71def8b187&gdpr=&gdpr_pd=&gdpr_consent=
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:33 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Location
//ads.yieldmo.com/v000/sync?pn_id=mf&userid=f8528bcd-c48c-4b08-b45f-da71def8b187&gdpr=&gdpr_pd=&gdpr_consent=
Date
Sat, 18 Nov 2023 09:26:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
26980
stags.bluekai.com/site/ Frame 22BE 		62 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/26980?limit=0&id=3F7MnYYKKoY4yLG5eaIH
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-197-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Sat, 18 Nov 2023 09:26:33 GMT
content-length
62
content-type
image/gif
sync
sync-adform.ads.yieldmo.com/ Frame 22BE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1283
  • https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=3216836833839915637
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=3216836833839915637
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
52.49.140.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-140-195.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:33 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=3216836833839915637
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
397286.gif
idsync.rlcdn.com/ Frame 22BE 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/397286.gif?partner_uid=3F7MnYYKKoY4yLG5eaIH
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:33 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
ads.yieldmo.com/ Frame 22BE
Redirect Chain
  • https://csync.loopme.me/?pubid=11479&redirect=https%3A%2F%2Fads.yieldmo.com%2Fsync%3Fpn_id%3Dloopme%26id%3D%7Bviewer_token%7D
  • https://ads.yieldmo.com/sync?pn_id=loopme&id=8da16270-01e1-4ae9-a9ef-e6d3929feadd
43 B
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=loopme&id=8da16270-01e1-4ae9-a9ef-e6d3929feadd
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:33 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
https://ads.yieldmo.com/sync?pn_id=loopme&id=8da16270-01e1-4ae9-a9ef-e6d3929feadd
date
Sat, 18 Nov 2023 09:26:33 GMT
server
_
content-length
0
sync
sync-iqzone.ads.yieldmo.com/ Frame 22BE
Redirect Chain
  • https://xsync.iqzone.com/psync?t=s&e=366&cb=https%3A%2F%2Fsync-iqzone.ads.yieldmo.com%2Fsync%3Fpn_id%3Diqzone%26id%3D%25USER_ID%25
  • https://sync-iqzone.ads.yieldmo.com/sync?pn_id=iqzone&id=67f036af-1246-4bd1-8134-e3f3f56ed685
43 B
615 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-iqzone.ads.yieldmo.com/sync?pn_id=iqzone&id=67f036af-1246-4bd1-8134-e3f3f56ed685
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
52.49.140.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-140-195.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:34 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Date
Sat, 18 Nov 2023 09:26:34 GMT
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Location
https://sync-iqzone.ads.yieldmo.com/sync?pn_id=iqzone&id=67f036af-1246-4bd1-8134-e3f3f56ed685
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
sync
ads.yieldmo.com/v000/ Frame 22BE
Redirect Chain
  • https://b1sync.zemanta.com/usersync/yieldmo/?cb=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dz%26userid%3D__ZUID__
  • https://ads.yieldmo.com/v000/sync?pn_id=z&userid=
0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=z&userid=
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:34 GMT
content-length
0

Redirect headers

Location
https://ads.yieldmo.com/v000/sync?pn_id=z&userid=
Pragma
no-cache
Date
Sat, 18 Nov 2023 09:26:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
76
Content-Type
text/html; charset=utf-8
g.pixel
aa.agkn.com/adscores/ Frame 22BE 		43 B
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212291508&puid=3F7MnYYKKoY4yLG5eaIH
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.22.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-22-54.eu-west-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:33 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
expires
0
sync
ads.yieldmo.com/v000/ Frame 22BE
Redirect Chain
  • https://contextual.media.net/cksync.php?cs=3&type=yld&ovsid=setstatuscode&redirect=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dmnt%26userid%3D%3Cvsid%3E
  • https://ads.yieldmo.com/v000/sync?pn_id=mnt&userid=0000EEA
43 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=mnt&userid=0000EEA
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:34 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 18 Nov 2023 09:26:34 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
location
https://ads.yieldmo.com/v000/sync?pn_id=mnt&userid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Sat, 18 Nov 2023 09:26:34 GMT
pixel
cm.g.doubleclick.net/ Frame 22BE 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_sc&google_hm=M0Y3TW5ZWUtLb1k0eUxHNWVhSUg=
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
sync-eq.ads.yieldmo.com/ Frame 22BE
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=71&gdpr=0&gdpr_consent=
  • https://sync-eq.ads.yieldmo.com/sync?pn_id=eq&id=1294189168542668504&gdpr=0&gdpr_consent=
43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-eq.ads.yieldmo.com/sync?pn_id=eq&id=1294189168542668504&gdpr=0&gdpr_consent=
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol
H2
Server
52.49.140.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-140-195.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:34 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
https://sync-eq.ads.yieldmo.com/sync?pn_id=eq&id=1294189168542668504&gdpr=0&gdpr_consent=
date
Sat, 18 Nov 2023 09:26:33 GMT
content-length
0
bounce
ib.adnxs.com/ Frame A143
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEDYWitnWINw5q_UD8qWYkKE&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEDYWitnWINw5q_UD8qWYkKE%26google_cver%3D1
43 B
890 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEDYWitnWINw5q_UD8qWYkKE%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGOXS1voBMAE&v=APEucNXDMjfm7qx0706so6P1faVquYfujxA2gQP12GrWiJmRKHScFMprymUE_xigDnGLWSqUv6M0EHZePF7jywAJIMi4P_5M3xEoYp_WXAW6qNf8gOgH5W4
Protocol
H2
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
an-x-request-uuid
d4c3fd8d-b968-4aef-9ebc-a27afb24b930
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
82.197.161.4; 82.197.161.4; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
an-x-request-uuid
a0e60e3f-f0aa-4435-bdcf-ffff99ba81e8
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEDYWitnWINw5q_UD8qWYkKE%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
82.197.161.4; 82.197.161.4; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A143
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzgxNTYxMTM5NDY1MzEzMjI1MQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzgxNTYxMTM5NDY1MzEzMjI1MQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGOXS1voBMAE&v=APEucNXDMjfm7qx0706so6P1faVquYfujxA2gQP12GrWiJmRKHScFMprymUE_xigDnGLWSqUv6M0EHZePF7jywAJIMi4P_5M3xEoYp_WXAW6qNf8gOgH5W4
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
an-x-request-uuid
ac72e4eb-f802-4f0d-bbe5-530df57d2dad
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzgxNTYxMTM5NDY1MzEzMjI1MQ%3D%3D
x-proxy-origin
82.197.161.4; 82.197.161.4; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame A143
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEMbXU6sbdZfdGYRDnzzzEnU&google_cver=1
42 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEMbXU6sbdZfdGYRDnzzzEnU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGOXS1voBMAE&v=APEucNXDMjfm7qx0706so6P1faVquYfujxA2gQP12GrWiJmRKHScFMprymUE_xigDnGLWSqUv6M0EHZePF7jywAJIMi4P_5M3xEoYp_WXAW6qNf8gOgH5W4
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEMbXU6sbdZfdGYRDnzzzEnU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A143
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWI4NzliMTFhOGRmMzJhZjUwMGM3NGIxODdmMDA1MGFkMjIyYTgzNg&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWI4NzliMTFhOGRmMzJhZjUwMGM3NGIxODdmMDA1MGFkMjIyYTgzNg&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGOXS1voBMAE&v=APEucNXDMjfm7qx0706so6P1faVquYfujxA2gQP12GrWiJmRKHScFMprymUE_xigDnGLWSqUv6M0EHZePF7jywAJIMi4P_5M3xEoYp_WXAW6qNf8gOgH5W4
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWI4NzliMTFhOGRmMzJhZjUwMGM3NGIxODdmMDA1MGFkMjIyYTgzNg&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 0E41
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=16&user_group=1&gdpr=0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dbidswitch_dbm%26google_hm%3D%24%7BBSW_UID_ENCODED%7D
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=16&user_group=1&gdpr=0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dbidswitch_dbm%26google_hm%3D%24%7BBSW_UID_ENCODED%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_hm=YzZiZGI2ODAtYTE0MC00ZmY2LTkxZGEtMGY5OTA5MzU2ZGY2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_hm=YzZiZGI2ODAtYTE0MC00ZmY2LTkxZGEtMGY5OTA5MzU2ZGY2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGJriivoBMAE&v=APEucNUVoi76mDDHo7QFi9cpSC19AGpTaKbBt7YyINgdNNH9iT3AdjA1pZ5TwaSiuHNtyFGqoqTivuqv73ddUDxxqsM-g3FAp0dwdxh0gKsHtvohmCRGh0E
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_hm=YzZiZGI2ODAtYTE0MC00ZmY2LTkxZGEtMGY5OTA5MzU2ZGY2
date
Sat, 18 Nov 2023 09:26:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 0E41
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGNX44yRl-Bn2F24BARhufI&google_cver=1&gdpr=0
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGNX44yRl-Bn2F24BARhufI&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGJriivoBMAE&v=APEucNUVoi76mDDHo7QFi9cpSC19AGpTaKbBt7YyINgdNNH9iT3AdjA1pZ5TwaSiuHNtyFGqoqTivuqv73ddUDxxqsM-g3FAp0dwdxh0gKsHtvohmCRGh0E
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGNX44yRl-Bn2F24BARhufI&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0E41
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjdjMzExNmMtMzgyYi02OTNmLTVhNGEtMWQxMWJiMDQ1MDA4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjdjMzExNmMtMzgyYi02OTNmLTVhNGEtMWQxMWJiMDQ1MDA4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGJriivoBMAE&v=APEucNUVoi76mDDHo7QFi9cpSC19AGpTaKbBt7YyINgdNNH9iT3AdjA1pZ5TwaSiuHNtyFGqoqTivuqv73ddUDxxqsM-g3FAp0dwdxh0gKsHtvohmCRGh0E
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 18 Nov 2023 09:26:32 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjdjMzExNmMtMzgyYi02OTNmLTVhNGEtMWQxMWJiMDQ1MDA4
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 1F4A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGNX44yRl-Bn2F24BARhufI&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGNX44yRl-Bn2F24BARhufI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiZyYjGATAB&v=APEucNXFQzo8fe-9aiSKUxQS03VldIi5qQKspew5UQfEQZDGBZD2reM7xQkZW47vZ5vdNabEdBOwH8fYWMkPGVuQbedIZnFIow
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGNX44yRl-Bn2F24BARhufI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1F4A
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjdjMzExNmMtMzgyYi02OTNmLTVhNGEtMWQxMWJiMDQ1MDA4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjdjMzExNmMtMzgyYi02OTNmLTVhNGEtMWQxMWJiMDQ1MDA4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiZyYjGATAB&v=APEucNXFQzo8fe-9aiSKUxQS03VldIi5qQKspew5UQfEQZDGBZD2reM7xQkZW47vZ5vdNabEdBOwH8fYWMkPGVuQbedIZnFIow
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 18 Nov 2023 09:26:32 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjdjMzExNmMtMzgyYi02OTNmLTVhNGEtMWQxMWJiMDQ1MDA4
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
um
sync.teads.tv/ Frame 1F4A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEOqBnbxCNY9tKTgQCqfAM-4&google_cver=1
23 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEOqBnbxCNY9tKTgQCqfAM-4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiZyYjGATAB&v=APEucNXFQzo8fe-9aiSKUxQS03VldIi5qQKspew5UQfEQZDGBZD2reM7xQkZW47vZ5vdNabEdBOwH8fYWMkPGVuQbedIZnFIow
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 18 Nov 2023 09:26:32 GMT
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEOqBnbxCNY9tKTgQCqfAM-4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1F4A
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NmU0MzM4ZjAtMzIzNi00ZjA1LWEyNTgtNTMwMDg3ZjUwNjIx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NmU0MzM4ZjAtMzIzNi00ZjA1LWEyNTgtNTMwMDg3ZjUwNjIx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiZyYjGATAB&v=APEucNXFQzo8fe-9aiSKUxQS03VldIi5qQKspew5UQfEQZDGBZD2reM7xQkZW47vZ5vdNabEdBOwH8fYWMkPGVuQbedIZnFIow
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
server
pekko-http/1.0.0
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NmU0MzM4ZjAtMzIzNi00ZjA1LWEyNTgtNTMwMDg3ZjUwNjIx
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Sat, 18 Nov 2023 09:26:32 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C9B3 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6459644328000&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C9B3 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6459644328000&version=m202309260101&ct=76&x=67&cor=12428669718799270000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame C9B3 		93 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BYoCwGoDXI7nK_uoWMomb5l8KdQz7kn3FygN9Sc5cWCfOoSuS3LXUVyU2i4RhZHhN94KuXcpjJqvdQ2DWE978vkOlLdIdZVrO3V1GWQ9ZtYrmpAhe86A_RuGR5t1Umw_FSoDTeIZBg3qsFMTxogDD2H8SgSU2GhS46Imv6SUNRN74ejuo&dbm_d=AKAmf-AzMRf3jztZomuV0sp8gJSL351mkkEN50T-ahzXb9NlAHDorLdJS3nEULDD_DyaH8AF2q8KtGHsdlqRZmPEyHFu0_d1ioqCu8ztYT_4hvnpup3Zqc80CgKgfjEik6eYqV3cl-M3mPDc2zTTB2C64wb34tqKM1UfYXeG0r6BpFvN6iEubMyQe3nCaRTPwdTB_yse5NpcJ4FzVy6YFb6Wfz7Ycx60AwDOU3w5akB8d87OECmKIcUB_K-JZaVTG5vRN8vfPCGskO4ZSsY1cVzHw4eCJGQ1AVoD77PM8170zCocEOyLjZCkLamRRXaspuHgnzMFadLrH4zJ0EhfDAZYIa2dXpesN2W9Xiye8FB3c_-Ar20pY7UswLfriXtpf1xGN8G5VFDh3AnYZhNPhYToMUQn-j3yJ9M3HbrX3kZpemKlEfz-ku0iL86crLaK_70nOGUkxXr9URr6TLHlexZjkZyFE4abGciUE1j1kpPQ-mTTBALa1cTmjgYA7cEmHGPkdfj9PVm3OQj1iLHkcWNyZKrnViXCWBwM8JEQU4Cd20_5NA2JVj9lBRm5XjD6Nnra_Soe2hrZRhd7BoH6wmeSfzcxKwJfA5sT1DTdFNBLCrJeegGSK42DHWQuh0nxoxKpJopOhOzYXzZdwA06hERl9ZfBeuQX2Xtkp36AbJXUzsFgHtCaZViTvlq7t6-9NrNEBmA8DhMlnALfYEGv76heZrObhw77m16xWIFL5e6_4N1N2r8DaaTIg4dV7dIyzqnFEkeAn6c4uCadi2l1txsQuC9Hh-AGq962jwSRdskY8wHJmvzhMNdhNsZ0WTiaJ1jChxjhPJUnR2QPHJ2w8FLRFIWBtAbTvKmdisa5beDZTVlSQcM7j8-PFaeCIpQvi8gcnBuKpNos0oJsm3DRboyLerw4WSvEWywPpbvQ3IdHoH1mSTQOxDye6XfQllj4coSbponebdDwg-sxzM55XO6Nt-0ykFwaEX7UNLE5jXT89qDsea0OEQHAtzj15q4oWuSHuJJP1SSS3PFvbsSHKMOfBT4M7XZYORYuAPn5ib02z1t8eaFgddtQuYMkc6OArWQR5gCjNA1RVs3yPwhV0daikWXljv_jLmRSu-J8FLUWL6Ihg6IkbW6ncPFnvzIfNCnFGubk0ijOYno928Jg0gjM83-uf6wYwULQc9jpKdVAarrniJm9TBYPN_K_O-wbYWBLvQtOOdLwsvjCdr_HxsECmPjv2HurOmzKw5qI6eZDaNi1w-t7NJoSTOWctHkHGaHPXL0qRwQEgSDo5dRDmnjWYOyUdhEiiar8Lu03cR6x1Z2bPSyK81rRTAjtuDqB4pZU4uXZSWDum7GewD9ITQfBmeivRNOze_cVz1jkCVWmiWcO5jRdTFcumvYL9WG768PLORqcsUqZdCjc7XswbpkpA5DAx0vhToFLLtftVhKZm7H7vCOPM_fepL5LqL6fJVFD-9BX3x56-tpx8TvX5Zi8N98vCSwSBfGhNmgmCH7uW9W9Gf0UEXuFRtB3cx8vJ1iIBOJFSEToCDEIU98HopPa4hsQLfWNRLH3DQp52253Nb0rO16T654_T8mVaxCLoLyescOCvRaEmHP6lyv70I9GbsrzBnZXj32XBYsJdFB204tlKeGEJYmWFvMof_noUQ_uPSmQ-A-FoImuuaptbDYyS7qUea0rwL8BygBJWXyZCxI3KJt7s7f5z4EDiYcbSKOtlW6nBTC96kLZZPAMfnrWk_QuKTDHcgo6aFflEi1pDG4c2EVLXiCoEFb2mNe06TB5o2HTlpOBPZ-WZzP5ilTOu0VN8ekVDtwCe_cna4SJXPxr7Rbcq_YDTFHwOQnZQq26SjqhJwTAF9wzjdI8o8it_c5_Fy7cuC50v-_ggwro_UrP0nP-L6FVv8ZpX4r6XVGzXvk7OKS3g0mRcIS20Ff5MLzb2t1D1NEeK_s0VwkiV1is8_3WekWX7Am1gZpXGMdzRMkixuMc7R9EeJEJ_mT1dDgMdJPl1af5vORGhafybthwYqoZfiR1Cp2nEqT2nXHimIm2cVYYgAaF9aIoJMtAnVNdpQltmmLVsXf_xA2gPQQBixvnR5OpTSeVEZaBHrl3tU9sXE5Xyd5Z6uM79h-IR-s4Wx1ZkWU336v42br35mNCPAxV8wpeYGn0x_-7NlyF3LPLTs5G114HbTx-9VrDJpzdhfuimFIqUtqrNd_8Chej4v-82Y5DWeKKbXYtJBK2NWcIQgEAcdt5a3S3-zTDNo47B3YBfwqydUZVIsXfsOTA8bsae8ojoQKxV398DqQLW8EBP5lfDPzzkmqLFyByx4Satw0s5U-4h6zV_eb24aL7hGNptwPo24tmGWqlChoJrWymXGi6A0pctHeP6Le-wBykLiUMGLgefTywt5csAIKaPYtMu9x9h7y-F0PYVr4EmS6oNDjrKtzpaCDDPcHhgxXnwitat9GVTRgegewUUxqU4gEkcFZs1FRpujL-5lLfKX6L-mXQ23PqtnBuk-Rev2Kcs7FF3a5JKE6BVpwyBAR1KhpD2PBr-FOwtOTrwhBsw2KOpqZuNXuKlmunXEFQaKBo1cxLueikBs2EoubqeuoLQFrp2Spr5w0lD7QaEozW_wq-AigSAWGazfekwccnSQBgR-anSFOCwilROeplkhH0GJhEZ5GEjd6OMVEP8OZoz0pTpZEf3KEudSb8D9rZXEJFJSJFBLyOA5Xsc_fzANrfbjbo1ni7D6AFOK5fv8-3G2FGCs51-fzMI_CSNfzsnSdQ2KzKVWCz_x-MJAhni5Z767xjrFbSa-k4hAm9xI1fNFhKz7C8W9_NliQHyrzaUbhRfKBRYoKKXzS3-T1eZUbMK94OgI-2MJBnqlFKmCnKwafXaoQ3HC0xm6yTpo8yBYJkMCgDiFDoVS-J6hBZvwu71fwL8ZVrKn62diq-fhg00tV5nzpd2kppqDHI4Y_lqTSCwDSFZuysOAc5ZzfUTPgapMZ_3urEOJITT7BHgyl5Y3NV23hHkmxaVwBMtKNJG4f0WdplJ5v2CwntTM3EqKv7JMItUceCG2XMp8Hn4RDLV0qXijC2aQk0uxJZR7STo1VLYsCAFEXwPG8TidM0DUZzywCT8Bg76EaLLmdBBQGPuG_UvKKPIOF9E8dVlBhQUj_BqAnDD4zAftLzyaecmVbDwPlWNmHQRR8GB_gqb6RNYescWK48CqaH58yllrzv3gQVQGXuIMlIUym1H1AhofcYHoPBOzIuA7tAbiNXadey1t1Zo6_1JzXDKAzySwtaoEI7Vtz_5NZJ_qoGlA9i5XaYRV9yAstVOHQto0CdWevXIFdwxNFWu1mzWJjysL6ogG8L-L7v6UJcx3BkFk8ihuVRt-BZftInYGfP7YBEaXVG_3vHdTg-TlL19mNEudrmA5WhYZ5LKGbiN1Fugx4t__l3QctvhX8NuqW7qkxX5RuF0MYxdbxU_7z3XHbusvx5FqxxC4lHrRFaDOmfiK6EXgDR4ZFljR88Sl8EWrvaYdej1Awqg2E4pCDy8cjgmMi0kbGcRDPN9Q20EFmTgyC7MOWKaUs3r06BnG3m4dJzy5Xbae3HxQraS0Vo3aRfdX-W9IMbFyd_dYM0lBXw7WyESTRD0kIXlb8W3NrQ7HZKirNbEAkaBEsm1-INR-xvIkotT1jB-YBsC9HoO1FhliMc2vA7--cxiEo2C8KYYOvaZT0PoxSvh79vCWth66vkTTzP7zseRaKkbUZBXJbG9KmHVj-M-MVD7cBiefzntloPM9AuukY85JHduoHxh_62K8jDJr5ZRE0KFg&pr=67%3A0.136704&cid=CAQSMgDICaaN07heGbJbLSj5plVrDH3SxNE6oH0d-QpeusHgVD3YkM3NHtTRuPIzzBYxdRh7GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Ffolkd.com%2F&ds=l&xdt=1&iif=1&cor=12428669718799270000&adk=2848196536&idt=329&cac=0&dtd=4
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
a5abe8089bdb91d82085c366c3de689cfc28c55926c0e87890bf631dd91d42af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39732
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
kinesis.us-east-1.amazonaws.com/ Frame B063 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
a147a96bdbacfb14e6f26165ecac2bb4ab9931ebbe1f7bb9d0dee972f3d70faa

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=091b0aab0680673524287070404573d48ecad5ee08fef789df0e39b9c917891b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
0f63e01647bf6d5ebbe4005ed7ab66c0755670a59323e2ac2a7b4f15636d3bea
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092632Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:32 GMT
x-amzn-RequestId
df86c09d-7597-307a-8254-4515a5ac0f19
Content-Length
133
x-amz-id-2
EIQ5+uXbriXK+pWnp81dvxAzWu337B2agrw5NZ4ByApXxfwfkyn/mmLJZLds7SKQRqgWgdHxar3L3lLLovWZIe5GMBlnAWZ/
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:32 GMT
x-amzn-RequestId
c56a7d5e-d881-c7db-98b8-f8d608baf8b8
rid
matchadsrvr.yieldmo.com/track/ Frame C9B3 		49 B
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:33 GMT
via
1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
last-modified
Mon, 08 May 2023 12:52:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"674119d7f4205900ae84d7ee55ced021"
vary
Origin
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
x-cache
Error from cloudfront
access-control-allow-credentials
true
content-length
49
x-amz-cf-id
3VW-V2kfJ4nKzft6bJpiqYH8wAI4PTW4AxmydCBpC-C7L7ZZqFrg2g==
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:32 GMT
x-amzn-RequestId
d413e1c7-0d01-83e9-89c1-644f809244b6
/
kinesis.us-east-1.amazonaws.com/ Frame C9B3 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
31ff461e2c4e5ccfbe47646d347d16534653bf97f27d77cec25d7a01c69e03e1

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=ce7f7941715534bc31cdde76f63e40f72bab6ba1693f331784b56e83361ce624
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
4943ea6d020f7faba5a846e85d68203f3f3d811754b123bc3c80fdc1c4b3f5b8
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092632Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:32 GMT
x-amzn-RequestId
f5a45cc9-8e15-d438-a876-d94158367a93
Content-Length
133
x-amz-id-2
hrsTO0emw+0lPe92dzU3XU0qgJ8scMOPYphQ76unLjwy/dMswVKiDqQ3xYq2xD+3ssS05JSpjwAw3ugerH8ub4s1zSL/zWpD
Content-Type
application/x-amz-json-1.1
ymcas
ads.yieldmo.com/ Frame 25B9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
date
Sat, 18 Nov 2023 09:26:32 GMT
pragma
no-cache
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:32 GMT
x-amzn-RequestId
c1674646-79ac-0e8f-9cb5-c3ce6c7ae184
/
kinesis.us-east-1.amazonaws.com/ Frame C9B3 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
b1f161759ee7e4cbf96a778543d7dd0bbfff7714f6ce413e60b18d16bc407181

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=0928aa12acd239ccca5d8080672fd5125430d5e92c46d499417c2c49116cde44
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
625bb6b8cbc4a653b3aef3dab6af49c950c38aaede5b4edcb791c4743f1b0e0b
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092632Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:32 GMT
x-amzn-RequestId
c1ab70a1-3b0b-6596-9c79-f529e163b4bc
Content-Length
133
x-amz-id-2
HCqWHYDPiHvquXc42cfCAn9Q3dy3BUCa8AH/GZgRE8TJCHSfqfjiQhVNiTn3G1BAb0NrW2zHBaO1uTyDO4rHAXskrCTqICov
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame C9B3 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=0&fver=90&imp=457930348028165939&plid=2521236318193655889&pvid=3409479159567851862&fmtid=90&e=16&offsetX=0&offsetY=0&pvt=1700299588350&stime=1700299592417&etime=1700299592417&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=90%2C728
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
/
kinesis.us-east-1.amazonaws.com/ Frame FD3A 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
53997c9f85e994b7f2c9d877724d7c3146215b2a71bca991dc9c9e80617ce4ad

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=4cd67dd5a4b7ab16ecbc21e2169ea2c7508b9d7da17d0e0e978f63c4a7fce399
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
857ea2f047a2b19cd3ebc3261194e6132d2356c2f301ce76ff5b5a0cd42e284d
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092632Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:32 GMT
x-amzn-RequestId
e3678f1f-e128-4b4e-beb5-0a976cbb8c11
Content-Length
133
x-amz-id-2
5kwLD55Uib+SD29GlF0XWOqjEuR7VYxbgbF9i0sn9/rhjG8qcYVljOFh78c5LuS1QLEoPcuxxtCsqnfJ7OX25DyHnBCz65TY
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:32 GMT
x-amzn-RequestId
ffe7d97d-8194-2acc-a235-5cf55bfcfbe6
/
kinesis.us-east-1.amazonaws.com/ Frame DEB4 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
8d78cd221109dc7d9d47e6da003ae19ddbe16eec1b920aa89d14315ffce597da

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=da9f1bc15506d35e7ab8a81678c7b5328776e05cf99d84a0892e42961c75a3cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
3c62e881a52d170743b0e3d80c411fa6e0694bceeedcde69245d406c9c27eacd
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092632Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:32 GMT
x-amzn-RequestId
ecd24f29-2f11-00ae-b100-caa1ff2a3fcd
Content-Length
133
x-amz-id-2
hiMgjt7zipCLsISA6DcV8LzjnBR7BguaAcNgWEz76U8oR7IoXEU+xJBLKTRLLjGAwcpSYgvODYn1nC5m9lSsTj+VuCVt4KN0
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:32 GMT
x-amzn-RequestId
ecd583a4-e344-5279-b107-062c3567fcd2
container.html
fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AFD5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.193 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 09:26:26 GMT
expires
Sun, 17 Nov 2024 09:26:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
kinesis.us-east-1.amazonaws.com/ Frame F7F0 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
3d3bbcce6345215d799c1e611f7eb94807ec546399b323776989a2757ce4f311

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=e75f7a0a4ed4065024b372617bb8bb27ff6795ca290c9cc828c5f1c3cfb17aae
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
1f8ef716f67cbe1fc184a781e8f9f66e3646bcbb66469758d33ee9841c11aa0b
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092632Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:32 GMT
x-amzn-RequestId
f75ed016-79da-2ec3-aa8c-559e6c0cc1c8
Content-Length
133
x-amz-id-2
1A/4QJFqypTHqdf5sO743gBo0dXuKapAp5/7ikt9JRr5qalvmF9/DipEttydrM0oPg+mQnbXN1vSRAoWzx59zS/XZp6P/uaS
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:32 GMT
x-amzn-RequestId
e66ada47-6436-5785-bbb8-5fcfe9a590da
/
track.adform.net/adfserve/ Frame B063 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=67903448;rtbwp=806C8143FF24DF89;rtbdata=qv9ejJzjOeY0mZ6kelq-8rCsK4l_2OrbyrWNLVyijSev9q7VT4QsEn8WJY_TAOcRKottOvZdx2gcEiFQAXk0L81D5ldv-icmD7TriWI_HNKXcAwlMqKl9b_M7cVgQJceqq8HGtFeB_QK6FpHMkg1aJ9nofLwBviHe9hsTx5gWIzfHjlKoWIM7bxm-9bbr7k1GEbEH4l0xcnxR4cnqKPElcgoE-BgNjqVlLBmWJ6IOjRftqkaem0r5Z9rX14qzbssOf6xLZNG6FPuXFK4uqwgo614bYjQ2y0BC9fw_n_QWtVctNMQfXi_9jaQopJ01OkwOuaDf_o-wm4gKQoJeufOeKIGF5b3gnf93_xcUB520rDSSFdHB1pKgTnba820HxKTWPwCPzq_Z3WKpjMRdn3So8N4iOtIBxgX0;;oobclicktrack=https%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv3%2ft%2ffra2%2f0%2f7ee0698c-2b2f-4da7-a2ce-3841c102f763%2f;js=1;adfxid=1x;10078;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Ffolkd.com
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c7df1c0cea976db6673466cea716d877c872a26baa32b9d3803f2368ab4d40d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2664
expires
-1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:32 GMT
x-amzn-RequestId
d9bc4ac7-5357-7c4c-846e-cf4f46819347
/
kinesis.us-east-1.amazonaws.com/ Frame 6063 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
8f1412b596f1427cda3da117b1e97398b69f0ca969a9e953c9b174b4e76132b8

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=9c1d2e41fa4290acafca9fe5dd2f82ad17af86866d66f151898f74922d2ce6ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
12b90d6f9f6299ff87a4ed2d0d74847dec399e936628a3fd28b25c40fb5ea9a1
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092632Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:32 GMT
x-amzn-RequestId
d8c26dd3-7173-5f8b-8510-e85b014d4f01
Content-Length
133
x-amz-id-2
zr72jpMQ5esZMpWSXXlmgXStyXA93ZEsC5QWao0TLDZ/D9AA1pos3RN6a1cS7IO5VwqtbrLISlsr6O8Q1tza1ZFjX2L11tOI
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:32 GMT
x-amzn-RequestId
c5aa66c5-dd3b-a88c-9878-e34dad05b806
/
kinesis.us-east-1.amazonaws.com/ Frame B063 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
59f08142a11e8c95a3410d3e2eb278ccfbb96522658fd1e51b6e5109f1adf536

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=26a947ec7175c3c6653efe666dea97b5fb918521b41a129955457adbe8247cd5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
907161a90e4dac847d387d3a67c9b9cb91884acd829d7bf69115bf4f6f402bed
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092632Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:32 GMT
x-amzn-RequestId
c97c214a-ec80-32aa-94ae-a4c23aa39c01
Content-Length
133
x-amz-id-2
jMJbN5cYyTI67igvRmuidBcD9HtonMRao6qofI/78x0/VTGnlqZoMVnumttc4/jSjGwB0b0uffK5gkUulcUsgrTRqFyzRttn
Content-Type
application/x-amz-json-1.1
gen_204
pagead2.googlesyndication.com/pagead/ Frame C48E 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9619042708276&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C48E 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9619042708276&version=m202309260101&ct=77&x=1&cor=1507710450055740000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame C48E 		20 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DZcmLILlshvWH4NO5vDcnplslBBR35DzXGN9f3O_O7_X9_2mr7tC38T_j1oe2OrA5-Phs9vIKhgxlKl8-mbrNSznHubJ3XIPVi6Aoq_PxZ2cqhK0pEF53G2ZrjeSYJQvtq9Ml82-gQ7dJAd2IkSeeGqUDr3GCeVnnSVVWVNlgXWIPIYG8&cry=1&dbm_d=AKAmf-AP_TLsNjXEIzsENtTFTh9_oE48CSO8zkd0mY3pDfmWmNbd0os6wMmBC19lxeZEAQKWcNOWeVoHI9XC363ub_Wr-sZgs0CPTGFj4I8GPZ7nOIsyMzGpvhKZT14GaCJ6sCjhYPJ2tciXOZZa00D3a7RUwc8VxAbnLQDGsYfG72e2ip_6OvouEryP-1DeImDPXm4ZSbqLmm51xiOPH0MIoNNuZK5V18eanrugv701lHtXGNGV1Gei67EAGu1uVKnoA2Q3lCtSRwOTvr9L1-MJFvjwxNEONaVVR81gPR5EFKW1N_aUdhCx8OBtwM6yXgAW5q2YAp1lgtJzAqriU28fNYWJoGGzaSqy73-d4aB7-IC0l32ZreCPMwHPXQzEj6DC6HP51nn5mDF6l2Oo94evqIDmpqKrvUeZHZgsAiUmtW_gZNhXcjohnID6bX4Zh_e_sC1sMeM8Hss9_ZM3zpar6WTIBMUcFguvsUeAJe6t7yhHk61YHSJB4awguNYRWnC5tRoWIE7FHA_fV7INUv5RXNQKAFGIX2y8-QPR1qz7f9dHmdzgKZRr3uNmniFE1_mkw6NbTwo3cjI-bnOxPyXWjPCZ_CXoVeg0rFVirynqZCfJDMBgMutLc89qSFoKj1rXWMFmxroTGMgjXqN6FFuWY6EQ08wPumddjwcNTpPjVPLDHfCiAyLyp-KR7qQpGjtFwK_CAry68cHHeQjK886o5mZOn8sUT2gPD8CEAMmxlaRTPKIldDEzc3a9w5oE1hRB4i0j42VP29T-eGFuy9hBpmTcUlQ1wkdABo2BR81JzLFfPUtemZ8G6zrC74dU3mV5tCHVRlkj5vmoIsofEcjMKa_4KiqaVaW7MKZxFrR6KlcufELL1yqT2nkvdBpIj0MzCD7tR3Db2ShXYR3j5JjBhWdCUn3j2zpRMQ2QFwh_PYpD5lByjMKpTm5BLDP_gdlwW_7N5Z5sVEDNuVyH0K5jTdjEPDOoOcc1adIGevvHMnmBoAThYIeNg916FBXfyBsvz_4QfpiNSzz8mvb_5Qa-p1zTpO2FRnM7Fn2TUeGULYqtnzmIGGI8dXTkXvLHllYinpLzRTD6D0lVWQvHlCanwWBExeyyC0dHC1lssK4CnHY-VHdksDdFTxgZDa02_2_ea96h4d2I44BSif5zFBCQBv1GaaURiJKe6cPNLMgacKtUhudHlzf4m6RbQz7OV6Q-vIw_z7tYI8gHVMsBEm7LSQ_UHWCxKHsjGNbUDXdKowDaWzKZ1oz5DHQPp_kqvvrh1Tzlzq0dbT6_3koNC2fzEJTZYfoUHdOvFuL4P-EUT3kM4uqs_5RQsBB_X6uAv9jJfKZVEIrjioVruKzWc1XWRHhZX1i80Dit9HD9QdZuhWb-HDOo3SxLfOy2BkEXB6BR_NT2GHqDOPeqz48gYxr7Rj9r-eaMYMlVI8xn70j-TGZsDJvrbN22vsuViGJBwbADuefnD6rwAbGfeyo2gvmQJLT81GmGZa43F6dhvcCsWTHkE-qgK5EP_JE5aktlqmph-g2-K0h8X0ewielSNxmiSAEY8eFh-COn5L1a6H85sBUXdaLnYhOwIgQadIcV_ARzL_5wOtGmdTpBaEg4rnFY3IP7eb4j5uVIFSuHdT1Q2W6EwiHwGe4uTF4Xz-LunbNN9zgJgKMLvZX3Q0O_0sLtaWaJ9RrAbRQ5SM7DNtZY0QSa_mRqplaG-ixyXid9KIiXw1p7UTFm-vy_gprxveF30q3lHOXKr5sWZ3adPL2yN2S1FIQTG5X5nzsvbhThBqukVaYUKlCx2mrqLrHdEnJ6bRHjgMmoi55OU7Enf6Nz_cLKP2On_xzUTP5-mkT4g2G49nQjlr3XunUhmKeXsWmcnSD5tsLDc_sEqp6E7KqECSTwfGTdOlxaHNHuVfUyFjuhmRTkSTJ12RTawSlPtiuMmv55CTKyHUkMzbfvLqqHLSNqMUxmquda-t0hOy7Hd5UiR86Da7NiIQ0O5MY0_0Gi82_t_3-SaiK8GpyiXWI1EowK8QmCj2SMFZemSZwchFLl8YHWESisHYVSzrD__SRUkEBDiAJYPrLUBeqoNBwBTAbAVZLjsPFRqn6QxC5zNAdHoHvwRdnwqOYtCi-tZrS_ODlV3_aeRIooJLl69lfU0IFtTW9or0yh5aJpeFh9rguqoLLSXebjrTJA8auLJEeklDPvqQzpy2ujkLE7tWIQLLdVP3m-ys65TuZlq0IaKjV8b2FspKNZH2ccSpr0tWxhukoHTYTnMTI2BQYiO1tdPilQ8XX4r1eL4OEyOnP_rWHf4EWFauERGW0JbkObiPbNscX61WYRz3jvmGF7c4LEAeLb2lSDIXWzpQxfb17ncHWbZHEYIjTXlG7U7XdO38nVl1cXIOCmpPLaDrwEhLbu8YzUEbq4PYOXBdLWEwk_3tHpV4n1pQvbLVUuT7zuhnldNW-RMmB-4UNxfQqgBXUyPPKo_37cPhHY089nGLdmIK5cSuZU59S0YpXDZkpy9XIlDH156kUW6dfv2PNVUtdjlImjzJnXWm5f8UvUfk-xBShEvtUfYt420Yt35_A76-B-a7cO2dBOi55ExpeIONwpEG4kmS2U5eE8crcKMUyR5tQ8XmpVXwqYCu5mUvtrR-mDQEYcBB6anOSb_o2kW3LmsF16LSrQEcWXEeYH7Y94OTGRkDmkhnW9Qy9uR4fH93veBWz0YgV1VuS0Hg7Uld7OTUateD9p2IYLCZ4V4ZI2q1dFC4sGRKMlZ0p1_acB-GgZ1mxb95L0RslqX628s8XGayWv0wZdi-HQKQbcA0XRalQsFMu1AcaE8LkYubSBgXI8JA1GUEnr7pFxLYpn8rxyliMTc09lun1FCkbUM7JF030wqAjexpZ-pEm3PLAjAz1j4tProR17iRa6TRagVzq2Bb7QijTFwEdsxRYBr5_V7bJNd2TO4USHCVzhC6ec6Wr6TDx9yxTz9EVfmou_PSNRZP_M6229rloHFxbPY0-EJ9Phiyv1r2LKdiYdbmzXr7SIU5RPrCuB49hSdW5W0IwVMNssyQmnxzFjndx60TvYT6_T1-8P74JYcle_sh5A0BSj_gLVF5tLSr4pBbRjZWsT6WrfY2qYgesqop4lqFAPNVcEhWSteaUR4q5mbwrP17RAR8fQ8US7Mb48ev-ePY3wMuHdceOMULLpy-EAZHPy0590kQwAyVExT5Ft3tmS3rgCwsBwtao8bSlRIzm9KEr1R7e_-E21MbE0Mp1qGFd8WyeVy4senp8iXR_LK2x4_Ks9pJm0EBm9ofKczKZDTC6_8BNUYsJ05EcYZisgrzgZCMiuvq46z-piHFTqSfTrWpQhi99qeO2O9q6Agc5pQdj66H1n8dYi9Pk7x56wsLfAkJyZiAhkS0QsVC-M6C2td4slQSf17wb9T5YVZClK_5vEEwW1oOdqNK25Qk5feJsrPutYN95qEUtRDqVR7VZSympiZ8p4_-GuQBl9BzIVg6YI7vavlDayQhAkkNU-XDdsWDlXu3iwgzLy_efBpS9Tu0dTEXTClC3GfDdJU5v3YXXKvkioh7t2M_Ba2mX5meRFJLAluWnyzutkLpmskeqHE-ZaKMGuCZr4aB6RXfvnjOZHQXZ1A9b7wjSDP_sWXLOHv9hJ7UrqJPNxDL0SItum4D3rXTUQkx9Bk8jJG3ggNU2GxpwPU0WqKlHtXAkw31NtaA_lL3bbltv2FDrumRm5u4_n7eNIWIUPFFl06zE205ieBWP6sWjhkjrbFGkHUAmMYnXbRjLdQXnCzG2P0pJzJaoJAKUY5rXZiWhEUvY12plurHyZdNPOos6aLQmM6Kb35peNHNwKxSmIXb5rd-FQI2pYnsoEYZAziPWJYNk30ox0C_p6UD06PMd6D5TUpLF66iFiina5JtPd&cid=CAQSPADICaaNMECdQHpAockj_sfYtw8J7O7o1wx6eYwkfbTkTNdhIC1OYdLfDCKeNe_W-tTB84KposwLBfg7vxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Ffolkd.com%2F&ds=l&xdt=1&iif=1&cor=1507710450055740000&adk=4188270525&idt=121&cac=0&dtd=5
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
f2556e71b6d8647337da7d3841b8b6a137eda68e509e8e41c8761474c167404e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13998
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame FD3A 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 05:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13343
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 Nov 2023 05:44:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame FD3A 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:12:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
62029
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 16:12:43 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame FD3A 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:03:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
62566
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11874
x-xss-protection
0
server
cafe
etag
3876053170955424897
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 16:03:46 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame FD3A 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:54:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
37942
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 22:54:10 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame F7F0 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 05:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13343
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 Nov 2023 05:44:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame F7F0 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:12:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
62030
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 16:12:43 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame F7F0 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:03:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
62567
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11874
x-xss-protection
0
server
cafe
etag
3876053170955424897
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 16:03:46 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame F7F0 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:54:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
37943
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 22:54:10 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6391 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6858108197445&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6391 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6858108197445&version=m202309260101&ct=76&x=67&cor=5306489620349902000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 6391 		93 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DsdutEAVbBrcPvbTEI9vaGc6_waSIZyC5t5qpb_mJnsIYUTHN1HgVkZ7n-35CCdoCOh33C6K4-3c4W55w0wDrVqBEiH2n1xW6FzZal_p8SjKiPUgq3j-NYpCyr2vyxWQ6PdBVZn1FQMlhj8KatnGY04tUC-0Q-tt7obHon29ItideBt_I&dbm_d=AKAmf-BKCdCMcJ55ti6KF9riy24P3KZfdnAKTA7xPsZhgU0DZIp-UQMVa5Py8jeift5OhEj9QeQcEQg5K4hr42AZePnFgaRdGxCyne1vmLSzzl99sju756ftv29nh9lJo9N0kC3HpXjY6O1Ow6_1TSp0fenmiW_GGwvFnT1XyxR6mXFleGy0G46FU907fE-YADYXkAR7kI_EkELjUM5AUxEfqt82WhzFBpb-qkjGZgMrT1KcC2tnEyk_onbvHfx3FILaN016BMHksgWpJGgL2FUvDYC6VrIffaMFVlY_Uvh0ndsZZJV6lOpzfCz0bygKcFA3dELvH64nxwo3hRYTBjPsbvI2Kh7nZmK4Xw2_HPFXRi43DxT7nyafTmrQkYCKD9dVbGsDhDHDJljUXw5NigADJMkQkeH9z6mIl960d24ZLQPzTPygRm57GwS2l24E5XMdiPbP446EKv91rRqWbDnOqdeWR3JCr7YdomEcHNqd-dCvpJNTRGnhjZelAjFjXACcOMF9NWwwWgfg7wiUKwiR3Xs_xtd9J_griri6h-tjFwyb7eWrSEsIwMxMIRowKdncaAmZr0tmhMd-MYvuRYJZH4BfO6y5cThEvYZCX4ActtZvzDSUcu_pBvC2tKXbezQIDyAQR0IV2mjk2rQYaGJ39eZL7w8_husy0_Tv-057cgZCq3qroDGEkM45ufXaTPi26Joy9BqZPl5PqNLqlfzw0WU6WDtl-dtOayBWd4ybVP7Jj3VskKObBP8sa89hf-8dnJoKeCv4hYnOhucxckvX6nkuON8wT2wCFdy0JnXNiB3nu5lnzkib6Wn8-Wgcxn8-sayOJ1ApdoSPYz9i2z_4Ra6P-sxssjy9WRYWwb71J-v02iaHJDP_TnaSMfPdPo143nuFkZWda6480P6VpljI1A7CYZAuQ4K62LXkr6nCIkbVPRCu9qLoZY_NZxgaU5wJ5AlDCqAkYT-NYSYJbir296ae76zY7pBwO_UPuWN60jLTIquKAwCHV0offs19oh4wZHSoE9mQGHIyk-SA75JoTdUyshSSs4-b7NImjxjJrA26ULCF0twjHbE8OfEwuT1OFZsS-ps1KMCw8cpqpP3AykluPMCoD2KkfN8JbLn_zajkLJM3dJC9EvB0DsFPlKzpSR6DVT4ANPHXhYJlzCiDG8cSfz6xB9roCDQ8G8McxSePjLPXM9aCMhtncn6dP6Yc24qFuKmE1xgvIVqNKZqD04R9GvnZefc8twgwCleJnbyBPeG3kUiExkMtjrM6BHNq5R_TLaxR9zAnM2jvAd7VFn7QXyqylY-fPNHYCDwPrw9NU4VVKoU2Jk5vaV3iSOXLH1Aw6l1IdQ-g0NL1kIReGMh2JPchFSo7C_Qhher9BrRQF3puIFXaXnbWXQXE7QX2_L8jc85e75ULQHv2pt8ngcPLseLxQ58-4U3O0F1XpxlREDD_hLuJRs4LagnEkm9GS9WgQkPue6o3ntDZC2ctNtkT3ENy4qgSPSxHokhYsZbZ4VOJhvPe6TQ0PXVJi8xLt4y1TehKGevMJCmEyHUpXvDn150nFEVrt79ooU2P5TbT6zttbkP4iu9god5NCCh7cmCcgREhh-sE96tZ0cGj-Mg2QItpYiDsR8zFlSxRTgHD8wvQzyZ2sn0Iz3wO8tFj7UNz96o5qYvzoxE8Qb87sK78J_J73KAbeJv61CWfg3GuJbH0F_yLg08KEATv7J_f2u3GCkO7ovx43H7kWOjHY1-oJRBVXiM-8Sfs0esbaLUaV1m5ikO1OHCThultRuBBrCC722JMFJFgMMUeHsWYy_oBtTtH1RMYjQPMlvZ5DEEgQOZ7haJYiSVOD9Lnu8L4XynNanagCO8fdAekP1s_sJgxtp8K1ixQs_G_ODErob-77F56yziJWFHlTe1EWuAeHVv5ddYZno5_HykkDlX4BpLTtHsBLJsn3SOaE1rNwvMUxkKbI8HO9PYfJLjc23WvqYNkViwebJx8iXC4CzkEJ8mhsOUqxfVAc15-nmhy7jEs3BeBFR79WAdOVWunTYM402S8QoZ_Ajls3kELZp8AjYTTe5EpvfpurqAZ5NCNenW-xEpJejz3mHiPl6su885l3uIt7UGNNMUomTS_qdGMO0JUQwp_IbI9HoIRre8OpOR03kloQdk_Yq4Vz1DiZfFs1bdPv_Rmssyya7xeT9PdjgYYqUNqituicRRkgdHVqqSOl-fSXNESCI3x2nai8exJioR7FbIQqWb65QM_jRcKdiDh7SejdrgX4WeTN55QRk5llNxZlrXOdcw8l2cTXqCQPcLUjF8hNJ5FcqcZeI1WTgBnpEZwghcL410_P0iaJejfGHyGdZrSudZ4Amq8v5q_M5ZLExS5GiSTmb2ex3-GzIOKNd8eDRZhxBrONHJvKJCK3Qjvync2osLmk3TMiwE3dwkWANqgfNU93rApZ0CtK7KTItbvviUHUmJcKfD2vUgdjKnWKGUjHuyK-sOOxDeaLeliV2vviIlH5B_lh7kds9Ub8NAjJA6BP2sXJ0sR_SDHQ9taflrjhkLaDHD9NXMXAL_Uk1LCDur8nrnCj5xIBc8uBMcnvIPxQ04V893P9lmHoz9LDcoEwzk84MGpY3GpNP3COsndFveJtS8LuCNibR1dofIMkvTRAz8Av-Dgaqco3UxN62klK9QwIBTJPVK2vJ2OATvhn4zKggYYzBXctS_yToMykhnTH8Q7YQFbUnzVAIPfE7zY6_FcBnhDhzYAG0lNUzRfFTSj9XfX7SS3vMB-tbcbOalWtG0HrGtppOErq5p18HqcuN3P5GxstcmFYFxjC9B1XxurkO0tJ3BEfxO_mmFRRuEd9IU7-7RZZu5x0uulMfwR6ajzENmwaNYQwNn0VPeY_iwj9FPqxMzO0n_ZgIFynETIQ0V8iOc67eN0dCiKkhLCi_SQsARDov_dpnHQ977uRfkV7AhAC0L1-sh8APjDbCLDrdMYVkaZfObcGBtP4mdXeL_FAltbXzA-Q-ZK76FG-zwOYfc5o3d7PtJGrc7TiCMY2j2AdUecAPTKxH2h9Mssj2m-uHLbdibjVBrXlO5w_stXn5Ix1bPN_tMjfI4suehSAR6yPm1xref-CD_PITFH36B9gbbVTVzgBt4SO88lbWFLH5VoDl_5QIeyzXl_U5N1qxCVSN7YOHuRoW7Nqv3Rvu5F9Hb7_pOjb4AIEgVdpZsPw2BTnnAN0MlAthxs7izeLUNlbypSrsKYUYWeCkc9QSDVNrTNKeoPQExBkjlrm2H0FJMACwhOYlG8ENiQBFl1B7tMBXNMOMfzwRzXKWFqfcNywPw6I_Yf5uAx0z-9ek6Fu2EW1JALw_M_j9z7GUQsu-oaAGQTvqSRawSUN--O09N3_FAjzxndOMEDmVmAqd41QqFtdYvANDE1uD8L_399M3BqsSz2LvhDrve9m1HOgeXqHIrcx-F2Hc2E7xJhATad97dqXru7vZdR2Nkrme5yHC_I4TRkdBE1KLkYAX4_D6pltN4JWs0n3RynN69pT9ooKRKPjak9U9K38mrcj9s_dMCcIyxtu_VTdVCLmTb3TemSb70QXrfuNVi6JP7oZmNgz5gBgLj5LUqQ6lrvXj0TnkRi421ljiEdDsb7AMyLEYUSQ9NP30CQ6jrGHXTPQmYR8qggVZMaTLUOd9IYmJTi7oZKBQVQnTZeJHNn5cJ_Tzn98jVGb_xdvsu00PJaJzUrET8acg5G9_hVF_6_aZ8066n5uo0KqY1iX4kn1UbXdIr0w4If-PLErbAQPkYRwH_McgBs00P6EVNe7tMCdA&pr=67%3A0.136704&cid=CAQSMgDICaaNEzYU7uD6H2qrHLaPiD0n3chvnOdt1Zjq6X0n2YsLQ7JsyZtwoZJRPnl6dx7gGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Ffolkd.com%2F&ds=l&xdt=1&iif=1&cor=5306489620349902000&adk=2302376536&idt=245&cac=0&dtd=4
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
1fc2252c5da3649f63a8e90116a19c1c634e6c2215317095d63b49b524a4d73f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39830
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame C9B3 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 05:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13343
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 Nov 2023 05:44:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame C9B3 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:12:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
62030
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 16:12:43 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame C9B3 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:03:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
62567
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11874
x-xss-protection
0
server
cafe
etag
3876053170955424897
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 16:03:46 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame C9B3 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:54:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
37943
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 22:54:10 GMT
rid
matchadsrvr.yieldmo.com/track/ Frame 6391 		49 B
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:33 GMT
via
1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
last-modified
Mon, 08 May 2023 12:52:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
1
etag
"674119d7f4205900ae84d7ee55ced021"
vary
Origin
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
x-cache
Error from cloudfront
access-control-allow-credentials
true
content-length
49
x-amz-cf-id
nKzOAHcqCMJjLpVMonRc6fYeXwZxJ_5WSSNLRRq9EnN2dp30uK180g==
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:33 GMT
x-amzn-RequestId
f6b8a859-98e2-5697-ab6a-2dd04ec1f83c
/
kinesis.us-east-1.amazonaws.com/ Frame 6391 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
97d540b74750a8d5afe4ad131efa7bf7fbbce86f8bc8fc02a169c540732763da

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=0042b0bcb4540bd0caad6e41a506a7ac5ce6ff4aa4c7a166587d037768bdf913
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
23cbe56a63e9af775e9405477d56ee1ce13e395c724b27d60e45ea9b5b34d976
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092633Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:33 GMT
x-amzn-RequestId
e5a09ce6-9374-e9be-b872-196f45574715
Content-Length
133
x-amz-id-2
bq7AOWZJjsCWcNePYEpvUY20o/Hz3UGAioj8cEOL/vWnbFD29cJP8Z+sPtrqI1GKnl64sUfs8l8/wNcZLVgGPqZEZvMCYtlR
Content-Type
application/x-amz-json-1.1
ymcas
ads.yieldmo.com/ Frame 99D5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
date
Sat, 18 Nov 2023 09:26:33 GMT
pragma
no-cache
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:33 GMT
x-amzn-RequestId
d439abe0-3589-7d1a-89eb-2e6945b76d90
/
kinesis.us-east-1.amazonaws.com/ Frame 6391 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
0d577c4e3322bde16705cadba354e3ed55b73d42522801c8f510d6a175f7c2c6

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=fe9b9e8da902a67fe6f6308fafbf4edac053b898c9b132395b99918e6a1eab55
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
c9ebacc508017bc99aca6b291c33dbc642e418cd333e488eb0e1707d817d21eb
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092633Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:33 GMT
x-amzn-RequestId
d3c9a816-8aae-662a-8e1b-2d9ffa9076a0
Content-Length
133
x-amz-id-2
+6GqlCtdFJQn7t2JhClxpzGrUPkGGhj81Y7Xy2NXodC0qLSXVgfQAw2Hk7WQP5QK84NkcbT+KtclGppBQs5zurJyenT/KdxQ
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame 6391 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=0&fver=90&imp=5806630140544576432&plid=2521236318193655889&pvid=3409479159727219652&fmtid=90&e=16&offsetX=0&offsetY=0&pvt=1700299588369&stime=1700299593169&etime=1700299593169&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=90%2C728
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:33 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
/
kinesis.us-east-1.amazonaws.com/ Frame C9B3 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
bc187ff58c2db6d1da1c1d9f539a9e83500aba09af5b784ce33d08a43fc52147

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=ac07d02365bf4f915f2fa0331c86c8e785764419a0383b36e75729064f0efc35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
abd69bb5c27fcc282463213f8c4dfc14bbe6e1a638a8c18a0a89c330a0f6f78e
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092633Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:33 GMT
x-amzn-RequestId
c16465c6-7863-5dba-9cb6-e04f6db5b2b1
Content-Length
133
x-amz-id-2
/GXyNBJM2YCuof2qNGSb/B22ueaC9FQCfG9eyicgC2R6ToJIjrlrtZsDnDTDAQnC3kgex/BtMSdtH3KxaxsoqNAOYFfOMqeG
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:33 GMT
x-amzn-RequestId
c1ce6edb-f5f1-2042-9c1c-eb52e027cf49
gen_204
pagead2.googlesyndication.com/pagead/ Frame A740 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6769459255102&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A740 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6769459255102&version=m202309260101&ct=76&x=8&cor=11716939986703930000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame A740 		93 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-APNyZwIQBiw8nhNXpifqjqY9x8qbXibD0gUcX9ZVq95C_kta3-AewywNov1eDXKaDlr1EULG45sdex6cd_u2C3If2x_GpERRVw31VRe5hGXq7KESKg5GVsGItOb7nK7Q0O-s3EzuOs95QqP_DRZHbG586RNKYZQ7YMV_aamFmHBGlUFec&dbm_d=AKAmf-ANNvmAwaid8Ll12ZuvnNOloh1nzWjkqG3Hw4WN1-K0f-8XzZeNOH2GGjxmaN8XVwoEuxQeVYTQ1Xz5dHlgYbJi1HV3l_qAPzje3zYN33txSryebBEj7jmxYoYzKjavzB7uwPgIo7WArhK03FPil2bRR4eJkbWzCVXIt5kceV5ozyRBk1MfHG4x8qZOumn6sxTDzQEZ7Q8Z9v4ZghW8Yza_tFu8uL4Om-U8c0yFIZf4-wwTDxHP2ZrOl1FMwLPMUcQ-RLglSdHpL_XMyxbvZn8LCHunL5pwQBiOAzimAOVlUfttrivTet6fgw8FrBgx8BSQVxHsEDYxooWJdhPQaPb7pdaVvZLy2hLzU8latjChncyhaJViZyeNDEaEY0ZtmHcHARE-gtSGbvzkDEjd7TPuR6KMhioiDG4XMN8p53j1BAROamJ7SCeDEUJ1r5Jjg0Wm2sbpH_SeRPjL6QFa-EBUD18rlzTHzBXzFmbPLMyCva2MkaL5zPMMQxCpIjCYBvhgs_UuA6SJ3sSMX_OJJIXRnfcjkUTyp-JFdY6br3nhljji8KP25qUHoG5QZfvOu9URoV-XdJrt35rQA2nocPjKqG7mvE1FpedRKB7G1-plLaIBb_3bt9M66B4bYcvTnba3PsB14RNvua3IJ5cRdgwR0O-Q4WsGisjndKgG8UFcJIxp0GxsKot-0Gy3l3XfRIdzqFx-6MANrs66yaU9tIOZe0DBYZQ_6FfsXccZLxxORtjghAaduEEgv_bvTb4cqFObaDFgrZM43o7C3jeQaTDxKq4EhE0zZylkJZEWHnLZ36x5e9FxMwGwMnIxBFprI1ns4B6hejyhzSMxTsFahT-p8hZPRKF4iGY5zUcFXBvmga36ONIf4gVdKGEGePhU4LoSsfosP-Mf2s3mY58_VCqffle7isPWqkpCzo-WAA1LejEeLCIkXtIra1vMMGWhkFkMlM_fKmk3fTLpsliXWU4lAMDmUcpHg_5pf5gFyEs0MVAbB3hLqTtfMCCfDcQXSkbdwNKFy23PZvjIP9YWyZiaGtvquAMmnLxE1lIhKHfddKbyvDdRx0GaS2GVE4l2uiLfxfFQYN3ejvwAoazaHaQTiZUU2lUwVv_phlnw8DeZfxJV2xuV2PiGXIndMfbE6wps-Zvz_N4NXRyea9crhxgivD6T90mHyz4Lg1RdchDuDn5D2X7z9fH2rAB6dJO6byVUrVH_qXSHZi3pbtZB4kv7ZNft2ysEcba3iJjq0_HnB7OrIBHhqkEgc1k6WmcBTCuPHcCNpadfWdxbgh_lgH411yvVRYQBL4vcSEndy_MrgGJ9QFFEc-8hKFc9Ib3wjux1lhuZHl4OylAnp4BmTCXsUUqhvy1GCgByEtG3a9ZjgM3cFMpcjwhskDWd1bLoNhBCdLsw_820JtuVH-1hfT2aiAel43M-j0h3G1vQ8WNWwRF3qHxj3Cg7NwJdx04OlsZS0mB-OqrD4xFmWgWuPS6WA8qhnud48DC6VINJc3mOlIzuMatIoyTRrjekOVrYbPHK8VAsTB1QH-OXju-MwsJcjaC8BHKxnR9J7JyoJP4ECaEMD35beJflW5F9XbdbS_1zc9ldMtCHCrnB6c96LUhYdr7r05yTFZgpu-QmEwgrwAIFu-Ww4G20QFZcJ5d7xtiolZ3cxdh-u_KvZYjfPBWb7ADtAASWnvO6QRif8eTu0-l1wtPS1ZWuLNDq6JzK1KRi-4PytMhjtAQ5itoDOHgeuDgKNov4JXwserNlIWG7AB00EkTFhGAbxc3RCOjbpaCEamD2tqKWzXVDGDA0VTKjWsnQkIZNTjN979YLto35N9uxzxLUUFeAAI2C7OwYb2kSFUcjbraB2ObyryBwNbPymzvUzxTY9gzHpGwNt0eSfPeMkbX-BApXmhir6IkdntPyuwcWl89bQgHj_lBjR2AYzaP1vb_nUuJtRVxYOb-hDAZDyhN5ftvMQc6okR2CqLh03C7Lslm0y9f2pTba9ZxKoX2yp2aPLSMBCFCCZDCbSFHH4bMdgV04yEO8QWqm4T_KFTxwltS-QqjSOugRZq6SU5H2amSnBruzJ3DoBaNeorLoKFvOMX1FDbl-tG3anLjQCukZHeR14ro7RVugeH5WnkiXXxLveIVt75BYlqY3U3bSm8cR8vXHA9PHykkYOdaQYeIrjFZbC5gez3hkM1ZmBrO921pHXOBOF9PnHNOt4XEKaMz3xmU4oM_373PINXkVwUGRZIiqYSjs_bCZe-UV0Xk5sdg8GtrOjsqjc-uo8vwRmnO9OL_d7c4uWt_xyghidJJ3VZcaXh7ia_eZUC-QN0K-pkomdbmyKiihLS83SKTV1cuzeYiuCaYrEHdQAU2xc_2ePvd-ABUXveSQGHbAqFFTIx2yHR1HWuptLoYFtWyttr1NH24EjthcGJCK9uZrlUCYDUVRJ-PGsf6uGQKDHC2dk_MzVRw2L4-Zh19eXlDpQaKZG9Zb9LXeW3xi49jrt_4TvcaL_Roe_OO_sNr2ggZVxpiBnkujUnn_EUFKA6ESf4qsCWRSPXu7qtAl4_d5nIigyMqqt273xXT9s9PQHkM_quMhFxPaM6WD2uYMeGysELIesiXBZPnRRk9B8Zw9Bt3mRaM3eA9OlKRI8RLQJ19A5YE5Z7mL2Q_I1fv4NeBb0pygrkQvRuO5HSOjt8-7dKdz-wF3DfDHkymRzqkaLYKYZ4DZUY9bWQQXQBFG4ie-hwL3VuZlo7jYt0tfwIW6dVP9KQLkmXd2HlykJxscP3JN6DPO2PFR92nsQa6VnqhNDrIsim3wLhnDLqeyVWBhcJMVq4f3PMgRBtT-cEb9pYdV2HXXPgpCrurH5L5Okoc6P-a--G9k2pierlEeZzHBXZ2kUYhOGh0z3AXHt0mVg5rLkxJmi82qtfsKjhn2jSfdpqyKxCJweNxI91PTwETyED8s4GhcHtTfXmJupWGbSFbcirqUOrgTljlhPNyMvCWv0P2ITnY-T3836VLYeQ9J_POtR46J4Z2JOzGZQuA-FX5Va8XueNZwDwdwtGy3M0PjQV_WNPUF-YJIZTYJUpCkOW-70UcupRZW7B4EZh1x6lgrPOry_SsSz0FhF6OhF0RpW1NlbITjGBAccORJe5N7ciN4WifPVCj-45UaUa4EOrdKUuppfMFhCtFKmo0cJjL2THPLxjqmWYnERgz1u-vluM1pUtA0uw7zXiR5RhA7d667BlecRVKZFp8QvsyYgvnfn4EFM8THzYma7yPPTrt5J5R5bAAAp1SgP5UPQoIHkw6V4_sPc2UI46RFLBw7W2yj42yjKTp42ZHPUUAOGDTyPoFr8DRZm_fe3mUuuJNQz_3MHfiPncyeVh7GUvEswZJZFwu1T8wPvue9hrXdHLRKiC1otLCJo6Crp-mkpa2FMdnjUe7Gx0_6YOqSRW91X8-LA5LZS5Fs_-arZ_6wyd8fFOXkXaa9lXmvFRWmafO-zKTbSnXLt1C7le748qS7TrtD_9ex__f97o8BC_d6-JVjZaqYw8f1wOLuZIZD9enSlxG5OnY6u7ZNT_z4n0V9W-wQdjGhTQhBfdQq_5XM_K_NhpcMq9ZUChYdLz6ww2iklbhypNA13rxOM6p4B_x-ZzS2k4sK1yLU-zn6KexZWrVqqgMfNBPnSEUsUtQTUR3FnJUF4Nw-m4TUdc1SsmU9Dx-vWGMJE5ml_W0HC2K6rU-2eFbb&pr=8%3A489F9114CF8ACACE&cid=CAQSMgDICaaNnCDsU1h5TzKtmfXNhqzPIHori29idbV8DwVy5mmsZTkbRuVOU4vKUBt03yjvGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Ffolkd.com%2F&ds=l&xdt=1&iif=1&cor=11716939986703930000&adk=904689196&idt=99&cac=0&dtd=4
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
2ab1ded33d18a89f96ce577f9372e79ee2022f2313647a09161a8bae80dc8e42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39873
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ym.0.js
static.yieldmo.com/ Frame AFD5 		471 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.yieldmo.com/ym.0.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Xck034tCEhxPRJeQDbLy1jkP4sAxLMlx
content-encoding
br
via
1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
date
Sat, 18 Nov 2023 08:23:23 GMT
x-amz-cf-pop
FRA60-P5
age
4654
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 31 Oct 2023 14:12:13 GMT
server
AmazonS3
etag
W/"85b25619738a6e04dd868ea9b98ac8e4"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
private, max-age=1800
x-response-headers-policy
static-yieldmo-com_js_text
x-amz-cf-id
3POlLvQ9lv5tl9DK_rvROx60FWdhk4Hfqf4BkfnZFKvyUYQ7cuH6iw==
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7A56 		531 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGJriivoBMAE&v=APEucNU5b0Zee4cCYWyJcTJdx8lPvTEikcnR3fP5eTnJONaTD__xy3EpUTUKWy6GgJ65RUMzLt2N7SOy6_9ifPUcK_1O_BZItwyiIWuUyD1QgWywiN7HO6I
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
4cbc677a111c2e1fe5f84b45e6f8fa13eb6cf56d64e0ca23e12ef126f4f6ed1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
232
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 09:26:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame AFD5 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 09:26:33 GMT
ev
ads.yieldmo.com/v000/t_tkr/ Frame AFD5 		43 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3409479185010479232&pvt=1700299591383&plid=2521236318193655889&imp=6421225417988955068&rep_meta=21lvrm9ZWBMrxS0sW5t_NoqZvwci0Jd8LCvX42FNDpGxY47o75rCZvAfd6blbnNidhKsQIpJfv02mpKEEr2cXQP3Bn0BUB2ovUaOZJEN_Si3nYB12857U6gRUeUCndjOK0j7g-n1YxLfUV-DnT2DAJh-hLPpyQkDxTtERYcW_ZWE0keR8MhpzpjDRgGJsClu0DFgC5U12h6Eo-fmSwTic8F8Uy5V-ePjNbBmD_1n3YJMMu9eY-Ry6yUN3RAqh98BhHuoLMRe4hLBGN8XHYjNz_Yi1ggq7YTJU8vA0SWzQ4eiFYb5_N0_nxkBNlv75TtVg4fJykZ-PLSne3PS50F4ZqurEEJBogfu7mbRudsfuyVDG1rO1n7SBdUXQqmFYAlM
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:33 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43
ev
ads.yieldmo.com/v000/t_tkr/ Frame AFD5 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=r&pvid=3409479185010479232&pvt=1700299591383&plid=2521236318193655889&imp=6421225417988955068&rep_meta=21lvrm9ZWBMrxS0sW5t_NoqZvwci0Jd8LCvX42FNDpGxY47o75rCZvAfd6blbnNidhKsQIpJfv02mpKEEr2cXQP3Bn0BUB2ovUaOZJEN_Si3nYB12857U6gRUeUCndjOK0j7g-n1YxLfUV-DnT2DAJh-hLPpyQkDxTtERYcW_ZWE0keR8MhpzpjDRgGJsClu0DFgC5U12h6Eo-fmSwTic8F8Uy5V-ePjNbBmD_1n3YJMMu9eY-Ry6yUN3RAqh98BhHuoLMRe4hLBGN8XHYjNz_Yi1ggq7YTJU8vA0SWzQ4eiFYb5_N0_nxkBNlv75TtVg4fJykZ-PLSne3PS50F4ZqurEEJBogfu7mbRudsfuyVDG1rO1n7SBdUXQqmFYAlM
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:33 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
gen_204
pagead2.googlesyndication.com/pagead/ Frame AFD5 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BqfyzMA0iAjLUP8gyIqAS7F1kYxGngJL-G5b7U-e-qV2HE5hR03auYr983zRswrpUrTsQuma1bu1QRBaxjo27xPtHXL_sKVUiLszgqh6NS0S3VAEM
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AFD5 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14718532397188904935&x=8&ct=76
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fc8ac5a0-1e8b-4d94-9eea-c3ecaa3a6664
beacon-fra2.rubiconproject.com/beacon/d/ Frame AFD5 		43 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-fra2.rubiconproject.com/beacon/d/fc8ac5a0-1e8b-4d94-9eea-c3ecaa3a6664?oo=0&accountId=17070&siteId=157298&zoneId=749704&sizeId=10&e=6A1E40E384DA563BA5C26767719463FEBE685998D462A8515ED34A5A24562BA18D3A0C64B087B05D499CDFD0F7D44CD65FD5B3BEAE3486BE8DD261D81E2B743CEA3FFA77ABBA8DEFF8F661001DCDF06151C859FBFEAA0DA102C9B03866D4275AB7B0C4FEC2776535A13332AD242CA62B1762B6553660A0497474F0F842B6CFB73D269919A82F2443ECF6B136A931161601A7D956D29780E8093A7535F3D325BADB6215753F262D330366B602A74D02028C4BFB8CB3A004D9C09402F7521F82B4
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.152 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:32 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
register
token.rubiconproject.com/ Frame AFD5 		0
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/register?khaos=LP3UH59O-U-989A
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame AFD5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 14:28:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
68259
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 14:28:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame AFD5 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:24:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
105
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Dec 2023 09:24:48 GMT
l
www.google.com/ads/measurement/ Frame AFD5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTGGh-wKSpOjDXIrwAyZ_mOldBgNZNOy9dDGuUyITQwvlx85RCAqe2mj-9j0WVuc0ORPK8c0fYZthKgSPoZ-fTy78pLZQ
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame AFD5 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:22:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
205434
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Nov 2024 00:22:39 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame AFD5 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 09:26:33 GMT
pixel
protected-by.clarium.io/ Frame AFD5 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6MzAweDYwMA==&v=5&s=v31hfgs1ljl&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERTLkIiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTI4ZjgxOTY4LTc2MzctNGU1OS1iMjc2LTY0ZmU4NTI1YzFkY18xXzFfYWQifX0%3D&cb=434282&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZNekF3ZURZd01BPT0iLCJ3ZCI6eyJjbyI6NDg5NTA2NjMwMSwidyI6IjMwMCIsImgiOiI2MDAifSwid3IiOjZ9
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.49.34.168 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-34-168.eu-north-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:33 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
rid
matchadsrvr.yieldmo.com/track/ Frame A740 		49 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:33 GMT
via
1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
last-modified
Mon, 08 May 2023 12:52:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
1
etag
"674119d7f4205900ae84d7ee55ced021"
vary
Origin
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
x-cache
Error from cloudfront
access-control-allow-credentials
true
content-length
49
x-amz-cf-id
TcCYM5xy3vJiOrNUpt822CToJRRScocab684FxRiirl08TTBsRgdlQ==
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:33 GMT
x-amzn-RequestId
cf38bfa4-0374-31e4-92ea-3a2d734a216e
/
kinesis.us-east-1.amazonaws.com/ Frame A740 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
43b147daf166de9a545ad7477e74776d5e51ce152dd970a7edda8d0dfa65ad4e

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=6250015137aa60577ed531ddf0dc17e3a1ca0e6e946be1f7b824d500f972b4d7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
1d737d2eb9c42f232940c8c6735a2b96db2888cb7ead009d795ef29b67d05c04
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092633Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:33 GMT
x-amzn-RequestId
f6b539e5-5500-5fba-ab67-bc6c253e4f30
Content-Length
133
x-amz-id-2
o+LIfexcQ6FgDE48nOfmBlMH7gkNw6S0+idWrFE0m6Q6dS5d+o5ztUlGhnmJw+/0fZgIumWjw867vYDR3Hxdie5G8XYwsVYI
Content-Type
application/x-amz-json-1.1
ymcas
ads.yieldmo.com/ Frame D8D7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
date
Sat, 18 Nov 2023 09:26:33 GMT
pragma
no-cache
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:33 GMT
x-amzn-RequestId
c3fb23fb-9338-b761-9e29-a67286ee586a
/
kinesis.us-east-1.amazonaws.com/ Frame A740 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
81f4fc44df20e94813212c50d444db1a0cd067f080dd6f5da9b3076d03664328

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=3410a166615236dd8727843b375b279241f2d9b02134840110412abf497b96b7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
68c3ab0d8f6c06bbdb305113bfa281fa810d374bae91918c5fbf8a4f9f1bf54f
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092633Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:33 GMT
x-amzn-RequestId
d9615c23-d07f-3313-84b3-d9aac5a9dc18
Content-Length
133
x-amz-id-2
LKg+ZlIxA0IgUJLGvBJeQGBayDVq7ExABpm8Fn3TbHFPZfTlCYG/NUqAHv65B1AgzZ+b30wylUro3ta8i3eQtfqx9xuUxOz/
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame A740 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=0&fver=90&imp=8278525682067731030&plid=2521236318193655889&pvid=3409479159542676851&fmtid=90&e=16&offsetX=0&offsetY=0&pvt=1700299588347&stime=1700299593488&etime=1700299593489&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=90%2C728
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:33 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame DEB4 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 05:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13343
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 Nov 2023 05:44:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame DEB4 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:12:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
62030
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 16:12:43 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame DEB4 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:03:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
62567
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11874
x-xss-protection
0
server
cafe
etag
3876053170955424897
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 16:03:46 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame DEB4 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:54:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
37943
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 22:54:10 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 96BE 		1 KB
758 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
42580
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Sat, 18 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
track.adform.net/adfserve/ Frame 6063 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=67903448;rtbwp=806C8143FF24DF89;rtbdata=hr0tc4rGZKtBkPOZ4CyAqQiIR6h9G_dH0Qe5DpKDkTihj8DIp4vZlDRAlcaGQKf1KottOvZdx2ieJ9xSGafp5ZIohd0iHcHlq0I86wkOZ5r47_wGtAykz1_F168shqS56sztV9463nUK6FpHMkg1aJ9nofLwBviHe9hsTx5gWIzfHjlKoWIM7bxm-9bbr7k1GEbEH4l0xcnxR4cnqKPElcgoE-BgNjqVlLBmWJ6IOjRftqkaem0r5Z9rX14qzbssOf6xLZNG6FPuXFK4uqwgo614bYjQ2y0BC9fw_n_QWtWC4y3Pls7WAjaQopJ01OkwOuaDf_o-wm4gKQoJeufOeKIGF5b3gnf93_xcUB520rDSSFdHB1pKgTnba820HxKTEmBGrmdqXcmKpjMRdn3So8N4iOtIBxgX0;;oobclicktrack=https%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv3%2ft%2ffra2%2f0%2f7be6e088-f854-4d6f-ae55-35d46ebf8ca3%2f;js=1;adfxid=2x;9137;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Ffolkd.com
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c277fc413821b7ad289719a7b94ad1c7b3026c95f3a24b2a805cf759c69fe6ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2641
expires
-1
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 89BC 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
42580
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Sat, 18 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F72D 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
42580
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Sat, 18 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C9B3 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e7a84782fd15bc793210b48cdc7a4b44c79dee0332d237b711c4850e7025b5a5

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
ev
ads.yieldmo.com/v000/t_tkr/ Frame B063 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=mrcv&imp=6114423632850686324&plid=2521236318193655889&pvid=3409479147974783662&fmtid=90&offsetX=0&offsetY=0&pvt=1700299586968&stime=1700299593742&etime=1700299593742&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=90%2C728
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:33 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
/
kinesis.us-east-1.amazonaws.com/ Frame B063 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
1dd86cb37e04b9e124ad93294217f54f1cf35b72d2bae1ed4846d9177a05c74c

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=79d774b35cd00d4c28431a37bc9d6a2718120c39eddaeb5a67f4782495370092
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
5b369939128fb2f39147d46c0153a9bae27c6f425ca6659ef31aa320d3410d40
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092633Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:33 GMT
x-amzn-RequestId
c01cdb7f-89ce-5e50-9dce-5ef65fedf0fb
Content-Length
133
x-amz-id-2
pQjpjaWLhLcRNdEeLKgieREOfAnKqUpMTDyxNr6z5ShbAG5ODgNJi7OLft/GN3ph1gfyaKSsyJDJnI6s4c7DkpIaWKt9bf+t
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:33 GMT
x-amzn-RequestId
c9949246-5212-7247-9446-17cf8431dcec
Pug
image2.pubmatic.com/AdServer/ Frame 7A56
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_dbm&gdpr=0
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&piggybackCookie=CAESEPQI7RhhaJHuf_tinkwX-uw&google_cver=1
42 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&piggybackCookie=CAESEPQI7RhhaJHuf_tinkwX-uw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGJriivoBMAE&v=APEucNU5b0Zee4cCYWyJcTJdx8lPvTEikcnR3fP5eTnJONaTD__xy3EpUTUKWy6GgJ65RUMzLt2N7SOy6_9ifPUcK_1O_BZItwyiIWuUyD1QgWywiN7HO6I
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 18 Nov 2023 09:26:32 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&piggybackCookie=CAESEPQI7RhhaJHuf_tinkwX-uw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
361
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 7A56
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&p=360&gdpr=0&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpubmatic%26google_hm%3D%23%23B64_PM_UID%26gdpr%3DPM_GDPR%26gdpr_co...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Mzc5MzE2OTAtQUZFRC00OTcyLThFOTUtMDM1NzQzMkRGNDAz&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGJriivoBMAE&v=APEucNU5b0Zee4cCYWyJcTJdx8lPvTEikcnR3fP5eTnJONaTD__xy3EpUTUKWy6GgJ65RUMzLt2N7SOy6_9ifPUcK_1O_BZItwyiIWuUyD1QgWywiN7HO6I
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 18 Nov 2023 09:26:33 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
partners.tremorhub.com/ Frame 7A56
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm&gdpr=0
  • https://partners.tremorhub.com/sync?UIGL=CAESEGm5rVnV3awTQ2zO-Trmu5E&google_cver=1&gdpr=0
43 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIGL=CAESEGm5rVnV3awTQ2zO-Trmu5E&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEL_Xk7MFGJriivoBMAE&v=APEucNU5b0Zee4cCYWyJcTJdx8lPvTEikcnR3fP5eTnJONaTD__xy3EpUTUKWy6GgJ65RUMzLt2N7SOy6_9ifPUcK_1O_BZItwyiIWuUyD1QgWywiN7HO6I
Protocol
H2
Server
3.221.35.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-35-16.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Sat, 18 Nov 2023 09:26:34 GMT
server
nginx
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://partners.tremorhub.com/sync?UIGL=CAESEGm5rVnV3awTQ2zO-Trmu5E&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
294
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lp3uh30m&c=4076639824696142&e=31079673%2C31079657%2C31061691%2C31061692&ctx=1&met.9=1.1el~2.1hf~9.0~3_2.1jg~7_2.0~4_2.1vm~5_2.1vp~9.0~3_4.20z~7_4.0~9.0~9.0~9.0~9.0~9.0~9.0~9.0~9.0~9.0~3_6.37y~3_10.37y~3_15.37y~3_21.37y~3_28.37y~3_36.37y~3_45.37y~3_55.37y~3_66.37y~7_6.0~7_10.0~7_15.0~7_21.0~7_28.0~7_36.0~7_45.0~7_55.0~7_66.0~4_4.3b5~5_4.3bc~4_10.3kp~5_10.3ks~4_28.3lm~5_28.3lq~4_66.3mk~5_66.3mn~4_36.3nh~5_36.3ni~4_55.3nj~5_55.3np~4_15.3oh~5_15.3ok~4_45.3pm~5_45.3pp~4_21.46t~5_21.470~4_6.480~5_6.486~9.0~3_79.5k1~7_79.0~4_79.6jp~5_79.6jv&met.3=112.3fa_2&qqid.1=CLju28adzYIDFU9t4AodqiwKBQ&qqid.4=CKGsjcedzYIDFTUIVQgdZSsAkA&qqid.10=CJKJ4sedzYIDFQEr4AodgtIFsQ&qqid.28=CPSO4sedzYIDFU5H4AodaNUPMw&qqid.66=CK_d4sedzYIDFX0DVQgdmIMBpA&qqid.36=CKXG4cedzYIDFVAiVQgd-ccEDg&qqid.55=COW14sedzYIDFQQV4Aod6Y8C9g&qqid.15=CMmS4sedzYIDFZQUVQgdBcUICQ&qqid.45=CJjt4sedzYIDFZuL3godRhMAGQ&qqid.21=CIiQ4sedzYIDFY024AodHZ8FKw&qqid.6=CJv_4cedzYIDFUa4ewodX44Gxw&qqid.3=CKf-msmdzYIDFX0DVQgdmIMBpA
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:34 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F05A 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
42580
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Sat, 18 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
kinesis.us-east-1.amazonaws.com/ Frame 6391 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
416cc84a616af23a376fdbde89ab232ee577e14730465b2d50ccae0aa0be6499

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=503716a54049bd7b4f07df067a76c26d865be2929b16f91aa01ae640ee5d2b00
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
7472f5b3906c0d670492e42bf8addb08df46d755bf9ea4583913082a2e52798f
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092633Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:34 GMT
x-amzn-RequestId
eec46885-e7db-d65f-b316-ed0f97e5c6d5
Content-Length
133
x-amz-id-2
DXstVo5UFolQS83tGsOspKPgdqpvtkffsAUoB/ZNF2z0R38wXfvAR7Fiy+/md/QebrETkOZUkvHOLqKVuhgTBnaFAEhB6YT6
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:33 GMT
x-amzn-RequestId
c49cec67-9157-05b7-994e-69eee169153d
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame C48E 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:54:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
37943
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 22:54:10 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDI5OTU5Mjg4OTUzNQogIHNlcnZlcl9pcDogMTM1Mzk2MjA2CiAgcHJvY2Vzc19pZDogMjY4NDY5NTcxOQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame C48E 		0
859 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDI5OTU5Mjg4OTUzNQogIHNlcnZlcl9pcDogMTM1Mzk2MjA2CiAgcHJvY2Vzc19pZDogMjY4NDY5NTcxOQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxMDc1NzU4NjMyNTA4NzAzMzk3NgpkZWJ1Z19rZXk6IDExNTc2MTI1ODYyODE3MTc1MjkKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTExLTE4IgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIwNzA1NTcKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjYyNjc5MDIwOQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNTM3NjUzNwogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vYWQtc3J2Lm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2tsaWNrLXdlbHQuZGUiCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3NTQ5NzQ3MjAK
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:34 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x26e13718d5c598690000000000000000","13":"0xad37faa73ef679cd0000000000000000","14":"0x7d3a473191b0e0a30000000000000000","15":"0xd576cfd477a359070000000000000000"},"debug_key":"1157612586281717529","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["11868943"]},"priority":"0","source_event_id":"10757586325087033976"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad-choices.svg
static.yieldmo.com/images/ Frame B8EE 		699 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.yieldmo.com/images/ad-choices.svg
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date
Fri, 17 Nov 2023 12:35:59 GMT
via
1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P5
age
75035
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
699
x-amz-meta-replication-status
COMPLETED
last-modified
Tue, 27 Oct 2015 18:00:31 GMT
server
AmazonS3
etag
"f5483cecc2fab32a508cf2b5e5b94abf"
vary
Accept-Encoding, Origin
content-type
image/svg+xml
cache-control
private, max-age=86400
x-response-headers-policy
static-yieldmo-com_svg
x-amz-meta-version-id
smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges
bytes
x-amz-cf-id
zAFAEjhCBkJIXGAXhGcRBvricEpqdVJj3gtoozKRb77Nj4cK4cbYjA==
truncated
/ Frame DEB4 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
30bafe40ccf71cd8cdafc5581e7890fda5a546f99a2da47796cb0bdb5b8b7b95

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame FD3A 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d866e48ac9d2656bddf3141b162149b3189273e25966d8faf6acbb39a6b84d2

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-7BR5TDFFPC&gtm=45je3b81v9135293448&_p=1700299584420&gcd=11l1l1l1l1&dma=0&cid=1211143656.1700299585&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1700299585&sct=1&seg=0&dl=https%3A%2F%2Ffolkd.com%2F&dt=Folkd%20%7C%20Home&_s=2&tfd=9899
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7BR5TDFFPC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://folkd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
00c5c5b37f6c71ad480e3c3959eb93aa.jpg
indotoursadventures.com/public/storage/categories/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://indotoursadventures.com/public/storage/categories/00c5c5b37f6c71ad480e3c3959eb93aa.jpg
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
148.72.215.239 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
239.215.72.148.host.secureserver.net
Software
Apache /
Resource Hash
0227847b36c05f5f0b26af8ed48a6e114319dd955c1ef531bb1fc1a92d2ee200

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 09:26:34 GMT
Last-Modified
Fri, 17 Nov 2023 12:29:48 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1595786
ad-choices.svg
static.yieldmo.com/images/ Frame EEAE 		699 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.yieldmo.com/images/ad-choices.svg
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date
Fri, 17 Nov 2023 12:35:59 GMT
via
1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P5
age
75035
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
699
x-amz-meta-replication-status
COMPLETED
last-modified
Tue, 27 Oct 2015 18:00:31 GMT
server
AmazonS3
etag
"f5483cecc2fab32a508cf2b5e5b94abf"
vary
Accept-Encoding, Origin
content-type
image/svg+xml
cache-control
private, max-age=86400
x-response-headers-policy
static-yieldmo-com_svg
x-amz-meta-version-id
smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges
bytes
x-amz-cf-id
MEXRYyWCOuvdtKu_O1B-WzQcfDqeu-XyBMRQYuFlvO8b2A35TJS_Gg==
ad-choices.svg
static.yieldmo.com/images/ Frame 8465 		699 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.yieldmo.com/images/ad-choices.svg
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date
Fri, 17 Nov 2023 12:35:59 GMT
via
1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P5
age
75036
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
699
x-amz-meta-replication-status
COMPLETED
last-modified
Tue, 27 Oct 2015 18:00:31 GMT
server
AmazonS3
etag
"f5483cecc2fab32a508cf2b5e5b94abf"
vary
Accept-Encoding, Origin
content-type
image/svg+xml
cache-control
private, max-age=86400
x-response-headers-policy
static-yieldmo-com_svg
x-amz-meta-version-id
smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges
bytes
x-amz-cf-id
yEbjEPyigoSPXlDszuqfiIyxDqsWexmelLg2IgKbCYFcU3uMvlXS-g==
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 6391 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 05:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13344
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 Nov 2023 05:44:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 6391 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:12:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
62031
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 16:12:43 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 6391 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:03:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
62568
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11874
x-xss-protection
0
server
cafe
etag
3876053170955424897
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 16:03:46 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 6391 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:54:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
37944
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 22:54:10 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame A740 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 05:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13344
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 Nov 2023 05:44:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame A740 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:12:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
62031
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 16:12:43 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame A740 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:03:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
62568
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11874
x-xss-protection
0
server
cafe
etag
3876053170955424897
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 16:03:46 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame A740 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:54:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
37944
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 22:54:10 GMT
/
kinesis.us-east-1.amazonaws.com/ Frame B063 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
3241e80b7b99491ba2cc7fa20c6e4949041dad7c3c88e17f8dffb8ae98fd4f42

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=a01adf4ca8b450f7bfae1de8bfbbcc0d254107fc212701385197d2946fe8e5f7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
02a6a52d55988f55b2be79a06b39b8777fb545dcb4650f5c59b435d78a1200d0
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092634Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:34 GMT
x-amzn-RequestId
dc0149bf-e62e-0f8d-81d3-cc3596101f07
Content-Length
133
x-amz-id-2
7AbGp5plQBURBhQbJIGwz0cGBdIOvPyOvjeRr2+cGbmrKC/x3h59ZDDOxJnCuBNAZVVjv6aSC93RJSNFMPcZ9+V5G/6u22vM
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:34 GMT
x-amzn-RequestId
fef7a735-fbbe-f4ed-a325-22bf8b80e467
ad-choices.svg
static.yieldmo.com/images/ Frame 7DE7 		699 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.yieldmo.com/images/ad-choices.svg
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date
Fri, 17 Nov 2023 12:35:59 GMT
via
1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P5
age
75036
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
699
x-amz-meta-replication-status
COMPLETED
last-modified
Tue, 27 Oct 2015 18:00:31 GMT
server
AmazonS3
etag
"f5483cecc2fab32a508cf2b5e5b94abf"
vary
Accept-Encoding, Origin
content-type
image/svg+xml
cache-control
private, max-age=86400
x-response-headers-policy
static-yieldmo-com_svg
x-amz-meta-version-id
smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges
bytes
x-amz-cf-id
ra919sCImGBQ0Zpq1V3CMcvZl9usfamGgQr-1J2dwAh87R0SMKvAWw==
khr4rmdzysvp
hal9000.redintelligence.net/zone/ Frame C48E 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/khr4rmdzysvp?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUPJHRINYZYjeEI3tgAedvpbYApHB0Jtpg_WDktwP8C4QASDY1dgrYPWFyoHcBMgBCakCJmnHrA9Qsj6oAwHIA5sEqgSEAk_Q919VknfSk4xMJDnPPw_oIhF6zAQAwbbu3IfEsf-ZKafQN54Y5ecgcwZjuxnfuyetqdf_rN5bqcTJIVFMNdbex6vdErYaekmpfWNujcbviMwauLub8O-cj6oxjq7icH_16mfeQhp-Bc4xL6NMLfmWP2LjD7_2IzT9P29Qtt2KUOy-ABjglkpar_R7rMWU55E8IEe8zk_H6RQnlYvEmZ2dO8JUhTb0VzHfCyg-36oIKfVapDcfsmJS-XWxzkKFMjAQsgmemtUABZyVpdngQfMj8LqDJPIA2MCRNy8N-DRBpg4ilYxeh9TVIrNGdCPCBiUW8gAkF4PiuYcsG9UCkuCQ4TJgwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQKqDQJDSOINEwjH_ODHnc2CAxWNNuAKHR2fBSuwE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNMECdQHpAockj_sfYtw8J7O7o1wx6eYwkfbTkTNdhIC1OYdLfDCKeNe_W-tTB84KposwLBfg7vxgB%26sig%3DAOD64_2-jX5Kp5-u1R6ssr-LN4Z2fX4S9A%26client%3Dca-pub-3944954862316283%26dbm_c%3DAKAmf-BmSaBqkRkl2Krmhvon3ObJFsvvjH_k1r3FOuRLM4Q8FWY8bh-VJ8pUEAnxMylflQba6UfHP07QHm_4V5h8x3Eazn9oHVAybgkGoqQPbltLzaBmc-MHMIQ7Jfsw0ok2R2bcQSgI99J2Jggh_UgAR2Th-u3qoE5g_lNm7LAC8eSr1Mapm_I%26cry%3D1%26dbm_d%3DAKAmf-AtME_Rijpra4Cqk7jFY_9p-NPD-Vnfs6v7EqbrcRAImijtGPOACD0LueysCZVrnZbMIu5RgnGN8j036glrWRWxrpSl8Zqe4sx9hRZlFLnODAxyLvp3XNSVQIPROnOfFmq5tsPGmvDUCScmZTVqrZ2c7TEkCycFerSOawsngEBLh53EKS_VDyRq9oeLwuHbXbiu9OIHETaUv65SAHqRXvm3LbNCkCgxDSYFdHH2PW62RosfRyLIaW71g8Tw7u3c8HHAKjJsoolWiil5z_hfRdtO9CHqQc4YyIsFfDCkDKBH2SBk18vTxYnkjexxGMr4WS4S4RcuY3IClaakp1fSuvWFjbqBehKR_somPpgSNvC419yjrMDWipYSUPg_xpTcIgQkS5jJGGm7ErUYRkhffsvh4fZzdahpNVF74g6ha8UGKddq-e2MC_jqMaQfLgGbTVCG36tnb-ZFKwHrmfI_-fcvfHYcPkbkjOlm6klPIdsDMsdoMNEt3MCHYVrh0Bb1CGb5jaTh5EJh3LERl1mCwi_SogdlbP5tOCNC5ciOExaf6un3pKA%26adurl%3D
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
741ccca2299b5025bd8aa5e0d79e267ec8b543b23a294f2ee2d054e67bf1ed33

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 09:26:34 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4168
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
/
kinesis.us-east-1.amazonaws.com/ Frame A740 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
caf76903fe30709f8e4c8f5946ab96c863bcefc4da8ab64dea54c883ea1d3e84

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=799d20913988f19ef57697d4f2e60aef65f2a8709f1557db9ea0654173329926
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
b2a6e8aa7b7e10d3a2d7272245ef24b236bfcc37e5513a5b116994a91946a5d1
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092634Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:34 GMT
x-amzn-RequestId
c5bba6a6-af02-257b-9869-232c79218bd0
Content-Length
133
x-amz-id-2
Cu/c0gp/QoMZAQSV9cBatoxVZRIn/Ldyc0QUEN8uQ1ecI3rzGqwnZ3NlTm7X70wDiBwA8wgMUoU/bjnUyVWBmTIhzjWqolm4
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:34 GMT
x-amzn-RequestId
d8cdda75-94b9-4442-851f-5fff429aeae9
truncated
/ Frame F7F0 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
549750530a92f022fa97ea084c8c567b8e64f53c4a61585e8acdf59942869b32

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A791 		1 KB
682 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
42581
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Sat, 18 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6391 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
363ece8c816f666dd2bf617134a1c8ef30537e73ebb32c5effd97936ef25099e

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
usync.html
eus.rubiconproject.com/ Frame DCD4 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=ch
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 18 Nov 2023 09:26:34 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6C1A 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
42581
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Sat, 18 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame B063 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ff82dec40aa2466d0c7a0ebf77cdc40c2d938ac6a32f36d825834513d2252fc

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
usync.html
eus.rubiconproject.com/ Frame B13B 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=ch
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 18 Nov 2023 09:26:34 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1B3F 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
42581
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Sat, 18 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame A740 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19cbeb05baac849fb316f19a755fc1da294c6a4f0b37f409c11e4679508425b2

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame FD3A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstAQYwJlAH-7ZhhsV8xfNN6LcLlGgoKtLkcFuUGbUKZpAj0ckjAx9TkS9s1RHBiQIrPVxTRwR7PMVpFSPRh86oofh1riYnQ5ZB6B33y8fYttv9qdg_KjNoMi9l5LsFo_OjyVncS3OOfZWgR1tFZHBq7KMzpPVZdhoY8oBSd9eQUdW_KgZgVTpWutiKlq7mgRrnjd8JcZ9WEGpbZbDIrxZa0YXxD-I_1arb_bfH2vLgLhsY_81YXjWh8uOylijCexRk1KvpuKSrkdqq6W0vf2DMBbVwQfUb9fWUShlhZ2Th9-gxlGLJpfNHzveSHWea8sN0QMEg--Div7smiQKmP9num5Xr1lvbxR3MXhHfLHQtKTHeDDjG3JJ9F8O41_QvD8tEkZJguBhKXRGi3GwaYpdzLYPEpYHsEYAdu2gjVpgBuDbHwYSjRS5CMqchCKt-yW8TcYvd-7zIuOA_HVx5dhVSfIHydyrrn2-8t6E-7lOUXKqxG1vOxlrNS5fpt8zpUge2YC-NP9TufPmtDLblz7wR6VAeFAoL257K13pFrfWCuwyMvtMayNQJMq3iyXVSNTnAQJHJxL3KG3aHLOlyS9VCnQhPUE-64GJ2ZEIWe5z3LSzNUO8o2fUZW4Sm50vkGTNtloCbp8XARaNWGNDbx07VhER7qMUdOtfP1fWA67yQwBisOC2tFvIWeiei3uuNJuDih7U840dVWhz-afOYyohDwT85O2bi6x_mB8n6CFLgmZueYZgs7QGd1qRli3azQct4pvv_GnVDDntCb7EMf0oKHo-fPCsz9D7eH-QJHQHPDn21zTclyE8rp02CUQXWD0ktFSWqj7c1OsLQqiUgSsmsiIoLjHmjyfA0U7qicX7pyQxf_5Kc1E_YOhgxAGio4iuyhNXbVPfagjn-8vClkz9ZLIRXiDRQs0mxQkss2KTe4l47yPvmT0oLdSlPvCVkk8Y-RzrK-dYFx7TACU8DOXOcWSP3zTl3MtULfxVyM7bElVz2eyyFugCAP7xZFUI7SR7steCW9lbCmBijLgipnVPztqXZY4IHC2b_kfTjIbJhHAKGKKpU1CsxXQNI-Wdzfe69HRfx_8a88aqTsfXKDicUNqeJ1KsNQwt8rxmaHjUGDzM2HwIq_hoBw-0WCL_EEEEKIoLBBmVWObLGdzz7SoPrYBvO6i-Ymnft4IQq4iG21mSTKP9riWdP6bPnihXx_TdpLdqjDN8yAu1jRQDwOkwGk1pRSG6C7nlC4ZhG3nXB72ytrPMDLnvA4yPkQVFj1k2jj3JUubDfvSdgspR6E2BGXJkPv4hQxTnNOz6v2V__-Q6dZemNsnixEqEJkXCna_N0qPxm-dD1nCYydtv4y8bnfjKDqgzaqzLfx4bmC2_ejQkbrdxBraiGbTaminDf1oJqWSFg0Owqtdovoj5ao6p8jKusU4TMyEDTPwUBuCNcFqW-0EsS2&sai=AMfl-YQqXi-jaaRoQeeV-HvuWDZC-mGMu_lecxvmBqZlD-Ypu03TcG-HFDbDtg9eGO83KWyu6DsUCjB5LDelIwCzhmB8AvGaXyFcbsdMYuDokmSHJzVCngpxBnSYQ2coANKRJfkAQkLHKIPz53RLvZj-9AvO0zq-vDWozOgs7Y3BQHmTvGip6gk4z1NZpQe0C_eMuRJ8VSKhTJVqmo1_ejuIF1NEDmNxeXG1fkpzJP4xdyPVT7_j_f4ratCw4o2hu8d5WWmRpj_hU_w5iGTD5W55ZQ&sig=Cg0ArKJSzLV7eRkqq0X-EAE&uach_m=[UACH]&pr=67:0.119843&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1613&cbvp=1&cisv=r20231109.47346&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 18 Nov 2023 09:26:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
16413251920761157135
s0.2mdn.net/simgad/ Frame FD3A 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/16413251920761157135
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
sffe /
Resource Hash
512bd35e41436af9a61145ade5729184acda48c2be02a1365f3942720b0ab1d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:14:25 GMT
x-content-type-options
nosniff
age
61930
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10969
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 12:04:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 16:14:25 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F7F0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuSZFh9c4kuAxdu4yCQoAVZImofgmhiZxbyeKq86CN0mI-hYSjeOE03L5Vkjo65B9u1Yv0EXRBNEqOMaFjxy1t1in3ZyPGuigo3Znkr90GVWV1wN_btsVXB9s47Dy5YA5MR6fEgy_dXkuojayQ0XKO95MyzeKHi2TN2NMoa3OnD03de5Jmpd3DiX4c52XryZToM_UepWY2DkpFhrGPG9-JdRfdcs4IOmQHwWdJ3Nr5YU2EmoyttvfUAUwutV0gutlwA26-Uhoj9jAm6OdzwaKigOSXqRsqr8zyzPhGYL8ZoexG35Azaj3Z_qFfA5oJEe5aKdC_85Jz2TidHHKGCe93fBnMZFaqLcIGTNTDiEFG59TvMfMRqTBqxWH0YCI2wjKvtnuxpWQgKuWPlz2zF2yEyPd9-5rNASXWdAPLCGsSK6otzec5Pgc9KMU5RoQdjl4lQr-UC7WyvaFTDoVkjWF4UxiVI6z09OduuGBQ5btqG-Tdfenx4nXeRw544kxDfDI7ewlqfqntk26raG0krQcFZV7RF9Mrl9HZWHGyAj7-LuJNJvs6NctQNXYxOD25RzgB7RC5gCXy3zgxEuXlleSxxbaUT2Zat_bz5tFthb8648N98WYxp2UzU6S3PsrY1_Qbq-qioUiJ3d3T2mVz8Yc-U0wNsyDDPfhpKq3hIIjx3xyPFkCHdhKngBHES-1xj1Pn8ftJthHz-uOQ_5-LrRibN_5X-hq6ndls1NRz4WbZ0lV1m5yuedqLSxugI0w-ZlUjoFfzTzDBGD65l3fWHGUWTu7_2okZkNJIcx9yLFCgjafkHt3uZLIPpdENFhXuxFh2cCapQJhy1vIdfRyGsh9-c9OmnQrsICipSzfTysPxXfo8zsZaZCRk7wmSYIGbmtjcmvZ9w3dAiAmhoXXfpndp2BxtoFWatyWo-e6chRBwXfVD4psMHUtl3VX5lOrZ6aGuCsuxuYfj8znkTnztLWE9MWZ5b-8QQPLoPEBANyPlm0upfDx3A9YR7YIbcQZYrl1Kzp1GxgFkcJ15k6D5Mdjwheq9BtdfCFpyDSGSrA55JkvUReW_67yYyBorfKmBIzYZ0umwIK92Ar1KlGQKpBn51j89IjKcoJBv3ijvwlAuugvDwsz7dXI1BZukHzzwUt1Urzezu6Z7lTZWjdVzOfs3OJ_be48r6athJSmi_NJibgi86X10TobY58dIV7ycHf62PJ308dzYHqJeaQOYGhAu19B2RGPUuJanDKGuAuVFS04CJr1MaXhDteuHaRyDiSoo3Pam6a7O-jsQ63OB_RNOo5WkG17HV_v22_m_ZPmoLoS8mUn4_RyL9bXeGxJXT4my6lLpoZzfITM5y3SiKhGYqZqBR8KEteCBU_gqiIs7OmhU3HEbwA802W0ZwlB_9b25sHdlsnJ9WRF5siilZ62bmFiy5UQTrRprouh7JfQ&sai=AMfl-YQjF89dXy2ZE1nRuxuUPwLClstT0OYvJZYnQknGIcOS-v3Fv5mI5gQQJNYPanNsgJ0pn0WgX7fRTeIrRFsicy6faJbpfvFjcgOSsKiNq9dWRZLbG7GdJ4vG0l3E3WAC9UHijsoiBTOCbEVmv3NZa7-yL7xywMRo03UIAQCs8KypKExWrgwtt49PYVjVwC8Bgb8q_N7oZjsrKs1vEkJML9nd1ozkv7Uya-UCec4xtShYkwwReJZCKAkYJGDL3IgFCkwLLn4y9CRzTPAk4hzGwg&sig=Cg0ArKJSzCtEI7KiHx3ZEAE&uach_m=[UACH]&pr=67:0.119843&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1532&cbvp=1&cisv=r20231109.88894&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 18 Nov 2023 09:26:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
3987323534869999900
s0.2mdn.net/simgad/ Frame F7F0 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/3987323534869999900
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
sffe /
Resource Hash
81e4ef1f48ace427c6c0c1d2163dc5199e0c6e61fabafc20290daca301bbb24d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 15:20:19 GMT
x-content-type-options
nosniff
age
65176
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13198
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 12:01:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 15:20:19 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C9B3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv1JvOLCUwiVw5PxZIlPYFDNRJM7_QpjhsuFwxABXz0AAusS6ibkgIRVQNurOU6AlEm60GxXTtfrTWnaNaAUOwu2sOPZVQ8oxi8-0e2ZTSp6YP5f0Lqxfo722kq8cie8KmFmVQxFgDEyKEzX3fL0dZPYzfNjuDnW_1RtxmtCHwIR0PdaLxLvhDJ4a1uaRSNs-j6ZnEXchVl53Yxnd9qV5vLiF3ymGlBVhu34NreH3Npt8QDAaTuXl9408IKVmHx3-A_hacj96St-QNIAZbtU_hP_EUENxxqPDQSOcseg7ePebuOKCA7RwqOyjN9tBXOKzCI7fjDSizG_Kaj9ehDBuJnFnvhicNyVYGV8ntpa0x6By8Hi_HpncRPD5kVTev54kCAiP_YfRccLWwSxrsZEhm_sTSL4AtaJScXtGvQ7owZZRAxrJwgKbl_agTQjudQSbN1HOizPJwdPAuC6mfxLFwUd78ypN9nJ3ZLfD_63UnRxYnJ4zvYtLrnouT6eIV4xz9oQk3gHowoIRe5s6rmUB4YLOUItxppVL1yIM5PQ3ym6X-quWFlsSRclvTBh10fQ9ilzYXpgOtxVnzAowWwYob0YXMvBQZp2568PEmP_cDQv3D5ibj8c_R2YNfuHXBwc0t5DWZ-vAcRYmPRWixKDJHhvZBhNTLI7mt4DFYrANa1dIU9dcz4EcAIiGShYJEA386vnI3-LeA3biuGMp_oFrnzuXGiC0TsALlQbni9F-eSf7PEHBysgijWEvsw7Mb4AmXHZ26yQgqH0VTdhP4t-HGhtXM3lOVtQQ7nCF2gKctGy39iIQAJa2XpASb347Usn7EYO7u6bOL3h4aL-xr9hPfs6nz8kaTLaqkIIIYeoo7M-__KtcZcnWCDX8Eg0F29tC6PSJhEphiWjoWbtI4YLaquW24-KWaRWzr1DQ-KYNgurdzWjB6QfBq4eMdhU55Cyw-dpRlHDRvwxEpaEHrs6KYyqBg5Efx2aU4ZWL9FIh-3vJSGL-9I0hQ4kl6NaN1hTwWeVNfx_Ouubfj4h4WOZdHdecCdjQ930G_Ye8H7Rz0mxmnm65WFW2qj-YrWgEPeoSYJ8BAIVPuO7gpalpP-dHWKxtCFdUi5w_qVkMBcSVWRXGjm2bx8KRYUkPc9mqUok2E4FPH3T4H1FeXxOG4itlmTEBkBuQ_CjjShsCBv-_sZAY0rRO1Lxp-VRY3nOKBHFPaKRUlmnrco1LB95DHEHM5PisrxCrVlSQdx2h3GEJ3R6SARf3rQTXbe4XEnkaZI5IMqyho67oW7dck0fz_uRyd-APsVElEqFXUxX7C6LEsnIcQn8CKfoY0ZkMiNi0E6QDsHfklyHvgNJuHDx0lukQSJ64LyNtfa8MFb7ceswRg9q9YNx0hUSyAwCk-bX14wbl2VtfeyoBEQfrJyt3k06Q_XBYpMDYWWOMoJZniyC6FJyWFzIlmj&sai=AMfl-YTAjo-tt1K1ZqEz5P9GC1pGy8ssW5FZR3BwjEGeHjkaPLhTWML5Ql1rlcJ3c5i0t7d3MxwcmclqK2qWwtfqHH_8TtVeZM6gkoUOaTNdn9gQoEQgo8znJXUIpUeAXAsBw20G8eXqR9uARp83R9fmDj_qVxgdDbN8l23WPjk6bkSUjDTYIfrWpDLrNwtqsWP7tSJu3Cl_CJrEAu6442nFYczy_R40Yi79Nq-pbYnyTsaIvCcRAeWibkqwp2zNw-qy4Z1jBn9yJrE6-iBSEwLcYA&sig=Cg0ArKJSzDroAVUcNdRGEAE&uach_m=[UACH]&pr=67:0.136704&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1448&cbvp=1&cisv=r20231109.51945&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 18 Nov 2023 09:26:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
9504452026646950015
s0.2mdn.net/simgad/ Frame C9B3 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9504452026646950015
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
sffe /
Resource Hash
a2d0f6ddb61cf9ca595257ef522206f6a7d882396576373f1e222f5391fef812
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 16:21:30 GMT
x-content-type-options
nosniff
age
234305
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14634
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 12:02:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Nov 2024 16:21:30 GMT
rid
matchadsrvr.yieldmo.com/track/ Frame AFD5 		49 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-80.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:33 GMT
via
1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
last-modified
Mon, 08 May 2023 12:52:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
2
etag
"674119d7f4205900ae84d7ee55ced021"
vary
Origin
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
x-cache
Error from cloudfront
access-control-allow-credentials
true
content-length
49
x-amz-cf-id
F2vodRSBKDv4nedo6eJ0NWnrlgch7WZyvUSKQ--f-mu1GGnm4FKAcg==
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:34 GMT
x-amzn-RequestId
db906d06-4e14-cfad-8642-e88c98376106
/
kinesis.us-east-1.amazonaws.com/ Frame AFD5 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
dbcc509a0c32d41e1827b8accd1ea8df3e53f7a3068ae8900271769805c6c688

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=0d4a03d6c38717d24b1480fb5b33623e9e2296377a006cc79f993010c04485a2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
ff92080db3f2878aa66233287b234105ea774f4c25c3499aea56ffe10aa1080f
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092634Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:34 GMT
x-amzn-RequestId
cdea783d-ca7d-5722-9038-fdb71c5ef989
Content-Length
133
x-amz-id-2
xwkevCIun3dRG9fXLLoXkHfCXmvWDjN6WgC1KyyIIaPKyFHsSui+rjznqAqKgYRw1IKUOJnSr9XPEScf8cxaIaLoyDHgbJAP
Content-Type
application/x-amz-json-1.1
ymcas
ads.yieldmo.com/ Frame 5E39 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
date
Sat, 18 Nov 2023 09:26:34 GMT
pragma
no-cache
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:34 GMT
x-amzn-RequestId
e2df19e0-09c1-173f-bf0d-9c6a79ff07b5
/
kinesis.us-east-1.amazonaws.com/ Frame AFD5 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
02d94faca3d14702a218b665b80e959d6e1ff1855af8e19f18828b28a176572c

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=e8418b7f41c21cfba38937a7b7683d6acba05bf3766ec226889a6aa01811ebcf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
b3a509fe6f205b43c8127b1643439b79a2a5cd7bba75160210cbfd6fc56b3703
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092634Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:34 GMT
x-amzn-RequestId
fdb25c29-3a35-21c8-a060-d9a34a0b3142
Content-Length
133
x-amz-id-2
L7AAhQBGLEuWM8aZ1z3JeY/lmCFZq0Laq70YqVSB7wnJbIdcIgn8pF0ahY2RgTU9+PBqgKVX9W3KKWHUV7B8W0VxuuzOXYxm
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame AFD5 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=0&fver=90&imp=6421225417988955068&plid=2521236318193655889&pvid=3409479185010479232&fmtid=90&e=16&offsetX=0&offsetY=0&pvt=1700299591383&stime=1700299594614&etime=1700299594615&viewportHeight=600&viewportWidth=300&adSlotLeft=0%2C0&adSlotRight=600%2C300
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:34 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
Standard
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame B063 		91 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
80958b705988fc97f2179c7a83acfc7353d1145e50ffd2680bbe3e08254708c2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:34 GMT
content-encoding
gzip
last-modified
Fri, 17 Nov 2023 10:42:02 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sat, 18 Nov 2023 15:27:20 GMT
16413251920761157135
s0.2mdn.net/simgad/ Frame DEB4 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/16413251920761157135
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
sffe /
Resource Hash
512bd35e41436af9a61145ade5729184acda48c2be02a1365f3942720b0ab1d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:14:25 GMT
x-content-type-options
nosniff
age
61930
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10969
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 12:04:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 16:14:25 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame DEB4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst_QgcUN2jR2qbIRGxnTF4CtpFZKIHAdHmYvxt01NHAD6VI3px1_9FomKfbkP4_cwZyufH_X608TmIEfVqXH-k9HSA1nX6UTp-S6jDHDKW2szrFJG1iCplBAsm5FkpCH80O2Tu8agDlB9I56rjEP2k9PGlwcmQtRX7vt6H1udLTCe9PYnQybAV41KCLEyiZZfeeDDMsPop0Pe9sWVFmAjNHj4ys7fe0GIl0KkMsw1ZZwifsmQ7LKMQQ40pmyApFA4pieHYAGQ_4Fvh1xi8tNN4Pb6we58GW5O_0cWH63yu5_PYxYntp696vPJij1FCIcPBuGQ7totec_-qIo3bt3gHWJnYwezL1AaD_iBBgMjEAL-f4co4WnnhHnOdRcpRVLjdG0O4QqMxCg3MjZHQr63G7HcFM4Tg5RkvMQ_GS95aq3WmmM07RVim6sBhjbYNhhX9q2wAuzFnQzrQscdEUIKnM5yxOlhk_D5ZZLA_FN8Ojf5HMQNQ0CUs5S87grCm-doBZiKtQ8AKi6Keh8fCS0WDmy-bE6g1tJnU0juodpjXDhLgs_JQ5Uy4jd3lstSd1OYYucQLWFphINjE7Mis3TuukR-4GSIJysbNq6Q87K3HjVAOKJHXn4krczm3LIJDKdu6kAb3d8aMBB0LB0myFZJ60giL--ustnxwaqfxSTEm6ocshjCqU-mLo6ZCBGUY6-fwojGjTEY6nn5SJGcqdAe9UJ4LjpCV50RZmJKQxwAUzD6HwSRgW2MUWnObz5SIjSkGReTUGqaa1eJB72HO-DcbQcPBMHGEciDYa7bC0_lxL2XiqAyt235BRu9-5U_M2ILR0AzADF310qCFRXhdD-dgo3qj0UBnpeG2vla5Au6327sFi0cPunmVkSh17ICASCqXq3WRYRjgy3eFX03WeDtYZYG3qlsxn6ztcx4QmhV4rUBwTiazCfEskXyeJQE7XI51XPkcXLDn_DsdAm6sLH44G9yDM61F38WxLVhBZ375KBdLnd-4z4czsNy5Ar-AkdJjtYEz9XByMEeC-91Not5gV0EOvLVg3rFdiburgePb80eNn-txoUahrkq-l2wl9eIZ-ISa7Cgtl1R_3yd15by7dFUttZ2PeBF5gbt-aykAb1QLqQQL4e0EOPXRANsWLCUhCmSfL7AyNS_G9P1_eFguSvmdWUlfEsGMT6u-IGZW9yBcILvBTAAwaASQ5qHiKKXhDqQpPMfTWaOdmbdZNNDALUPEZ6LEJFcbCiSxpY5oUZtyh7ItLFaB-Zp_D0O-MVPpm-sTLraTsxtVxz1qHGt3nMFjFLOoO7pSSJnUzvr00L9FbfSoePwdi5oLlJo5s3FRVES3_x4TNlVCYzxdnadg1DS8Pa4Pn8CDpHIV1pF-cAneUvQAX7RNTAAIyHH3mo6IXWSTbSnBDGIfenDcRycPPOEqAi5OHEy6BwgokyXZ1GMCzE5k3XQ&sai=AMfl-YQmStbgj298iCaXnwj25t4ythrDPwKDFEsr22stG70XXTX_zp14UgCm-XK_s8wwES51U9NIdkEDgOJmD_DHARHET65JV2mFRRGG2jv2nucpkiHDcyylZjw_qh6e1ONpuXj2qJ4I_JuFj8xBY290_mHPbXSLpe99_YdVxdcsRX83WQiOVTgVPF3Rwa5AEM95b7cX3IgnhHGpl2kavI_WYykLhzu-149vnAi7tWs2orRtzV3hs2JuX0WEALvtzhok4Dm65DaA8MWBGGaRUl6uUA&sig=Cg0ArKJSzGQzfOfQp9-1EAE&uach_m=%5BUACH%5D&pr=67:0.119843&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1069&cbvp=1&cisv=r20231109.45658&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 18 Nov 2023 09:26:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 96BE
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESENBEHDh0raE0Y77ecHs4djE&google_cver=1&google_push=AXcoOmTy1qLBjsdcLC3RETYz4X_74DnMoCUeC8CrpP3gHshQh0G1ISCGQoPjeEVEp3q2UkYUBWSWm2-Bnu2r9BRs8LmZmfj...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESENBEHDh0raE0Y77ecHs4djE&google_cver=1&google_push=AXcoOmTy1qLBjsdcLC3RETYz4X_74DnMoCUeC8CrpP3gHshQh0G1ISCGQoPjeEVEp3q2UkYUBWSWm2-Bnu2r9BRs8LmZm...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTy1qLBjsdcLC3RETYz4X_74DnMoCUeC8CrpP3gHshQh0G1ISCGQoPjeEVEp3q2UkYUBWSWm2-Bnu2r9BRs8LmZmfjIPugifw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTy1qLBjsdcLC3RETYz4X_74DnMoCUeC8CrpP3gHshQh0G1ISCGQoPjeEVEp3q2UkYUBWSWm2-Bnu2r9BRs8LmZmfjIPugifw
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTy1qLBjsdcLC3RETYz4X_74DnMoCUeC8CrpP3gHshQh0G1ISCGQoPjeEVEp3q2UkYUBWSWm2-Bnu2r9BRs8LmZmfjIPugifw
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 96BE
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEMmFmAcRjOzs6nRuw_7GY58&google_cver=1&google_push=AXcoOmQqD8CXMUKgv7YhDIJIFt_RxWL5FL6QpzXSnvnIUnD6Xy2OjynZKVFoQF07lNnZJw3TMHdz3GCPxniEc3PPEGZ-pqpLoWG7
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQqD8CXMUKgv7YhDIJIFt_RxWL5FL6QpzXSnvnIUnD6Xy2OjynZKVFoQF07lNnZJw3TMHdz3GCPxniEc3PPEGZ-pqpLoWG7&google_hm=lPpImljajrWp3gsfov-k0g==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQqD8CXMUKgv7YhDIJIFt_RxWL5FL6QpzXSnvnIUnD6Xy2OjynZKVFoQF07lNnZJw3TMHdz3GCPxniEc3PPEGZ-pqpLoWG7&google_hm=lPpImljajrWp3gsfov-k0g==
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:34 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQqD8CXMUKgv7YhDIJIFt_RxWL5FL6QpzXSnvnIUnD6Xy2OjynZKVFoQF07lNnZJw3TMHdz3GCPxniEc3PPEGZ-pqpLoWG7&google_hm=lPpImljajrWp3gsfov-k0g==
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
229
pixel
cm.g.doubleclick.net/ Frame 96BE
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEKtHDjLbEaYfQ-uknYEcsx0&google_cver=1&google_push=AXcoOmTCWCcsnuRin-SBSnDDOV_jlPE3lqv_70yZi3tqB1WukfAhpFUbwxAh98dEn2WrAz6zgS4aGAnHIDScP...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEKtHDjLbEaYfQ-uknYEcsx0&google_push=AXcoOmTCWCcsnuRin-SBSnDDOV_jlPE3lqv_70yZi3tqB1WukfAhpFUbwxAh98dEn2WrAz6zgS4aGAnHIDScP...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTCWCcsnuRin-SBSnDDOV_jlPE3lqv_70yZi3tqB1WukfAhpFUbwxAh98dEn2WrAz6zgS4aGAnHIDScPWh-lORwpBCJuT53&google_hm=OXBzTVp5WmdXUkJxaEw2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTCWCcsnuRin-SBSnDDOV_jlPE3lqv_70yZi3tqB1WukfAhpFUbwxAh98dEn2WrAz6zgS4aGAnHIDScPWh-lORwpBCJuT53&google_hm=OXBzTVp5WmdXUkJxaEw2NHo5bGg=
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 09:26:34 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTCWCcsnuRin-SBSnDDOV_jlPE3lqv_70yZi3tqB1WukfAhpFUbwxAh98dEn2WrAz6zgS4aGAnHIDScPWh-lORwpBCJuT53&google_hm=OXBzTVp5WmdXUkJxaEw2NHo5bGg=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
236
Expires
Thu, 01 Dec 1994 16:00:00 GMT
0.gif
id5-sync.com/i/495/ Frame 96BE
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESENXWFYm1fltxLvD4-wOG8AY&google_cver=1&google_push=AXcoOmSuD8H-O_yp4Bfo54sqFtq94XB7DKOMNAKHY7eVR1muiR9D25sPecIxBzZ52Jga1rBTtmpCdaAR8zYkd9EeOVYv_qLrCq8JAIQ
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSuD8H-O_yp4Bfo54sqFtq94XB7DKOMNAKHY7eVR1mu...
43 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSuD8H-O_yp4Bfo54sqFtq94XB7DKOMNAKHY7eVR1muiR9D25sPecIxBzZ52Jga1rBTtmpCdaAR8zYkd9EeOVYv_qLrCq8JAIQ
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Sat, 18 Nov 2023 09:26:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Redirect headers

date
Sat, 18 Nov 2023 09:26:35 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSuD8H-O_yp4Bfo54sqFtq94XB7DKOMNAKHY7eVR1muiR9D25sPecIxBzZ52Jga1rBTtmpCdaAR8zYkd9EeOVYv_qLrCq8JAIQ
x-download-options
noopen
vary
Accept
content-length
274
x-xss-protection
0
spacer.gif
an.yandex.ru/resource/ Frame 96BE
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEAwBoCsGQhD4qcMMpnB2LFg?ext-param=AXcoOmRhEeRCktnruh8RlzV1RajhJ1IU1bOeqHlzgDyHrNSVRDwsn_uoLbXeIJ9xJ9kpVRce265ULko8WL1AH6k5gCSZn3XXR94Tfmg&partner-tag=yandex_a...
  • https://an.yandex.ru/mapuid/google/CAESEAwBoCsGQhD4qcMMpnB2LFg?redir-setuniq=1&ext-param=AXcoOmRhEeRCktnruh8RlzV1RajhJ1IU1bOeqHlzgDyHrNSVRDwsn_uoLbXeIJ9xJ9kpVRce265ULko8WL1AH6k5gCSZn3XXR94Tfmg&part...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEAwBoCsGQhD4qcMMpnB2LFg&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
87.250.250.90 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 02 Nov 2024 09:26:35 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 96BE
Redirect Chain
  • https://trace.mediago.io/cs/google?google_gid=CAESEJkAPqh_G8yp9t2icYv_zqM&google_cver=1&google_push=AXcoOmRTrkD4ErB53OgvKhugLxiyd2icQZiigBkw7sNCt8zRAe0iIohFAMqMMhrXCLpnU1XYmkhiGbfTOo3Lo-HxDuzdV_LMr...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRTrkD4ErB53OgvKhugLxiyd2icQZiigBkw7sNCt8zRAe0iIohFAMqMMhrXCLpnU1XYmkhiGbfTOo3Lo-HxDuzdV_LMrGIsues&google_hm=f34e969978f...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRTrkD4ErB53OgvKhugLxiyd2icQZiigBkw7sNCt8zRAe0iIohFAMqMMhrXCLpnU1XYmkhiGbfTOo3Lo-HxDuzdV_LMrGIsues&google_hm=f34e969978f0b1271f9ug100lp3uh84f
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRTrkD4ErB53OgvKhugLxiyd2icQZiigBkw7sNCt8zRAe0iIohFAMqMMhrXCLpnU1XYmkhiGbfTOo3Lo-HxDuzdV_LMrGIsues&google_hm=f34e969978f0b1271f9ug100lp3uh84f
date
Sat, 18 Nov 2023 09:26:35 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
content-type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 96BE
Redirect Chain
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEHl7i_e6y5Q_P3f2WwCu4jM&google_cver=1&google_push=AXcoOmTr9NvG_AdwO3zEEwXwxeT5e4krWq9wWEsI320CRGzb1X35hBXc2M7qusxd6Cx...
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTr9NvG_AdwO3zEEwXwxeT5e4krWq9wWEsI320CRGzb1X35hBXc2M7qusxd6Cxf5T489kmVUID-XJxeX3ROS0XBbysSWaUUFvI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTr9NvG_AdwO3zEEwXwxeT5e4krWq9wWEsI320CRGzb1X35hBXc2M7qusxd6Cxf5T489kmVUID-XJxeX3ROS0XBbysSWaUUFvI
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id
99ba177c.225a599
date
Sat, 18 Nov 2023 09:26:34 GMT
x-bytefaas-request-id
202311180926344E594D7CCE17DCD5E511
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-54-206-6.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
x-parent-response-time
93,23.54.206.6
server-timing
cdn-cache; desc=MISS, edge; dur=86, origin; dur=7, inner; dur=4
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202311180926344E594D7CCE17DCD5E511
x-cache-remote
TCP_MISS from a23-58-124-68.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
access-control-max-age
86400
access-control-allow-methods
*
location
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTr9NvG_AdwO3zEEwXwxeT5e4krWq9wWEsI320CRGzb1X35hBXc2M7qusxd6Cxf5T489kmVUID-XJxeX3ROS0XBbysSWaUUFvI
x-bytefaas-execution-duration
3.13
access-control-allow-origin
*
access-control-allow-credentials
true
x-gw-dst-psm
ad.union.pangle_web_traffic
x-tt-trace-host
012c3080230e230a6052f2575cfefdef7a841de55693e364f4a82de095b9c558fec8250a32f15fabe2960533cab9c22fc0eb1f2cf659e7759a05a34b1afa16098928d4ac2e7bc84ffb37a5d23639ca4ab45c20dca01fe9a985f37822a3a61d2aa0eab57a19f43e000814e5d2c09029aa54
x-origin-response-time
7,23.58.124.68
cache-control
max-age=0, no-cache, no-store
access-control-allow-headers
*
expires
Sat, 18 Nov 2023 09:26:34 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 96BE 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JCdFQRypZE_gEYguMyMWcjG93VaM6S0XOCs9838-gx4JQUOvIlN1siUHQAxnxIvHyMOc1t-fQCjA
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:34 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
ad-choices.svg
static.yieldmo.com/images/ Frame 08C9 		699 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.yieldmo.com/images/ad-choices.svg
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date
Fri, 17 Nov 2023 12:35:59 GMT
via
1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P5
age
75036
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
699
x-amz-meta-replication-status
COMPLETED
last-modified
Tue, 27 Oct 2015 18:00:31 GMT
server
AmazonS3
etag
"f5483cecc2fab32a508cf2b5e5b94abf"
vary
Accept-Encoding, Origin
content-type
image/svg+xml
cache-control
private, max-age=86400
x-response-headers-policy
static-yieldmo-com_svg
x-amz-meta-version-id
smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges
bytes
x-amz-cf-id
nxgHdGdNkT-iMyABWoMbuchaMm1Q5WfTLaAYJASI1q9ygZ6vVqD-2A==
ad-choices.svg
static.yieldmo.com/images/ Frame 8CF3 		699 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.yieldmo.com/images/ad-choices.svg
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date
Fri, 17 Nov 2023 12:35:59 GMT
via
1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P5
age
75036
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
699
x-amz-meta-replication-status
COMPLETED
last-modified
Tue, 27 Oct 2015 18:00:31 GMT
server
AmazonS3
etag
"f5483cecc2fab32a508cf2b5e5b94abf"
vary
Accept-Encoding, Origin
content-type
image/svg+xml
cache-control
private, max-age=86400
x-response-headers-policy
static-yieldmo-com_svg
x-amz-meta-version-id
smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges
bytes
x-amz-cf-id
ZsN1Wuy2OaHpfczcWNQj5G6ENve2gJo8DuO61WtMWjle9btVOGYq9A==
ad-choices.svg
static.yieldmo.com/images/ Frame E5BB 		699 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.yieldmo.com/images/ad-choices.svg
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date
Fri, 17 Nov 2023 12:35:59 GMT
via
1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P5
age
75036
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
699
x-amz-meta-replication-status
COMPLETED
last-modified
Tue, 27 Oct 2015 18:00:31 GMT
server
AmazonS3
etag
"f5483cecc2fab32a508cf2b5e5b94abf"
vary
Accept-Encoding, Origin
content-type
image/svg+xml
cache-control
private, max-age=86400
x-response-headers-policy
static-yieldmo-com_svg
x-amz-meta-version-id
smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges
bytes
x-amz-cf-id
Bn5_ZQRXMzsxHzUSNnBcj7A3EdLo2EGNZ1BvlXzhSR--woQETevO1A==
gen_204
pagead2.googlesyndication.com/pagead/ Frame AFD5 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5114258070921&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AFD5 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5114258070921&version=m202309260101&ct=76&x=8&cor=14718532397188905000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame AFD5 		93 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B18sowKG7ti5WCVPle2G07FEXc4gRLhv3x7hQ5q8bB-XHAS90uQutI0QnUq1Lr2uHlF3vDBaBXvfNE7VfXCuMz0wg9N0IAaO3avJ-iKuZzdVIQet_Gtp51urc9R2EYphLaOSr2LsXkj4exQHDRIMlvlhjbPWBsRDwQYnZDGN5czeUfQeI&dbm_d=AKAmf-DX-Gb-ytvrAd7-Pd1-A874ZjFJRmACHoEdYBwBOwjG7hccJty1yV7o2Abd7i_gQRnpk1dEWQeyYgggEU1URs7e5C6vugpZm31NAK2NmL_NGT9xXADQchR_HeGkuzw_VxMzDHpRpTA7SS8GIh3hEpBkcgiZAJIPkSOfErUzufo45Kv2iuVBrQPKH2xO0tSnIM3DOAh8g4IYpiUaKNID55U_l7jRtMmAp_2vPiBlt79MZADYn1FhUK2IseJz9x7ZW-O8VWDRpruFCfhD1-5xCDHLKqWf2KCDlRExwLg5x1ktnrmocd59Eiqwh5uABgNeYpCZw5qvsT_ZoZU3JMKrlatbtL3DAinfWZUdBNyjKW8rihe5ZURNK_3S4usqz11zLdNmbF07QqepmjlV9oFoWahpAzf8ffC3aSZQm1JW_QfadNHB49GdP7l83lRKuI_LQ8yCzZC2F82vZ76wuCe6NF-nB_2BRkHGILZq_2k7doGP4vlyLK42HNb1YupntfSkSXgUQHAI4IhZsjjSRlwuuDsU9R-HDwtsgU7hOVUtx1zOkojLIBpDkpTeN3PhJZltARGObDXYqevwT4xQxG75rZVcvmcTa9u6Y-6kVsHrJYXHPEQ6QRiRgKVgjDNdQ-tGJwidgsiehSU7KIJD8Nwv9HMDQ5vLu4qchQlD5UWgtGe0g-EPH9CPRlWg92a15M5a0ULPojyrhPGQAdO4jFKj6Xtv3_p4l_tEBLWk6a7JU__Yr2UEwMEaoqYqShhwHtEa-u0tlz0wC1myh7_eEZVuBErFkFKYrTNVV3Z6wbzefIrYsF2u2YXVHaSumRBv6-Zy4pJTLs5kzDxp6g5G7AtZG8tmCBOPoKoP0icwbRimE5M1J5Pg3MGwsNrzvJcCt-wKSm84tv1EWNo-RNewyery1Ia0jEhYN9bp6GJE4vtgMWZ26bdkrgcJ4ORUIPMK-rOyHLf33h0lOy-Ia2TXNq-KTIJzhgoCRI_qUrcgkNWvw6J5JKNEd_RMQfHWoN4J15UpVzweNtLtYM-i7NSylK4jqrjXK1hPt15MRDhr_Ur4QXZXxy6hLmnjU-oLpItssK_Yu11Iaa1j6Tv_b37urXGoV87GigcrJyHgyBySRgF1MHb57Uo0EPjVdLcJj6r_uJSyhWWwXi4KNpZuozUKnKHfpa6iv0iSjPglmfC0skLRmARIV-tVUtRxENk79lmWtPPlcYwlXZ2OiwPhbOcL-XbI0EEpCznOAxhA_83FYTDNxj1QbqTiBm1otcKNZjYvjU6LGc732IYKqZKuz-poPC58Vgg8RIt6lbt14jP8cijsVtLnad7rjeYPaYZAzS6wfP826Q7vPBLlSLvBPStJ6tKmdTrgGr9789_IVBJNZUSacRec8RMnsEpaZwhwbclUEgpQfwDf02IZhVzoGFOWHpt8S95nYiNdNA8DAMdBcObD3C66iaG-HP3w09ZqY4T7eHANgurhdE6ixk2v7BfplYXoYnorpgNbGfhFcIWDSxPD_yBBCnsYnl2yZteAC3RXw8jaGvQCR3htH0Zfz3saYs0pwQrcBiPUUbNcCm6kk5IycSskoQNsEkr76kRtz_NSeQOsasdrC5OojaFYqwpYwR3GSXZ53411pQC1_0gtEDXESgyfVsNYi9bvvFaAzXG1BSU5vZ3BIGLbKyC2IttVhgavbvDpNWynQ4Wpg-uHy3x6DFYLHxxxDq5L9nkC8Q-zmSR0kzxto8QVbtOcnKFjm-rEOM_A_m3mmQhsnFY1MQNhPCdkZp8HR7GqycXZQbuaWLDSR1d_ePK8Q2IPWIXC7zon-ro4eI8I2hGNXVvMGrNb1_io3HZcPbM_OajF5E8VEuJAm19AhvNnn6dlKwo5mPEGQHhSttwHVWAtUsEIxUuKpsFrbWgEn9lcwlAKCHO7IyXS02waKJr1QoG5qCugfpDkAl7qFVDgXehbWEgfk7Pqh_ekMvX-CukaGpuKqZR1CfsWb30DH3c2O4fIp-wdrOc2PyCzk05pxwJHGAO94-73gvLw-FgXwfX94CfR2H01BjAyB2AaowqFM3gX5eCpBJphBIFSmEvwT9M9DXPo0kFeBJa9vJ-1S6oHndMruu1dxtmF_BuvGJyexneqHE4jmH7G_JIHjbydUV4qOrLwC7ufx74hce5xaP5dra9_VHfbLCTjC2cLSx6JZTjNDrRXIbtbmk7Ow-cTiW3x-jmdoLFKjhkaiFFqvumJatKrwpf2bv3_xtwV5ZrLuKAvTp-veWbcPbHMnS3WZRz7hmJu7f4-39Poim946YWLHVA5V5vlvCTgrnRIP9ewEJTvM1PofVPjJtfCbenliX9SLz_NTxQ64-dPj0X2AblvkYmF1z3oCXWowJ8STUQeiegk06dNfwYDr6iFIDgYxxvdoO6MhrpcsPnri02fvldpm9ePd7iB3tu40jSWSUe2ZboNZe-OhTyDsQYK5AFhe0w12Li3Dlcrl_PO534fwlPdZb_fbCtFU_DBmtFVtuffdJNZ_Q3IcnxXwhaROvB62LHXvSXCEiIzSE_4U1Re5pZjq7pfJcM_ww4aaYvck5jQLIBHWGQA53DanshkO8EYFuqE897bMVx4JkCVxLlIDZkfaiYrKFOcZhXw5YxOfjJtNeQRT-lIS4aRN3Zj0juiOK0srstg3yGMwPhSAPTwyEFC7s1-PjhB3yhdUmlzNHZAsXTVv_Xio5ws-_UK_EeS7osFudSp-M7N27WDp2wffEuKDXM7_vlpwqsHIz5_xzBBMQIYBZE09bBzuStr2yr59N-GDTJ3PR83lRn_WLRzwrdVeJb08jxj3nBbb0nntN2u7266ZQUyDJfv-71xvSqFRwISaL3TNrrvecaWcZBzr3TAVE4Z8bwNlJs04s11kEjszBU-NC6vAp_RV5ybNPSFQtMBqGt2N6XORrk4Mh6_YDUR5GGIC4k1ELYPCW9t5WQsORN0QRyzSkFrkR8o3T6YRovc-RBa36W1e28kGM75t_XylO9zt8CD2yUr31RUhvSmRyozoXg7vvSh7CZI3t4K88xwgztIYjhYRmN8SlgqtlxofDNe09O6EDKNUmgeCzjgKUnyR72u6lJDMnkjKj4ly6-8ZG6YllAf8VB-wXM3PW16WW529pg8skaQ0DzT6LIBNjZCiBrCoQVkkfQepHPNdJ0QnQW-DcpYS-xjTutlnuDJIGnRPey9Vz7kOAtTBliayg6V3Uwdh7rUKgcTNvrlJDYjjWTwO7Y50yX7mNNviTAdYQPMoIyZJQJrS98d4Lv4pxXRtuzkecbyU3a4E_FqtlaJRcaIzO2FVtV_cqC7If-RpHSDMCTGtHDSau0lfdNJzKUsAEhogDqevMezlZ8bA66luHkIZyGcM1jZecsT2s75JTWeK-DkRtRr1J0fJZHAx_si-9pI1TSVa5xY-jBqbCF3xrSK7XLKVVLdNVdyabu23VsHiZqvp9bBpLB1QgKoB4zpCly8tl3jNuQAE4Jlip2X7j6eVEaez1-qBNOonY4yFoJu1c0y1doHpna2jex-toKVB1Iyj9iUVa0VpRkBq48h4k8Rtug3BJKzwRmCtYEKPiKoYGbEwfqdr35bbIDmBPGuuM5_bYLelIxWbfsUORdu3iWiALIMNTGr0tej_sLxbYEdFnnKilM_ErBmKOXgmLvcKUi2bKetUz4PFOQWDDn-aprCtieYTdsp7D3mIjBohd0y6_yzG-ubryjVywzleKQpWIoSjPmyQto4qqY4sw&pr=8%3A414555A0233F1638&cid=CAQSMgDICaaNKlhYVspCcLZ5xRiSlUQqnWtnqbPPBjIObuOEpNHIAkLxC7V0lvOFsLCi84AyGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Ffolkd.com%2F&ds=l&xdt=1&iif=1&cor=14718532397188905000&adk=4085373105&idt=119&cac=0&dtd=36
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
b74c866527da6378db65dcb32dd57c5c5cf9fbf8e9875de8a258aa84c218a2f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39564
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame C981 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=ch
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 18 Nov 2023 09:26:34 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 37BA 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
42581
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Sat, 18 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6063 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41b53deb6e49a3e64b6e150e7fc0b4be3dd5766d8ff7b25f4a25b10bd3ad7003

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 89BC
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEMmrQp7-zv3swZlqEfALbaA&google_cver=1&google_push=AXcoOmQ_3qPe7EIdr1dyBAyFBgm4X5QdH4hM8ABf0tIyOpehHO9Ig7g4IQTS0VJ3-EJOu6uFlOoN3ovNJz11XFgZSZ4Vc6Khk8w1gw
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8C18D828AD01465CA9B4276E35A499E0&google_push=AXcoOmQ_3qPe7EIdr1dyBAyFBgm4X5QdH4hM8ABf0tIyOpehHO9Ig7g4IQTS0VJ3-EJOu6uFlOoN3ovNJz11XFg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8C18D828AD01465CA9B4276E35A499E0&google_push=AXcoOmQ_3qPe7EIdr1dyBAyFBgm4X5QdH4hM8ABf0tIyOpehHO9Ig7g4IQTS0VJ3-EJOu6uFlOoN3ovNJz11XFgZSZ4Vc6Khk8w1gw
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 18 Nov 2023 09:26:35 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8C18D828AD01465CA9B4276E35A499E0&google_push=AXcoOmQ_3qPe7EIdr1dyBAyFBgm4X5QdH4hM8ABf0tIyOpehHO9Ig7g4IQTS0VJ3-EJOu6uFlOoN3ovNJz11XFgZSZ4Vc6Khk8w1gw
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 17 Nov 2023 09:26:35 GMT
pixel
cm.g.doubleclick.net/ Frame 89BC
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESENEry3vG7MJ-T22lr76Irqw&google_cver=1&google_push=AXcoOmQghKHo2X2YPAkZq7NfaX6rHk8csCnQJ5YHW93OrzPvtv930L9DH1cIa2sEfXTEmiT_h0TC1PRnb89Vhg...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjczMTE1MzkzMDkwOTg0MA%3D%3D&google_push=AXcoOmQghKHo2X2YPAkZq7NfaX6rHk8csCnQJ5YHW93OrzPvtv930L9DH1cIa2sEfXTEmiT_h0TC1PRnb89VhgvO2P...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjczMTE1MzkzMDkwOTg0MA%3D%3D&google_push=AXcoOmQghKHo2X2YPAkZq7NfaX6rHk8csCnQJ5YHW93OrzPvtv930L9DH1cIa2sEfXTEmiT_h0TC1PRnb89VhgvO2P61CvVLZXSo7Q
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjczMTE1MzkzMDkwOTg0MA%3D%3D&google_push=AXcoOmQghKHo2X2YPAkZq7NfaX6rHk8csCnQJ5YHW93OrzPvtv930L9DH1cIa2sEfXTEmiT_h0TC1PRnb89VhgvO2P61CvVLZXSo7Q
Date
Sat, 18 Nov 2023 09:26:35 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 89BC
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEBnOi_E1_D5OxyLB1CT2Sds&google_cver=1&google_push=AXcoOmTtMHMrrYU4HdxOBVQKpJRiPkBZVgkTX55zjUxEomTLvvS5voxzj4yUxX7An9A8nXZT75oVLWftgfVaT73B...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5pXDqeVBRh4WGQJrLjqeUg&google_push=AXcoOmTtMHMrrYU4HdxOBVQKpJRiPkBZVgkTX55zjUxEomTLvvS5voxzj4yUxX7An9A8nXZT75oVLWftgfVaT73BJeFejvwkTAEksw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5pXDqeVBRh4WGQJrLjqeUg&google_push=AXcoOmTtMHMrrYU4HdxOBVQKpJRiPkBZVgkTX55zjUxEomTLvvS5voxzj4yUxX7An9A8nXZT75oVLWftgfVaT73BJeFejvwkTAEksw
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 18 Nov 2023 09:26:35 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5pXDqeVBRh4WGQJrLjqeUg&google_push=AXcoOmTtMHMrrYU4HdxOBVQKpJRiPkBZVgkTX55zjUxEomTLvvS5voxzj4yUxX7An9A8nXZT75oVLWftgfVaT73BJeFejvwkTAEksw
x-host
tde-deliveryengine-production-bb588bf9-bkx48
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 89BC
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEKtHDjLbEaYfQ-uknYEcsx0&google_cver=1&google_push=AXcoOmQ6bELOC-DdkqxcDxkkXIYS2X_i3bNYmoGZZGH2otIZRiuIo1RLDHfi6j3MUT12C_A-AXVqp2F6iD-tk...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQ6bELOC-DdkqxcDxkkXIYS2X_i3bNYmoGZZGH2otIZRiuIo1RLDHfi6j3MUT12C_A-AXVqp2F6iD-tkTfR4xfFx0feU6FpFg&google_hm=OXBzTVp5WmdXUkJxaE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQ6bELOC-DdkqxcDxkkXIYS2X_i3bNYmoGZZGH2otIZRiuIo1RLDHfi6j3MUT12C_A-AXVqp2F6iD-tkTfR4xfFx0feU6FpFg&google_hm=OXBzTVp5WmdXUkJxaEw2NHo5bGg=
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 09:26:35 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQ6bELOC-DdkqxcDxkkXIYS2X_i3bNYmoGZZGH2otIZRiuIo1RLDHfi6j3MUT12C_A-AXVqp2F6iD-tkTfR4xfFx0feU6FpFg&google_hm=OXBzTVp5WmdXUkJxaEw2NHo5bGg=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
238
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 89BC
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESELrQsZcNwxLDzCUGvSZ5D-8&google_cver=1&google_push=AXcoOmRaYaM7IahjTjJYVgx6dcQ1KSilYNM85yXEwdOJOvs0uhmU6rvI10SBGe2UHUE9lGsyrXcK0c...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRaYaM7IahjTjJYVgx6dcQ1KSilYNM85yXEwdOJOvs0uhmU6rvI10SBGe2UHUE9lGsyrXcK0cPXQpzyx7PsXv3BmeMi1MLB&google_hm=MTI5NDE4OT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRaYaM7IahjTjJYVgx6dcQ1KSilYNM85yXEwdOJOvs0uhmU6rvI10SBGe2UHUE9lGsyrXcK0cPXQpzyx7PsXv3BmeMi1MLB&google_hm=MTI5NDE4OTE2ODU0MjY2ODUwNA%3D%3D
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRaYaM7IahjTjJYVgx6dcQ1KSilYNM85yXEwdOJOvs0uhmU6rvI10SBGe2UHUE9lGsyrXcK0cPXQpzyx7PsXv3BmeMi1MLB&google_hm=MTI5NDE4OTE2ODU0MjY2ODUwNA%3D%3D
date
Sat, 18 Nov 2023 09:26:34 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 89BC
Redirect Chain
  • https://trace.mediago.io/cs/google?google_gid=CAESEJkAPqh_G8yp9t2icYv_zqM&google_cver=1&google_push=AXcoOmSg4bCxYpWq9PRLaBzzUd0iXLGGlHhe0Fp3Wq3MJTVLJe3jvCtp0xw0qKaeVyk6k-Tmhi2kZ4nlsbLwcNAXtHVe3JON-...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSg4bCxYpWq9PRLaBzzUd0iXLGGlHhe0Fp3Wq3MJTVLJe3jvCtp0xw0qKaeVyk6k-Tmhi2kZ4nlsbLwcNAXtHVe3JON-F0ZG5E&google_hm=f34e969978f...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSg4bCxYpWq9PRLaBzzUd0iXLGGlHhe0Fp3Wq3MJTVLJe3jvCtp0xw0qKaeVyk6k-Tmhi2kZ4nlsbLwcNAXtHVe3JON-F0ZG5E&google_hm=f34e969978f0b1271qnyuu00lp3uh84e
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSg4bCxYpWq9PRLaBzzUd0iXLGGlHhe0Fp3Wq3MJTVLJe3jvCtp0xw0qKaeVyk6k-Tmhi2kZ4nlsbLwcNAXtHVe3JON-F0ZG5E&google_hm=f34e969978f0b1271qnyuu00lp3uh84e
date
Sat, 18 Nov 2023 09:26:35 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
content-type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 89BC
Redirect Chain
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEHl7i_e6y5Q_P3f2WwCu4jM&google_cver=1&google_push=AXcoOmSeMooyd5xhboKQkKLo8TSlsJefTbZzC6W0Sxj8g933xit0A1-xwPjhXwr6cWW...
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSeMooyd5xhboKQkKLo8TSlsJefTbZzC6W0Sxj8g933xit0A1-xwPjhXwr6cWWTsWu42QeCB_rJf6YPHde1qePx1Zgk8lnXXQg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSeMooyd5xhboKQkKLo8TSlsJefTbZzC6W0Sxj8g933xit0A1-xwPjhXwr6cWWTsWu42QeCB_rJf6YPHde1qePx1Zgk8lnXXQg
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id
85051d63.225a63d
date
Sat, 18 Nov 2023 09:26:35 GMT
x-bytefaas-request-id
20231118092634D8F8C34258972EE608E8
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-54-206-6.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
x-parent-response-time
93,23.54.206.6
server-timing
cdn-cache; desc=MISS, edge; dur=87, origin; dur=6, inner; dur=4
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231118092634D8F8C34258972EE608E8
x-cache-remote
TCP_MISS from a23-213-246-142.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
access-control-max-age
86400
access-control-allow-methods
*
location
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSeMooyd5xhboKQkKLo8TSlsJefTbZzC6W0Sxj8g933xit0A1-xwPjhXwr6cWWTsWu42QeCB_rJf6YPHde1qePx1Zgk8lnXXQg
x-bytefaas-execution-duration
3.39
access-control-allow-origin
*
access-control-allow-credentials
true
x-gw-dst-psm
ad.union.pangle_web_traffic
x-tt-trace-host
012c3080230e230a6052f2575cfefdef7aa1de14c700ebe6a1f282ae6e0d0c94e9376ee4479581a2154e5a5e1e36ba836013fcb8db85c842ede5466507ff6b7f263b7484c2c0422db0da8c240730889b2a14a554d93050c04178ec68f78781775e41fbcb5d2594cff14b9b6e6a2df57cd5
x-origin-response-time
6,23.213.246.142
cache-control
max-age=0, no-cache, no-store
access-control-allow-headers
*
expires
Sat, 18 Nov 2023 09:26:35 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 89BC 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IzxtRMhd6DeNJXwYRgeqMzqGH4ZR8ZFZns7ESaeJW6wxmfv9lAl3szx1t4DRY5R8874lQjZ5k
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:34 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
i.match
s.tribalfusion.com/z/ Frame F72D
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEFTRbPbjYQaC6ci2qweRYXM&google_cver=1&google_push=AXcoOmRY2LuC3Yzgil9PCB8iYDK_ZHUzW5zLF8Mu-5HxEGfELtFgyO8Q2-NU5oC48oKvmqnzL4D8sXoek4Cmo6PSHLz6sa8Fw5io&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFTRbPbjYQaC6ci2qweRYXM&google_cver=1&google_push=AXcoOmRY2LuC3Yzgil9PCB8iYDK_ZHUzW5zLF8Mu-5HxEGfELtFgyO8Q2-NU5oC48oKvmqnzL4D8sXoek4Cmo6PSHLz6sa8Fw5i...
43 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFTRbPbjYQaC6ci2qweRYXM&google_cver=1&google_push=AXcoOmRY2LuC3Yzgil9PCB8iYDK_ZHUzW5zLF8Mu-5HxEGfELtFgyO8Q2-NU5oC48oKvmqnzL4D8sXoek4Cmo6PSHLz6sa8Fw5io&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRY2LuC3Yzgil9PCB8iYDK_ZHUzW5zLF8Mu-5HxEGfELtFgyO8Q2-NU5oC48oKvmqnzL4D8sXoek4Cmo6PSHLz6sa8Fw5io%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
827f2c388b403c98-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
484
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFTRbPbjYQaC6ci2qweRYXM&google_cver=1&google_push=AXcoOmRY2LuC3Yzgil9PCB8iYDK_ZHUzW5zLF8Mu-5HxEGfELtFgyO8Q2-NU5oC48oKvmqnzL4D8sXoek4Cmo6PSHLz6sa8Fw5io&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRY2LuC3Yzgil9PCB8iYDK_ZHUzW5zLF8Mu-5HxEGfELtFgyO8Q2-NU5oC48oKvmqnzL4D8sXoek4Cmo6PSHLz6sa8Fw5io%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
827f2c373a103c98-CDG
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F72D
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESENEry3vG7MJ-T22lr76Irqw&google_cver=1&google_push=AXcoOmRmXzjM7wEgh0FIsuBsGn9oRwroQElY32tX0HsSgPUDGtT82wL1ngoCC1Ih6eWqVTw749Z1Q9o3w27BvL...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjczMTE1MzkzMDkwOTg1NA%3D%3D&google_push=AXcoOmRmXzjM7wEgh0FIsuBsGn9oRwroQElY32tX0HsSgPUDGtT82wL1ngoCC1Ih6eWqVTw749Z1Q9o3w27BvLnXDY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjczMTE1MzkzMDkwOTg1NA%3D%3D&google_push=AXcoOmRmXzjM7wEgh0FIsuBsGn9oRwroQElY32tX0HsSgPUDGtT82wL1ngoCC1Ih6eWqVTw749Z1Q9o3w27BvLnXDY6rq6t38Jq6
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjczMTE1MzkzMDkwOTg1NA%3D%3D&google_push=AXcoOmRmXzjM7wEgh0FIsuBsGn9oRwroQElY32tX0HsSgPUDGtT82wL1ngoCC1Ih6eWqVTw749Z1Q9o3w27BvLnXDY6rq6t38Jq6
Date
Sat, 18 Nov 2023 09:26:35 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame F72D
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTetr...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-BcT7oYU1ZMb0nO4_DF1howqR-_OGylLyaxdqQA&google_push=AXcoOmTetrn1J-_oc6dbZq0ryhVBjAnkAtEXajUbdjW5GViWf7sMUfxWjxwSHUoehVQaRzekgt6q6JZ3_4Pq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-BcT7oYU1ZMb0nO4_DF1howqR-_OGylLyaxdqQA&google_push=AXcoOmTetrn1J-_oc6dbZq0ryhVBjAnkAtEXajUbdjW5GViWf7sMUfxWjxwSHUoehVQaRzekgt6q6JZ3_4PqWcqdwQA27E13vuD0
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:34 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-BcT7oYU1ZMb0nO4_DF1howqR-_OGylLyaxdqQA&google_push=AXcoOmTetrn1J-_oc6dbZq0ryhVBjAnkAtEXajUbdjW5GViWf7sMUfxWjxwSHUoehVQaRzekgt6q6JZ3_4PqWcqdwQA27E13vuD0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
684628
content-length
0
expires
Sat, 18 Nov 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F72D
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEH7T9qRbZ6NbS4WVr7Z_Z6s&google_cver=1&google_push=AXcoOmT2B92DAEsBrWIsERW_AoKDcMHXOxCOHl2ZhxsdybKcUv_jPJp8SVx4uKaCxxA-0exbNAJsA4rivNbAzzzAQMGmhjEC2q1p
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmT2B92DAEsBrWIsERW_AoKDcMHXOxCOHl2ZhxsdybKcUv_jPJp8SVx4uKaCxxA-0exbNAJsA4rivNbAzzzAQMGmhjEC2q1...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTc4ODA2MTcyMTY1MDgwNzg3NDI1NA%3D%3D&google_push=AXcoOmT2B92DAEsBrWIsERW_AoKDcMHXOxCOHl2ZhxsdybKcUv_jPJp8...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTc4ODA2MTcyMTY1MDgwNzg3NDI1NA%3D%3D&google_push=AXcoOmT2B92DAEsBrWIsERW_AoKDcMHXOxCOHl2ZhxsdybKcUv_jPJp8SVx4uKaCxxA-0exbNAJsA4rivNbAzzzAQMGmhjEC2q1p
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTc4ODA2MTcyMTY1MDgwNzg3NDI1NA%3D%3D&google_push=AXcoOmT2B92DAEsBrWIsERW_AoKDcMHXOxCOHl2ZhxsdybKcUv_jPJp8SVx4uKaCxxA-0exbNAJsA4rivNbAzzzAQMGmhjEC2q1p
date
Sat, 18 Nov 2023 09:26:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
0.gif
id5-sync.com/i/495/ Frame F72D
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESENXWFYm1fltxLvD4-wOG8AY&google_cver=1&google_push=AXcoOmSi74AMzkRPkTw6_38T2quzn1pOg1anLHq7t6jQoqVHgaz8-62dVCEe1if6yiv25PaeSP3gO5BAhg78iwYVigU_pWaMz_7CKA
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSi74AMzkRPkTw6_38T2quzn1pOg1anLHq7t6jQoqVH...
43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSi74AMzkRPkTw6_38T2quzn1pOg1anLHq7t6jQoqVHgaz8-62dVCEe1if6yiv25PaeSP3gO5BAhg78iwYVigU_pWaMz_7CKA
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Sat, 18 Nov 2023 09:26:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Redirect headers

date
Sat, 18 Nov 2023 09:26:35 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSi74AMzkRPkTw6_38T2quzn1pOg1anLHq7t6jQoqVHgaz8-62dVCEe1if6yiv25PaeSP3gO5BAhg78iwYVigU_pWaMz_7CKA
x-download-options
noopen
vary
Accept
content-length
273
x-xss-protection
0
/
onetag-sys.com/match/ Frame F72D
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEFEQoz_9XDmJPa1EGVeKg-E&google_cver=1&google_push=AXcoOmQVDe9WdKlC3O4f7pfHCw2AxfawLNR8XDVhScbiA3QwLLjzghUuk45lMvTgoIUJlLyj9HHtXWNIsQd...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQVDe9WdKlC3O4f7pfHCw2AxfawLNR8XDVhScbiA3QwLLjzghUuk45lMvTgoIUJlLyj9HHtXWNIsQdamwXOd9ff13lgTXHFvQ
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
google
sync-dmp.aura-dsp.com/match/ Frame F72D 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame F72D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13INcXKid96MNtvOzzNkvmt12kkulPZ3hMvjJgbzpJif6JDEpdXi_HOONSnP-wpA3TJSVf0by_80
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:34 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
usync.js
eus.rubiconproject.com/ Frame DCD4 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=ch
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5dd6869cd5c5617dd2d16d966a95ab76178ab37e129250dab0d9ce9dbb30f98a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=ch
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 09:26:34 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 Nov 2023 09:11:45 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=85507
Connection
keep-alive
Content-Length
13229
Expires
Sun, 19 Nov 2023 09:11:41 GMT
usync.js
eus.rubiconproject.com/ Frame B13B 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=ch
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5dd6869cd5c5617dd2d16d966a95ab76178ab37e129250dab0d9ce9dbb30f98a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=ch
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 09:26:34 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 Nov 2023 09:11:45 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=85507
Connection
keep-alive
Content-Length
13229
Expires
Sun, 19 Nov 2023 09:11:41 GMT
Standard
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame 6063 		91 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
80958b705988fc97f2179c7a83acfc7353d1145e50ffd2680bbe3e08254708c2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:34 GMT
content-encoding
gzip
last-modified
Fri, 17 Nov 2023 10:42:02 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sat, 18 Nov 2023 15:27:20 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 1CC5 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
153709
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 14:44:45 GMT
expires
Fri, 15 Nov 2024 14:44:45 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
i.match
s.tribalfusion.com/z/ Frame F05A
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEFTRbPbjYQaC6ci2qweRYXM&google_cver=1&google_push=AXcoOmQJpfcWz4PbyheuPwwbDGz4RUgikdzR7khI7_ddsbdr9j_k1A481dtvXqFTZPWHn4n56A2Xylj-96PwnqjtxqtgvIIRExXNn...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFTRbPbjYQaC6ci2qweRYXM&google_cver=1&google_push=AXcoOmQJpfcWz4PbyheuPwwbDGz4RUgikdzR7khI7_ddsbdr9j_k1A481dtvXqFTZPWHn4n56A2Xylj-96PwnqjtxqtgvIIRExX...
43 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFTRbPbjYQaC6ci2qweRYXM&google_cver=1&google_push=AXcoOmQJpfcWz4PbyheuPwwbDGz4RUgikdzR7khI7_ddsbdr9j_k1A481dtvXqFTZPWHn4n56A2Xylj-96PwnqjtxqtgvIIRExXNnw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQJpfcWz4PbyheuPwwbDGz4RUgikdzR7khI7_ddsbdr9j_k1A481dtvXqFTZPWHn4n56A2Xylj-96PwnqjtxqtgvIIRExXNnw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
827f2c38cb7b3c98-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
1061
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFTRbPbjYQaC6ci2qweRYXM&google_cver=1&google_push=AXcoOmQJpfcWz4PbyheuPwwbDGz4RUgikdzR7khI7_ddsbdr9j_k1A481dtvXqFTZPWHn4n56A2Xylj-96PwnqjtxqtgvIIRExXNnw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQJpfcWz4PbyheuPwwbDGz4RUgikdzR7khI7_ddsbdr9j_k1A481dtvXqFTZPWHn4n56A2Xylj-96PwnqjtxqtgvIIRExXNnw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
827f2c373a113c98-CDG
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F05A
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEKtHDjLbEaYfQ-uknYEcsx0&google_cver=1&google_push=AXcoOmQ92jGqAlVIq17M-5djLXAlPiXTNKuBXJrx2u2pgRoPN_mppqtQW5hhisXqnVTQPsbEadrtNWcIGTJbu...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQ92jGqAlVIq17M-5djLXAlPiXTNKuBXJrx2u2pgRoPN_mppqtQW5hhisXqnVTQPsbEadrtNWcIGTJbue2XwYgrhWg0Qhdu&google_hm=OXBzTVp5WmdXUkJxaEw2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQ92jGqAlVIq17M-5djLXAlPiXTNKuBXJrx2u2pgRoPN_mppqtQW5hhisXqnVTQPsbEadrtNWcIGTJbue2XwYgrhWg0Qhdu&google_hm=OXBzTVp5WmdXUkJxaEw2NHo5bGg=
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 09:26:35 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQ92jGqAlVIq17M-5djLXAlPiXTNKuBXJrx2u2pgRoPN_mppqtQW5hhisXqnVTQPsbEadrtNWcIGTJbue2XwYgrhWg0Qhdu&google_hm=OXBzTVp5WmdXUkJxaEw2NHo5bGg=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
236
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F05A
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=N5MWkK_tSXKOlQNXQy30Aw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=N5MWkK_tSXKOlQNXQy30Aw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSRVU7d4YXVg5Fk5CdEldE4LnxIxYWzn9LXnvvSX7YkonDsIAyx1alRF57TT9QBzbqWNu3WqQ_WLHmwZ0unnXwy0KwnRktP4w
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=N5MWkK_tSXKOlQNXQy30Aw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSRVU7d4YXVg5Fk5CdEldE4LnxIxYWzn9LXnvvSX7YkonDsIAyx1alRF57TT9QBzbqWNu3WqQ_WLHmwZ0unnXwy0KwnRktP4w
date
Sat, 18 Nov 2023 09:26:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame F05A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKOoATOO-vYRYYJsibzkgdI&google_cver=1&google_push=AXcoOmTfH_NNlouMnCbhDqjxlRp-3y_603KfP4siR-0QmnNnbgk10LmZ8_hbZWi3wAYlVDFZxFy...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAzVUgxVjEtMjEtNjM4VQ==&google_push=AXcoOmTfH_NNlouMnCbhDqjxlRp-3y_603KfP4siR-0QmnNnbgk10LmZ8_hbZWi3wAYlVDFZxFyAxc9nAc0xl_5KMlFPrArBLwQy
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAzVUgxVjEtMjEtNjM4VQ==&google_push=AXcoOmTfH_NNlouMnCbhDqjxlRp-3y_603KfP4siR-0QmnNnbgk10LmZ8_hbZWi3wAYlVDFZxFyAxc9nAc0xl_5KMlFPrArBLwQy
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAzVUgxVjEtMjEtNjM4VQ==&google_push=AXcoOmTfH_NNlouMnCbhDqjxlRp-3y_603KfP4siR-0QmnNnbgk10LmZ8_hbZWi3wAYlVDFZxFyAxc9nAc0xl_5KMlFPrArBLwQy
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
pixel
cm.g.doubleclick.net/ Frame F05A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEB3CsfBx7sedt9MiWDg4k-Q&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB3CsfBx7sedt9MiWDg4k-Q&google_hm=ZViDSBAZuaAbVWgtJXAc_QAADLwAAAAB&google_nid=index&google_push=AXcoOmQwt5eaKkputTLTSVrNADOnJGuyODIkG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB3CsfBx7sedt9MiWDg4k-Q&google_hm=ZViDSBAZuaAbVWgtJXAc_QAADLwAAAAB&google_nid=index&google_push=AXcoOmQwt5eaKkputTLTSVrNADOnJGuyODIkG4bJFxt-mUeNq-gF_0V9I7mUXnttaHw6IO_O-NOFMeKLDDnD9zLRnGHzaUqPZr8E
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P59GTd7250XPR9Wq4gbH4bjI6xvxo0BEZpPwQsTADx0DSYg%2BMrdxa0IXDpZqbVVJ2lHPlhtmjljZYn56A5FFR0ZODuNzrd4utG2JapDaCapqx1LkHvbEt7Vuk9GsLDzGo3w78coIKlSu1g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB3CsfBx7sedt9MiWDg4k-Q&google_hm=ZViDSBAZuaAbVWgtJXAc_QAADLwAAAAB&google_nid=index&google_push=AXcoOmQwt5eaKkputTLTSVrNADOnJGuyODIkG4bJFxt-mUeNq-gF_0V9I7mUXnttaHw6IO_O-NOFMeKLDDnD9zLRnGHzaUqPZr8E
cache-control
no-cache
cf-ray
827f2c34ca0c2397-ZRH
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame F05A
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEG_8mc7NE70EZzRUaAlM1NM&google_cver=1&google_push=AXcoOmSZl7P0xq_Z-Unen82NwV7vEbdBouDpgYO1dLKNEpoY1CKBP1jsNwkg6vT6_Oh9VUlnw2LJurJgXUsZ0AnCFO7-xD...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEG_8mc7NE70EZzRUaAlM1NM&google_cver=1&google_push=AXcoOmSZl7P0xq_Z-Unen82NwV7vEbdBouDpgYO1dLKNEpoY1CKBP1jsNwkg6vT6_Oh9VUlnw2LJurJgXUsZ0AnC...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=fjD_WiwsRh2btLD0-cTDdA&google_push=AXcoOmSZl7P0xq_Z-Unen82NwV7vEbdBouDpgYO1dLKNEpoY1CKBP1jsNwkg6vT6_Oh9VUlnw2LJurJgXUsZ0An...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=fjD_WiwsRh2btLD0-cTDdA&google_push=AXcoOmSZl7P0xq_Z-Unen82NwV7vEbdBouDpgYO1dLKNEpoY1CKBP1jsNwkg6vT6_Oh9VUlnw2LJurJgXUsZ0AnCFO7-xDNV31pumQ
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=fjD_WiwsRh2btLD0-cTDdA&google_push=AXcoOmSZl7P0xq_Z-Unen82NwV7vEbdBouDpgYO1dLKNEpoY1CKBP1jsNwkg6vT6_Oh9VUlnw2LJurJgXUsZ0AnCFO7-xDNV31pumQ
access-control-allow-origin
*
date
Sat, 18 Nov 2023 09:26:35 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame F05A
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESELbMIsONiy57jVro2kUJ9Zc&google_cver=1&google_push=AXcoOmQNyQ3S-VSyTCJ9_2FfIxUX7yCERbWHIsm9frRCyQxjrMwleytd9SOAUJF_6j0-XfD5JynvypJ_Jz0JyflrN-M-3FN...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQNyQ3S-VSyTCJ9_2FfIxUX7yCERbWHIsm9frRCyQxjrMwleytd9SOAUJF_6j0-XfD5JynvypJ_Jz0JyflrN-M-3FNQIpiR-z0&google_hm=ODk0OTcy...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQNyQ3S-VSyTCJ9_2FfIxUX7yCERbWHIsm9frRCyQxjrMwleytd9SOAUJF_6j0-XfD5JynvypJ_Jz0JyflrN-M-3FNQIpiR-z0&google_hm=ODk0OTcyOTU3Njc4OTgyNDc5NA==
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQNyQ3S-VSyTCJ9_2FfIxUX7yCERbWHIsm9frRCyQxjrMwleytd9SOAUJF_6j0-XfD5JynvypJ_Jz0JyflrN-M-3FNQIpiR-z0&google_hm=ODk0OTcyOTU3Njc4OTgyNDc5NA==
Date
Sat, 18 Nov 2023 09:26:35 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
attr
cm.g.doubleclick.net/pixel/ Frame F05A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jgesf7dbqahYnZROFVncBszGo6fsLz7cPTJBMp2obI5H_onCBwCl85bc5vMJKxRKqdnMZNtQ
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:34 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame DA2A 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
153709
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 14:44:45 GMT
expires
Fri, 15 Nov 2024 14:44:45 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:35 GMT
x-amzn-RequestId
e7555204-7fa7-024c-ba87-d78f0f9912c6
/
kinesis.us-east-1.amazonaws.com/ Frame AFD5 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
be31990c11dfd4ab4f14544d71ba2443bf2ee0149f3493c995261dcfd6802d35

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=bd94dd9a70524172cbaa1967a3e9a0529c24cf0097c9fe580e8b33178cd5d53f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
c076bb99b415bde4c83d3a2105046a446f5928caf7464f9a3d39235a93053ab1
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092634Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:35 GMT
x-amzn-RequestId
f39c9f2b-4a91-1a58-ae4e-1aa03aaf0ad2
Content-Length
133
x-amz-id-2
b/y48sR+eJY6CfdIKSTyjKJZu8Vpnz+FIL0O0zGEO+2nnQdr/gSlJFj9qbuloUeDn9NptNnoaMCG6OGcuuY/hgOoYBF9+RCC
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame AFD5 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=v&imp=6421225417988955068&plid=2521236318193655889&pvid=3409479185010479232&fmtid=90&offsetX=0&offsetY=0&pvt=1700299591383&stime=1700299594973&etime=1700299594973&viewportHeight=600&viewportWidth=300&adSlotLeft=0%2C0&adSlotRight=600%2C300
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:34 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
ev
ads.yieldmo.com/v000/t_tkr/ Frame AFD5 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=fv&imp=6421225417988955068&plid=2521236318193655889&pvid=3409479185010479232&fmtid=90&offsetX=0&offsetY=0&pvt=1700299591383&stime=1700299594974&etime=1700299594974&viewportHeight=600&viewportWidth=300&adSlotLeft=0%2C0&adSlotRight=600%2C300
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 05D4 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
153710
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 14:44:45 GMT
expires
Fri, 15 Nov 2024 14:44:45 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 4397 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
153710
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 14:44:45 GMT
expires
Fri, 15 Nov 2024 14:44:45 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
request.php
hal90005.redintelligence.net/ Frame C48E
Redirect Chain
  • https://hal90005.redintelligence.net/request.php?zone=khr4rmdzysvp&nw=20&renderingType=javascript&namespace=9046decd17&subid=&uid=60679d35eaea9a15&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90005.redintelligence.net/request.php?zone=khr4rmdzysvp&nw=20&renderingType=javascript&namespace=9046decd17&subid=&uid=60679d35eaea9a15&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90005.redintelligence.net/request.php?zone=khr4rmdzysvp&nw=20&renderingType=javascript&namespace=9046decd17&subid=&uid=60679d35eaea9a15&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUPJHRINYZYjeEI3tgAedvpbYApHB0Jtpg_WDktwP8C4QASDY1dgrYPWFyoHcBMgBCakCJmnHrA9Qsj6oAwHIA5sEqgSEAk_Q919VknfSk4xMJDnPPw_oIhF6zAQAwbbu3IfEsf-ZKafQN54Y5ecgcwZjuxnfuyetqdf_rN5bqcTJIVFMNdbex6vdErYaekmpfWNujcbviMwauLub8O-cj6oxjq7icH_16mfeQhp-Bc4xL6NMLfmWP2LjD7_2IzT9P29Qtt2KUOy-ABjglkpar_R7rMWU55E8IEe8zk_H6RQnlYvEmZ2dO8JUhTb0VzHfCyg-36oIKfVapDcfsmJS-XWxzkKFMjAQsgmemtUABZyVpdngQfMj8LqDJPIA2MCRNy8N-DRBpg4ilYxeh9TVIrNGdCPCBiUW8gAkF4PiuYcsG9UCkuCQ4TJgwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQKqDQJDSOINEwjH_ODHnc2CAxWNNuAKHR2fBSuwE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNMECdQHpAockj_sfYtw8J7O7o1wx6eYwkfbTkTNdhIC1OYdLfDCKeNe_W-tTB84KposwLBfg7vxgB%26sig%3DAOD64_2-jX5Kp5-u1R6ssr-LN4Z2fX4S9A%26client%3Dca-pub-3944954862316283%26dbm_c%3DAKAmf-BmSaBqkRkl2Krmhvon3ObJFsvvjH_k1r3FOuRLM4Q8FWY8bh-VJ8pUEAnxMylflQba6UfHP07QHm_4V5h8x3Eazn9oHVAybgkGoqQPbltLzaBmc-MHMIQ7Jfsw0ok2R2bcQSgI99J2Jggh_UgAR2Th-u3qoE5g_lNm7LAC8eSr1Mapm_I%26cry%3D1%26dbm_d%3DAKAmf-AtME_Rijpra4Cqk7jFY_9p-NPD-Vnfs6v7EqbrcRAImijtGPOACD0LueysCZVrnZbMIu5RgnGN8j036glrWRWxrpSl8Zqe4sx9hRZlFLnODAxyLvp3XNSVQIPROnOfFmq5tsPGmvDUCScmZTVqrZ2c7TEkCycFerSOawsngEBLh53EKS_VDyRq9oeLwuHbXbiu9OIHETaUv65SAHqRXvm3LbNCkCgxDSYFdHH2PW62RosfRyLIaW71g8Tw7u3c8HHAKjJsoolWiil5z_hfRdtO9CHqQc4YyIsFfDCkDKBH2SBk18vTxYnkjexxGMr4WS4S4RcuY3IClaakp1fSuvWFjbqBehKR_somPpgSNvC419yjrMDWipYSUPg_xpTcIgQkS5jJGGm7ErUYRkhffsvh4fZzdahpNVF74g6ha8UGKddq-e2MC_jqMaQfLgGbTVCG36tnb-ZFKwHrmfI_-fcvfHYcPkbkjOlm6klPIdsDMsdoMNEt3MCHYVrh0Bb1CGb5jaTh5EJh3LERl1mCwi_SogdlbP5tOCNC5ciOExaf6un3pKA%26adurl%3D&documentReferer=https%3A%2F%2Ffolkd.com%2F&ancestorOrigins=https%3A%2F%2Ffolkd.com&random=478092767399&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
58691537f5b8ea9dbac282289e57581dc2593cb5a21d551f1d67bf0be6fd995b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 09:26:35 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
20504700034430604438266012512005
Connection
close
Content-Length
863
Expires
Sat, 18 Nov 2023 09:26:35 +0100

Redirect headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 09:26:35 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=khr4rmdzysvp&nw=20&renderingType=javascript&namespace=9046decd17&subid=&uid=60679d35eaea9a15&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUPJHRINYZYjeEI3tgAedvpbYApHB0Jtpg_WDktwP8C4QASDY1dgrYPWFyoHcBMgBCakCJmnHrA9Qsj6oAwHIA5sEqgSEAk_Q919VknfSk4xMJDnPPw_oIhF6zAQAwbbu3IfEsf-ZKafQN54Y5ecgcwZjuxnfuyetqdf_rN5bqcTJIVFMNdbex6vdErYaekmpfWNujcbviMwauLub8O-cj6oxjq7icH_16mfeQhp-Bc4xL6NMLfmWP2LjD7_2IzT9P29Qtt2KUOy-ABjglkpar_R7rMWU55E8IEe8zk_H6RQnlYvEmZ2dO8JUhTb0VzHfCyg-36oIKfVapDcfsmJS-XWxzkKFMjAQsgmemtUABZyVpdngQfMj8LqDJPIA2MCRNy8N-DRBpg4ilYxeh9TVIrNGdCPCBiUW8gAkF4PiuYcsG9UCkuCQ4TJgwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQKqDQJDSOINEwjH_ODHnc2CAxWNNuAKHR2fBSuwE5W10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNMECdQHpAockj_sfYtw8J7O7o1wx6eYwkfbTkTNdhIC1OYdLfDCKeNe_W-tTB84KposwLBfg7vxgB%26sig%3DAOD64_2-jX5Kp5-u1R6ssr-LN4Z2fX4S9A%26client%3Dca-pub-3944954862316283%26dbm_c%3DAKAmf-BmSaBqkRkl2Krmhvon3ObJFsvvjH_k1r3FOuRLM4Q8FWY8bh-VJ8pUEAnxMylflQba6UfHP07QHm_4V5h8x3Eazn9oHVAybgkGoqQPbltLzaBmc-MHMIQ7Jfsw0ok2R2bcQSgI99J2Jggh_UgAR2Th-u3qoE5g_lNm7LAC8eSr1Mapm_I%26cry%3D1%26dbm_d%3DAKAmf-AtME_Rijpra4Cqk7jFY_9p-NPD-Vnfs6v7EqbrcRAImijtGPOACD0LueysCZVrnZbMIu5RgnGN8j036glrWRWxrpSl8Zqe4sx9hRZlFLnODAxyLvp3XNSVQIPROnOfFmq5tsPGmvDUCScmZTVqrZ2c7TEkCycFerSOawsngEBLh53EKS_VDyRq9oeLwuHbXbiu9OIHETaUv65SAHqRXvm3LbNCkCgxDSYFdHH2PW62RosfRyLIaW71g8Tw7u3c8HHAKjJsoolWiil5z_hfRdtO9CHqQc4YyIsFfDCkDKBH2SBk18vTxYnkjexxGMr4WS4S4RcuY3IClaakp1fSuvWFjbqBehKR_somPpgSNvC419yjrMDWipYSUPg_xpTcIgQkS5jJGGm7ErUYRkhffsvh4fZzdahpNVF74g6ha8UGKddq-e2MC_jqMaQfLgGbTVCG36tnb-ZFKwHrmfI_-fcvfHYcPkbkjOlm6klPIdsDMsdoMNEt3MCHYVrh0Bb1CGb5jaTh5EJh3LERl1mCwi_SogdlbP5tOCNC5ciOExaf6un3pKA%26adurl%3D&documentReferer=https%3A%2F%2Ffolkd.com%2F&ancestorOrigins=https%3A%2F%2Ffolkd.com&random=478092767399&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Sat, 18 Nov 2023 09:26:35 +0100
ad-choices.svg
static.yieldmo.com/images/ Frame 3DC7 		699 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.yieldmo.com/images/ad-choices.svg
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date
Fri, 17 Nov 2023 12:35:59 GMT
via
1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P5
age
75037
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
699
x-amz-meta-replication-status
COMPLETED
last-modified
Tue, 27 Oct 2015 18:00:31 GMT
server
AmazonS3
etag
"f5483cecc2fab32a508cf2b5e5b94abf"
vary
Accept-Encoding, Origin
content-type
image/svg+xml
cache-control
private, max-age=86400
x-response-headers-policy
static-yieldmo-com_svg
x-amz-meta-version-id
smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges
bytes
x-amz-cf-id
gJl1NLuP7m86rP_fuUqzue-C1ZPNXtrJC-VIi8JTiEzP40XbafOhlg==
usync.js
eus.rubiconproject.com/ Frame C981 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=ch
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5dd6869cd5c5617dd2d16d966a95ab76178ab37e129250dab0d9ce9dbb30f98a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=ch
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 09:26:35 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 Nov 2023 09:11:45 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=85506
Connection
keep-alive
Content-Length
13229
Expires
Sun, 19 Nov 2023 09:11:41 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A740 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsslu5f6gmpzKxogKWkGG3qjrQ9CDHEZTVZTHpBHuHpjCxFQN3NOwrIslQ8ZSPhss2elgFnpMlN8TRACBzXhw7lxTGNAqR7YkvpEVbwu1HARlx30L_ib-CM17fN7KXEOkhjqzlwOOHlWvX12cGNhfpu9GmdMAfBBLKcVC0bJCwh9aT6e-uh8tgoGPhRozxwLwjRRjfKGgvpCGVytuchBtmzTpdIfwBS6wMVa7oZ3k-hOCCk3LZ9c-e9_1sWfzTRVamviaJq7hvS8tK1SDdcSpd37MCEnokHvHZm-mQcr60dZT0iMkAC9R-FLTMiEGn39lOVjDZJ3eUBGfse1ixp3EhswLmL_hoz_6fxCmpGiy1Zqsax2bVwmZgE3LOB6sAMGbjzOzrzFzX2qxy-RPuIK_5t5u_oMa7RHrX9Y--28z5rst6_SCEHQVUHvrfCngnWu5MnnsLyRO1VDJX7VurfXKU32LRgb25wCGlOJyYPyHOL0ToHwhX91VKEZLdhUqfZnfpdWirovNWj6JsTG9XVaSlIJTSJVERgb3829wXxOud8X179kXQlwhQuVwDXxxgH5EcSFDOim-0piisDyYgHXnB5qVjo5_u99Gch4Mfs-ncKPf7jgUipx-Gvvbihbo9QR5IdnfR2FyU3ciaVsUmE9DscilSnb5yKSevl6xoyuj34ugVQ7f42BkRPQkZopjGGVUyolhBfkaDFNU6hN4gos-dOpCQB9HGbvU3FEip2Pq1SFjO3BEFE_P1vrNbONmFiUUxDV2H_ii_ve1TOjZrMLKXJmGFo9qEhVhJnFqLzaqtCosg6Aa5T-IZT9uZWf6YaVSHGROtXgte8c6Rl_i5fCfHV0dTg2rc-Yfyw6cxN9M59xESuOukTw8HN3LJyyjqjWXl6lG7-r5r7YIAWPrKH21zT4sJFdbpcWKw45QubCGKlM9XqDxDDhwixijS18uRkDGG36EqT9xy0JhD8aSuhMwBlkkUAtdO8fBRYIGAtwbVuK1aJJVfE5TrJh6RSXoD0O6Xsp1yUeJNUG1F5E43nfE6ILo9bfvmV3HpUHOpWkC6YIXSW2n6jV1XZI2LA-gazwIDAyWDgr5sdSlQbwQQh4_cFwMJDoEHgLJxmQjky1HrqgTQPUqNp0xcUVAT9IwoxuA-MXg6YaJzzjk0aPs1qrdZWH-oCO33ok9BYxr2RFO09txuoSVGgV501KsDrhOnln6vJq_Tz5iDI4MPxmTombWiUkj_vMcGvHQgyJmHNur8HZ7byyjrNzkrVqBTuC095x9Tczv2ROE_X7LCdKclk1He6eYjGJ5fucbSmx_yp0-Kkt59xGHF_d_zcfFKuHRvdaBqWbvRPjEkFed264ivrgDSCk7kVVBzHt7xmmL1O09k9suPtHE0IcFl-xhbQYQyik51JPM0hcdpTS9CJ_DrSmM1mPQuazidOSVpzP0PzH_t-rofDR&sai=AMfl-YRoedleX4Nf-H3hB1-krbXffP8XV-IQtlrD4WTayfH654iadM3WX0UCZGavWXeqMEj4K8aeLAH2JiBwCnsBtHV0hsucux30n4eF9nNYUvXR6lZZrmmnd7EBUrBph4-LiSCBVV8OMDut9409nsaA-ILnHqcmde3cBPQDB_89wi2Lak8PmiCpep_FpcQPUR10eHRmQahmv0dmle0cFjrWkCRWip788cKJn2CIgLpgZ1oOSmjZ3W3XXNz7DDtH3I3U5f2JwES2sl2CXz_QH4WZqw&sig=Cg0ArKJSzA_tQp3ruKe7EAE&uach_m=[UACH]&pr=8:489F9114CF8ACACE&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=871&cbvp=1&cisv=r20231109.35219&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 18 Nov 2023 09:26:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
710838405461994249
s0.2mdn.net/simgad/ Frame A740 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/710838405461994249
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
sffe /
Resource Hash
20ae5dc783ffb374c29d7c2ef693b1a9c7284563c0c5ad71ad77c7c910c0ba89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:15:28 GMT
x-content-type-options
nosniff
age
36667
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15039
x-xss-protection
0
last-modified
Wed, 11 Oct 2023 06:49:25 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Nov 2024 23:15:28 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame E400 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
153710
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 14:44:45 GMT
expires
Fri, 15 Nov 2024 14:44:45 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
kinesis.us-east-1.amazonaws.com/ Frame AFD5 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
147efdcd30700ea8ee1850b95753da19994ed750cf14bfc5ce2e6d9ad8510b30

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=b631b87b1b1213ef71947ca25760292ebbc68ae2de6ca7eb34e20ab5e8aa5e92
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
e9f08a1f94d2b001367bd709ee1efcf1aead605d66f4a1b73661ff029574029b
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092635Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:35 GMT
x-amzn-RequestId
d5450ec2-601c-07b5-8897-8b49b63fa91e
Content-Length
133
x-amz-id-2
i1RLXeaMSvCRQdntNtKfFCFE8lOtLmeSg9qkX8lGRq4jjH6GPt79AjiIq0kLt/i07fBCSyUYiSI/dKxaDu7zWFh5Ng/d/0zL
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:35 GMT
x-amzn-RequestId
ee8cdb12-f009-0d01-b35e-5e99262aa3aa
dpixel
cms.quantserve.com/ Frame A791 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECyKz27dAxM6dnFiwDG71LM&google_cver=1&google_push=AXcoOmSfQeYaRv0I3Uju6_GreKhgEWoddLpuTN7xTu_SPj_gSjFa_5Z4OspXHurZgMAL6eDzeokP4OanALj_bmTfw4P9IxGyM3v-jg
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.168 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A791
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJ6fAoVsAQrIp4_NvyY9ppA&google_cver=1&google_push=AXcoOmTSq3PLzJNK_GCmB6-GYcmc21UStHrqBCbHq5x-q4uaiuk29bh...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=3da9c39c83f4165c&is_secure=true&networkId=14000&version=1&google_gid=CAESEJ6fAoVsAQrIp4_NvyY9ppA&google_cver=1&google_push=AXcoOmTSq3PL...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAISsW8clQuqwNVwwG0AAAAAAA&expiration=1700385995&google_cver=1&is_secure=true&google_gid=CAESEJ6fAoVsAQrIp4_NvyY9p...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAISsW8clQuqwNVwwG0AAAAAAA&expiration=1700385995&google_cver=1&is_secure=true&google_gid=CAESEJ6fAoVsAQrIp4_NvyY9ppA&google_push=AXcoOmTSq3PLzJNK_GCmB6-GYcmc21UStHrqBCbHq5x-q4uaiuk29bhIfDOoi5_-SU7y2QhCqgWpaQnJEak3Lx9zRMH-cvuk8Xi-_w
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAISsW8clQuqwNVwwG0AAAAAAA&expiration=1700385995&google_cver=1&is_secure=true&google_gid=CAESEJ6fAoVsAQrIp4_NvyY9ppA&google_push=AXcoOmTSq3PLzJNK_GCmB6-GYcmc21UStHrqBCbHq5x-q4uaiuk29bhIfDOoi5_-SU7y2QhCqgWpaQnJEak3Lx9zRMH-cvuk8Xi-_w
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame A791
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSmQo...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-BcT7oYU1ZMb0nO4_DF1howqR-_OGylLyaxdqQA&google_push=AXcoOmSmQoSfLbsjKnz7Pb4mQOYq2seUQ_LqaN5MCO8miuAl0uUqZuP_bcJYliHj-JdLYLO3TxSzPCkXjlCk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-BcT7oYU1ZMb0nO4_DF1howqR-_OGylLyaxdqQA&google_push=AXcoOmSmQoSfLbsjKnz7Pb4mQOYq2seUQ_LqaN5MCO8miuAl0uUqZuP_bcJYliHj-JdLYLO3TxSzPCkXjlCkxFHW3aEB66bvUM5W4A
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:34 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-BcT7oYU1ZMb0nO4_DF1howqR-_OGylLyaxdqQA&google_push=AXcoOmSmQoSfLbsjKnz7Pb4mQOYq2seUQ_LqaN5MCO8miuAl0uUqZuP_bcJYliHj-JdLYLO3TxSzPCkXjlCkxFHW3aEB66bvUM5W4A
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
718037
content-length
0
expires
Sat, 18 Nov 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A791
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEMmFmAcRjOzs6nRuw_7GY58&google_cver=1&google_push=AXcoOmQLHcUd4nXv6X9VylvBphw3N2wmiEqkf_owFu--J7hmJaM4gWXiIyo85DA22HZkVE-LZjiHuJfdWYF3OF5PW5jeqivpejbezQ
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQLHcUd4nXv6X9VylvBphw3N2wmiEqkf_owFu--J7hmJaM4gWXiIyo85DA22HZkVE-LZjiHuJfdWYF3OF5PW5jeqivpejbezQ&google_hm=lPpImljajrWp3gsfov-k0g==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQLHcUd4nXv6X9VylvBphw3N2wmiEqkf_owFu--J7hmJaM4gWXiIyo85DA22HZkVE-LZjiHuJfdWYF3OF5PW5jeqivpejbezQ&google_hm=lPpImljajrWp3gsfov-k0g==
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmQLHcUd4nXv6X9VylvBphw3N2wmiEqkf_owFu--J7hmJaM4gWXiIyo85DA22HZkVE-LZjiHuJfdWYF3OF5PW5jeqivpejbezQ&google_hm=lPpImljajrWp3gsfov-k0g==
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
231
pixel
cm.g.doubleclick.net/ Frame A791
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmS_FhHzhUmdzHrIOqdWty31auwJiK8r4j53a480UHMPbAMdiSjPCD6wLPfNp1ewbyTMn9OYF4VgikDIcHWSi5Fn-sb1SrT3oA&google_gid=CAESEL0SgtmcDOP...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL0SgtmcDOPt0proOLngvmQ&google_hm=T1BVZjkxOWJiMDcyMGQ5NDU1ZmFhOGIyYmJiODY0ZGY4NWE&google_nid=opera_norway_as&google_push=AXcoOmS_FhHz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL0SgtmcDOPt0proOLngvmQ&google_hm=T1BVZjkxOWJiMDcyMGQ5NDU1ZmFhOGIyYmJiODY0ZGY4NWE&google_nid=opera_norway_as&google_push=AXcoOmS_FhHzhUmdzHrIOqdWty31auwJiK8r4j53a480UHMPbAMdiSjPCD6wLPfNp1ewbyTMn9OYF4VgikDIcHWSi5Fn-sb1SrT3oA
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL0SgtmcDOPt0proOLngvmQ&google_hm=T1BVZjkxOWJiMDcyMGQ5NDU1ZmFhOGIyYmJiODY0ZGY4NWE&google_nid=opera_norway_as&google_push=AXcoOmS_FhHzhUmdzHrIOqdWty31auwJiK8r4j53a480UHMPbAMdiSjPCD6wLPfNp1ewbyTMn9OYF4VgikDIcHWSi5Fn-sb1SrT3oA
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
326
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A791
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEBhLJNWQr...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c6bdb680-a140-4ff6-91da-0f9909356df6&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c6bdb680-a140-4ff6-91da-0f9909356df6&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c6bdb680-a140-4ff6-91da-0f9909356df6&%%GOOGLE_PUSH_PAIR%%
date
Sat, 18 Nov 2023 09:26:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame A791
Redirect Chain
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEHl7i_e6y5Q_P3f2WwCu4jM&google_cver=1&google_push=AXcoOmQjMMJOlLZ-MIAgAVX6G-9j4rvJ6QoN_cspcn4YB1YI1bCbtyRLlpxM2FboqKb...
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmQjMMJOlLZ-MIAgAVX6G-9j4rvJ6QoN_cspcn4YB1YI1bCbtyRLlpxM2FboqKbayMRotg9XvZkYB7FTUJMxRb6P2KUNB-Lhat8
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmQjMMJOlLZ-MIAgAVX6G-9j4rvJ6QoN_cspcn4YB1YI1bCbtyRLlpxM2FboqKbayMRotg9XvZkYB7FTUJMxRb6P2KUNB-Lhat8
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id
225a7ed
date
Sat, 18 Nov 2023 09:26:35 GMT
x-bytefaas-request-id
2023111809263590857B04C0ABB2B343BE
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-54-206-6.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
server-timing
inner; dur=78, cdn-cache; desc=MISS, edge; dur=0, origin; dur=169
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2023111809263590857B04C0ABB2B343BE
access-control-max-age
86400
access-control-allow-methods
*
location
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmQjMMJOlLZ-MIAgAVX6G-9j4rvJ6QoN_cspcn4YB1YI1bCbtyRLlpxM2FboqKbayMRotg9XvZkYB7FTUJMxRb6P2KUNB-Lhat8
x-bytefaas-execution-duration
76.79
access-control-allow-origin
*
access-control-allow-credentials
true
x-gw-dst-psm
ad.union.pangle_web_traffic
x-tt-trace-host
012c3080230e230a6052f2575cfefdef7ac5c335a3fc02d50c788342e1e7273400604d8c046f7f8952c86b0d6b030bc797f239cb4ed8d909ecdfc85a5e250346506be31a2c14b26c170b8fd3a3e541e156dc4c0fd950aee5e1a8e8f505c9448897
x-origin-response-time
169,23.54.206.6
cache-control
max-age=0, no-cache, no-store
access-control-allow-headers
*
expires
Sat, 18 Nov 2023 09:26:35 GMT
attr
cm.g.doubleclick.net/pixel/ Frame A791 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IADH9F4JCBZ4yZx19mNMzpNtWbgEu7DmYg23aOGdBbhugKIzUfhuxDp3vgYp56Gz7EMPsLTHLP
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 6C1A
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJ6fAoVsAQrIp4_NvyY9ppA&google_cver=1&google_push=AXcoOmT9lh1-TtJTV51CJ43z70LmywJfrebh_5AmSd-x6kKQsVdPx2i...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=35ff8a38049c183c&is_secure=true&networkId=14000&version=1&google_gid=CAESEJ6fAoVsAQrIp4_NvyY9ppA&google_cver=1&google_push=AXcoOmT9lh1-...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAI0iF8EVhINwNUDqKtAAAAAAA&expiration=1700385995&google_cver=1&is_secure=true&google_gid=CAESEJ6fAoVsAQrIp4_NvyY9p...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAI0iF8EVhINwNUDqKtAAAAAAA&expiration=1700385995&google_cver=1&is_secure=true&google_gid=CAESEJ6fAoVsAQrIp4_NvyY9ppA&google_push=AXcoOmT9lh1-TtJTV51CJ43z70LmywJfrebh_5AmSd-x6kKQsVdPx2iHJyo7s5ndFMc6EccdcRytP3xv1m7rQLlvAfM8R2KfCqid
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAI0iF8EVhINwNUDqKtAAAAAAA&expiration=1700385995&google_cver=1&is_secure=true&google_gid=CAESEJ6fAoVsAQrIp4_NvyY9ppA&google_push=AXcoOmT9lh1-TtJTV51CJ43z70LmywJfrebh_5AmSd-x6kKQsVdPx2iHJyo7s5ndFMc6EccdcRytP3xv1m7rQLlvAfM8R2KfCqid
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 6C1A
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEMmFmAcRjOzs6nRuw_7GY58&google_cver=1&google_push=AXcoOmTSgg5MJtEEb3XIEzaKHZH5nkOVKk-AySb9_YkeFHSJW0D9J2qUkxs8vUgQ5vLVGfI0Fzuz8ff_Hiko0V0shqf1aR3oUaGb1A
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmTSgg5MJtEEb3XIEzaKHZH5nkOVKk-AySb9_YkeFHSJW0D9J2qUkxs8vUgQ5vLVGfI0Fzuz8ff_Hiko0V0shqf1aR3oUaGb1A&google_hm=lPpImljajrWp3gsfov-k0g==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmTSgg5MJtEEb3XIEzaKHZH5nkOVKk-AySb9_YkeFHSJW0D9J2qUkxs8vUgQ5vLVGfI0Fzuz8ff_Hiko0V0shqf1aR3oUaGb1A&google_hm=lPpImljajrWp3gsfov-k0g==
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmTSgg5MJtEEb3XIEzaKHZH5nkOVKk-AySb9_YkeFHSJW0D9J2qUkxs8vUgQ5vLVGfI0Fzuz8ff_Hiko0V0shqf1aR3oUaGb1A&google_hm=lPpImljajrWp3gsfov-k0g==
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
231
pixel
cm.g.doubleclick.net/ Frame 6C1A
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEG_8mc7NE70EZzRUaAlM1NM&google_cver=1&google_push=AXcoOmTiJ9UPRWXQjWp2lQfP9xMbxUzsuVeIYN_drK1R7pebUdWmZQe5npINqnUXXnKwhAlkDjzzIIYOvP9J3T_l7bT_3u...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEG_8mc7NE70EZzRUaAlM1NM&google_cver=1&google_push=AXcoOmTiJ9UPRWXQjWp2lQfP9xMbxUzsuVeIYN_drK1R7pebUdWmZQe5npINqnUXXnKwhAlkDjzzIIYOvP9J3T_l...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=fjD_WiwsRh2btLD0-cTDdA&google_push=AXcoOmTiJ9UPRWXQjWp2lQfP9xMbxUzsuVeIYN_drK1R7pebUdWmZQe5npINqnUXXnKwhAlkDjzzIIYOvP9J3T_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=fjD_WiwsRh2btLD0-cTDdA&google_push=AXcoOmTiJ9UPRWXQjWp2lQfP9xMbxUzsuVeIYN_drK1R7pebUdWmZQe5npINqnUXXnKwhAlkDjzzIIYOvP9J3T_l7bT_3uhX3yj5nA
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=fjD_WiwsRh2btLD0-cTDdA&google_push=AXcoOmTiJ9UPRWXQjWp2lQfP9xMbxUzsuVeIYN_drK1R7pebUdWmZQe5npINqnUXXnKwhAlkDjzzIIYOvP9J3T_l7bT_3uhX3yj5nA
access-control-allow-origin
*
date
Sat, 18 Nov 2023 09:26:35 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 6C1A
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEH7T9qRbZ6NbS4WVr7Z_Z6s&google_cver=1&google_push=AXcoOmTEY4U4F-1NL06w3MEJnhHIjyOgOgS_mzEo6tln1cWvLDVxV2_MW_mDk0-4tveNieHlPkeo3jPyp4cWjVXR6REvSD7Ahe...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTEY4U4F-1NL06w3MEJnhHIjyOgOgS_mzEo6tln1cWvLDVxV2_MW_mDk0-4tveNieHlPkeo3jPyp4cWjVXR6REvSD7Ahev...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTc4ODA2MTcyMTY1MDgwNzg3NDI1NA%3D%3D&google_push=AXcoOmTEY4U4F-1NL06w3MEJnhHIjyOgOgS_mzEo6tln1cWvLDVxV2_M...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTc4ODA2MTcyMTY1MDgwNzg3NDI1NA%3D%3D&google_push=AXcoOmTEY4U4F-1NL06w3MEJnhHIjyOgOgS_mzEo6tln1cWvLDVxV2_MW_mDk0-4tveNieHlPkeo3jPyp4cWjVXR6REvSD7AhevwMg
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTc4ODA2MTcyMTY1MDgwNzg3NDI1NA%3D%3D&google_push=AXcoOmTEY4U4F-1NL06w3MEJnhHIjyOgOgS_mzEo6tln1cWvLDVxV2_MW_mDk0-4tveNieHlPkeo3jPyp4cWjVXR6REvSD7AhevwMg
date
Sat, 18 Nov 2023 09:26:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 6C1A
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmSJrYiPduydKzJR3Yx-eOOrhPZosooMstQxaf9VbYJXXhNyHaaS0wdeH6KpKHpSqY-rMRs2aaQ8GdND7ee_x2fcrfTa-63b2Hg&google_gid=CAESEL0SgtmcDO...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL0SgtmcDOPt0proOLngvmQ&google_hm=T1BVNjkzMWE0N2IzNWNiNDBmZGFiN2YzNjIyMzkzZWM5M2U&google_nid=opera_norway_as&google_push=AXcoOmSJrYiP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL0SgtmcDOPt0proOLngvmQ&google_hm=T1BVNjkzMWE0N2IzNWNiNDBmZGFiN2YzNjIyMzkzZWM5M2U&google_nid=opera_norway_as&google_push=AXcoOmSJrYiPduydKzJR3Yx-eOOrhPZosooMstQxaf9VbYJXXhNyHaaS0wdeH6KpKHpSqY-rMRs2aaQ8GdND7ee_x2fcrfTa-63b2Hg
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL0SgtmcDOPt0proOLngvmQ&google_hm=T1BVNjkzMWE0N2IzNWNiNDBmZGFiN2YzNjIyMzkzZWM5M2U&google_nid=opera_norway_as&google_push=AXcoOmSJrYiPduydKzJR3Yx-eOOrhPZosooMstQxaf9VbYJXXhNyHaaS0wdeH6KpKHpSqY-rMRs2aaQ8GdND7ee_x2fcrfTa-63b2Hg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
327
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6C1A
Redirect Chain
  • https://trace.mediago.io/cs/google?google_gid=CAESEJkAPqh_G8yp9t2icYv_zqM&google_cver=1&google_push=AXcoOmQpq-ymOT69FzgvNthUlQlxquc_iOg7UJ3SXctDscTE6j_Ior51T3LSI9rsTrnhwbEkTPKMTVGHKFPJAhmDEYK8wjWbJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQpq-ymOT69FzgvNthUlQlxquc_iOg7UJ3SXctDscTE6j_Ior51T3LSI9rsTrnhwbEkTPKMTVGHKFPJAhmDEYK8wjWbJW1kJA&google_hm=f34e969978f0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQpq-ymOT69FzgvNthUlQlxquc_iOg7UJ3SXctDscTE6j_Ior51T3LSI9rsTrnhwbEkTPKMTVGHKFPJAhmDEYK8wjWbJW1kJA&google_hm=f34e969978f0b1271k9hgw00lp3uh87v
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQpq-ymOT69FzgvNthUlQlxquc_iOg7UJ3SXctDscTE6j_Ior51T3LSI9rsTrnhwbEkTPKMTVGHKFPJAhmDEYK8wjWbJW1kJA&google_hm=f34e969978f0b1271k9hgw00lp3uh87v
date
Sat, 18 Nov 2023 09:26:35 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
content-type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 6C1A
Redirect Chain
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=8da16270-01e1-4ae9-a9ef-e6d3929feadd&google_cver=1&google_gid=CAESELIzrNWLnW2i4cd7YF_1HGo&gdpr_consent=${GDPR_CONSENT_109}&google_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=8da16270-01e1-4ae9-a9ef-e6d3929feadd&google_cver=1&google_gid=CAESELIzrNWLnW2i4cd7YF_1HGo&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmR932SN0OwF4T5LAoiy1Z_cZS0ALfLKrsCTI7_juJO1dh8TQxz4crrh95Uks8-RPgbGcq8UqdgLK9jpQ4xc2xjTpC_SsqhRiSE&gdpr=${GDPR}
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=8da16270-01e1-4ae9-a9ef-e6d3929feadd&google_cver=1&google_gid=CAESELIzrNWLnW2i4cd7YF_1HGo&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmR932SN0OwF4T5LAoiy1Z_cZS0ALfLKrsCTI7_juJO1dh8TQxz4crrh95Uks8-RPgbGcq8UqdgLK9jpQ4xc2xjTpC_SsqhRiSE&gdpr=${GDPR}
date
Sat, 18 Nov 2023 09:26:35 GMT
server
_
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 6C1A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jsig25CbexnWijSQABBcYD4Cp2q5cjBoPOGJKuMffkGdoOC5ALldWxKgB2cfgVbPDnVCgS7CS_
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
i.match
s.tribalfusion.com/z/ Frame 1B3F
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEFTRbPbjYQaC6ci2qweRYXM&google_cver=1&google_push=AXcoOmSnXQnJ6wQL_Kbmy6rK2JNJkPAFlVOmhl6wjdX-uw42R4FUCrBjDiOeVKA3FngzCnwozzRtSEr4SQMTquzvo4ZGiKgnjV8uC...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFTRbPbjYQaC6ci2qweRYXM&google_cver=1&google_push=AXcoOmSnXQnJ6wQL_Kbmy6rK2JNJkPAFlVOmhl6wjdX-uw42R4FUCrBjDiOeVKA3FngzCnwozzRtSEr4SQMTquzvo4ZGiKgnjV8...
43 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFTRbPbjYQaC6ci2qweRYXM&google_cver=1&google_push=AXcoOmSnXQnJ6wQL_Kbmy6rK2JNJkPAFlVOmhl6wjdX-uw42R4FUCrBjDiOeVKA3FngzCnwozzRtSEr4SQMTquzvo4ZGiKgnjV8uCw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSnXQnJ6wQL_Kbmy6rK2JNJkPAFlVOmhl6wjdX-uw42R4FUCrBjDiOeVKA3FngzCnwozzRtSEr4SQMTquzvo4ZGiKgnjV8uCw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
827f2c398c293c98-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
1
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFTRbPbjYQaC6ci2qweRYXM&google_cver=1&google_push=AXcoOmSnXQnJ6wQL_Kbmy6rK2JNJkPAFlVOmhl6wjdX-uw42R4FUCrBjDiOeVKA3FngzCnwozzRtSEr4SQMTquzvo4ZGiKgnjV8uCw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSnXQnJ6wQL_Kbmy6rK2JNJkPAFlVOmhl6wjdX-uw42R4FUCrBjDiOeVKA3FngzCnwozzRtSEr4SQMTquzvo4ZGiKgnjV8uCw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
827f2c373a133c98-CDG
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1B3F
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEF7-SG7CLoSet3-m9XqLLsU&google_cver=1&google_push=AXcoOmQb8M_YaBNoCTbsF2Hp30ZvQJRuaNiYMNBJdVWCmj04rLDm16JUuiha_tLUJT0UuKKIlrSydrIj90djoBJmDS31EZd0MLEN2g
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=VnZjV1ZHVnZCdHExdGZZVVRJTllaUQ%3D%3D&google_push=AXcoOmQb8M_YaBNoCTbsF2Hp30ZvQJRuaNiYMNBJdVWCmj04rLDm16JUuiha_tLUJT0UuKKIlrSydrIj90djo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=VnZjV1ZHVnZCdHExdGZZVVRJTllaUQ%3D%3D&google_push=AXcoOmQb8M_YaBNoCTbsF2Hp30ZvQJRuaNiYMNBJdVWCmj04rLDm16JUuiha_tLUJT0UuKKIlrSydrIj90djoBJmDS31EZd0MLEN2g
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 18 Nov 2023 09:26:36 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=VnZjV1ZHVnZCdHExdGZZVVRJTllaUQ%3D%3D&google_push=AXcoOmQb8M_YaBNoCTbsF2Hp30ZvQJRuaNiYMNBJdVWCmj04rLDm16JUuiha_tLUJT0UuKKIlrSydrIj90djoBJmDS31EZd0MLEN2g
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
245
pixel
cm.g.doubleclick.net/ Frame 1B3F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESENe9MgIJkSOTy9LpELJ1x6o&google_cver=1&google_push=AXcoOmRFd1OZ8FSw--txJ_ZAQYau-ua6rQHrJ7FnmO6P7qx1fwmWUJ4VaJ4PiJ7Yl15fLR58Mqm1mF3rF_lUfDU...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ICU9rQacXFJ_CB5fi3yQN1LFoQQ&google_push=AXcoOmRFd1OZ8FSw--txJ_ZAQYau-ua6rQHrJ7FnmO6P7qx1fwmWUJ4VaJ4PiJ7Yl15fLR58Mqm1mF3rF_lUfD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ICU9rQacXFJ_CB5fi3yQN1LFoQQ&google_push=AXcoOmRFd1OZ8FSw--txJ_ZAQYau-ua6rQHrJ7FnmO6P7qx1fwmWUJ4VaJ4PiJ7Yl15fLR58Mqm1mF3rF_lUfDUc4f3rMmwAvV4vPg
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ICU9rQacXFJ_CB5fi3yQN1LFoQQ&google_push=AXcoOmRFd1OZ8FSw--txJ_ZAQYau-ua6rQHrJ7FnmO6P7qx1fwmWUJ4VaJ4PiJ7Yl15fLR58Mqm1mF3rF_lUfDUc4f3rMmwAvV4vPg
Date
Sat, 18 Nov 2023 09:26:35 GMT
Connection
keep-alive
Content-Length
244
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 1B3F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKOoATOO-vYRYYJsibzkgdI&google_cver=1&google_push=AXcoOmRrfOeSSLCw04Lpa3ZemAYcwokbM69iE0yEtP1atC49WhxJB6cx-a370r9elJ_1CayMVeK...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAzVUgxVjEtMjEtNjM4VQ==&google_push=AXcoOmRrfOeSSLCw04Lpa3ZemAYcwokbM69iE0yEtP1atC49WhxJB6cx-a370r9elJ_1CayMVeKIX9DaOxM9H1367xzAuHgG0-UryQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAzVUgxVjEtMjEtNjM4VQ==&google_push=AXcoOmRrfOeSSLCw04Lpa3ZemAYcwokbM69iE0yEtP1atC49WhxJB6cx-a370r9elJ_1CayMVeKIX9DaOxM9H1367xzAuHgG0-UryQ
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAzVUgxVjEtMjEtNjM4VQ==&google_push=AXcoOmRrfOeSSLCw04Lpa3ZemAYcwokbM69iE0yEtP1atC49WhxJB6cx-a370r9elJ_1CayMVeKIX9DaOxM9H1367xzAuHgG0-UryQ
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
pixel
cm.g.doubleclick.net/ Frame 1B3F
Redirect Chain
  • https://google.partners.tremorhub.com/sync?UIDF=CAESEJDbE3YlkLvv7PmQpmwKBXY&google_cver=1&google_push=AXcoOmT2nFm1K2gzfVBkF1FTdzJjZDMnXgnebndwQd4Ph1_SwFSgvnn7wlBHO3vf8wESale8SGBY5vM9qml0RDuCzocUrn2...
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=YmIwM2Y0OTUzYTliNDFiNmJjMWY0ZDVlYThiYzM5Yjk%3D&UIDF=CAESEJDbE3YlkLvv7PmQpmwKBXY&google_cver=1&google_push=AXcoOmT2nFm1K2gzfVBkF1FTdzJj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=YmIwM2Y0OTUzYTliNDFiNmJjMWY0ZDVlYThiYzM5Yjk%3D&UIDF=CAESEJDbE3YlkLvv7PmQpmwKBXY&google_cver=1&google_push=AXcoOmT2nFm1K2gzfVBkF1FTdzJjZDMnXgnebndwQd4Ph1_SwFSgvnn7wlBHO3vf8wESale8SGBY5vM9qml0RDuCzocUrn2DNbeh
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=YmIwM2Y0OTUzYTliNDFiNmJjMWY0ZDVlYThiYzM5Yjk%3D&UIDF=CAESEJDbE3YlkLvv7PmQpmwKBXY&google_cver=1&google_push=AXcoOmT2nFm1K2gzfVBkF1FTdzJjZDMnXgnebndwQd4Ph1_SwFSgvnn7wlBHO3vf8wESale8SGBY5vM9qml0RDuCzocUrn2DNbeh
date
Sat, 18 Nov 2023 09:26:35 GMT
server
nginx
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
pixel
cm.g.doubleclick.net/ Frame 1B3F
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEG_8mc7NE70EZzRUaAlM1NM&google_cver=1&google_push=AXcoOmR-NimGfM3av6tz01BqBpCDY5roGVBg1KOn_xIO8qI5XmzVnokmeYF4CuFonO6yd96Eus8oaRhHmrX-Oede2cBMZQ...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEG_8mc7NE70EZzRUaAlM1NM&google_cver=1&google_push=AXcoOmR-NimGfM3av6tz01BqBpCDY5roGVBg1KOn_xIO8qI5XmzVnokmeYF4CuFonO6yd96Eus8oaRhHmrX-Oede...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=fjD_WiwsRh2btLD0-cTDdA&google_push=AXcoOmR-NimGfM3av6tz01BqBpCDY5roGVBg1KOn_xIO8qI5XmzVnokmeYF4CuFonO6yd96Eus8oaRhHmrX-Oed...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=fjD_WiwsRh2btLD0-cTDdA&google_push=AXcoOmR-NimGfM3av6tz01BqBpCDY5roGVBg1KOn_xIO8qI5XmzVnokmeYF4CuFonO6yd96Eus8oaRhHmrX-Oede2cBMZQQDlzlzlw
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=fjD_WiwsRh2btLD0-cTDdA&google_push=AXcoOmR-NimGfM3av6tz01BqBpCDY5roGVBg1KOn_xIO8qI5XmzVnokmeYF4CuFonO6yd96Eus8oaRhHmrX-Oede2cBMZQQDlzlzlw
access-control-allow-origin
*
date
Sat, 18 Nov 2023 09:26:35 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
report
sync.teads.tv/um/ Frame 1B3F
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPzZoMJLBgpH...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=YzQwYmJmMGUtNjI1Yi00M2MxLWFmZjItOTUyNjA4Y2QxNjRk&google_push=AXcoOmQPLPI7hYA2TkyWWjPREDK7ZhuTQFkXDZbUnZngWM6B9A9XsUrnfWxJoL8quPDOW...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 18 Nov 2023 09:26:35 GMT
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 1B3F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JTnWjpW21-G44821dpBuZGZQN1FarG7kRPnRRWNutNKNdLGwdaVl0N3z-cgITbfveEBAZQuw
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame AFD5 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 05:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13345
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 Nov 2023 05:44:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame AFD5 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:12:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
62032
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 16:12:43 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame AFD5 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:03:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
62569
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11874
x-xss-protection
0
server
cafe
etag
3876053170955424897
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 16:03:46 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame AFD5 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:54:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
37945
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 22:54:10 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame B2FC 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
153710
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 14:44:45 GMT
expires
Fri, 15 Nov 2024 14:44:45 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
9504452026646950015
s0.2mdn.net/simgad/ Frame 6391 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9504452026646950015
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
sffe /
Resource Hash
a2d0f6ddb61cf9ca595257ef522206f6a7d882396576373f1e222f5391fef812
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 16:21:30 GMT
x-content-type-options
nosniff
age
234305
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14634
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 12:02:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Nov 2024 16:21:30 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6391 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssFYTSiosNsy7siVOEkUkA8gdtZIU4BYTIRlTnH9CYGT1Xlhxoi5QTSR1e9tI26juY6PsjdttflIBAxvQauHrqznGukj7pqF3jcyrgi4vbNop8QT9Fg9fAUSoYbEZUY59dJVpndD3prrSb6Cx8Ip-JdnNcnA8dFZD7I2GUkn1UWvESN8aFvDvW6dRLD04ieGPf_IOgKPI1354HJUdZvwAufxKoNtg7MgCEhc85oC5tGu1Ha3rR5z3SeQg81qaMmA-lBMqb3q5CJDw1fpxrEQvCkwu-pja_ibGNU8ktljp88QxuQ-UcAsr2Aymhr3UGbI8ZTozA5AhR6G1e0HwwfEDQFN9iHswZmqdUHRqvDkiGSS9uewvu96meixVmT7RqpV5uf89Eh9Iv2_zU5lCSCgMMnHrVapfWdlsL0Tp2x1llfStTS3mKKY77u1FR9MDLxf0WIOVvT130ox_U5YKCaQUbYtDchVGPKSJsjYw4YHQDiNPoqcM5FJtNF36-AZT4TxOOvfUqU6gJdHEKigUxR48uzmJ76ZjqyKMWc1Me4ADdpn4CP9R75nG2EE-fehuPg9MJRE_xYOwwi8kPKs1Axo1r1RtOvDPh3BkGpuBov_ZVcCiICMz54Dclaf2XMBk_xpkyOWuGuHbKtx5hfZcJdp2vykG6_NArNh-v53fWK-7JUgJxsxZf9pv7d9-pbyBLLBESi1aAbwpczZ2L_97B8824TiSglqnY1HQdLCGa4iFgeQOhIn5cKP1TGP8avovQYgM300BbwwhFI5QP2ZVP0LQhlzmN9Uc-UWL1zWcf_uwfOt9XEXdS0g_ocDK3r61eYr5jsXujFmPDIhFyRZdE7pmhMAdiOi4Bpm5OHF7JyureResxP8i23VDNsncsmQwtTnq0aS3UvXAqmlJk929MZPHKCq1cBtb9O9xigRrRjZpyxu2Phlo_dWMBBqMEO89VxYZvRgAfSL3Qg77jgb-VsXR_GYcZ-wR4z-0TRwt6rJ3bIN3H0aIQ_Q-NveGdRqSNqCgg4hgrCPYfkB91hxDZjWsM9acsf4WCiTnlxpZ_qZhsg66PBogxM69NJee3bB9trNI6Q6tBiMK6D8uleu7w1LJVzmB8q9zlzhhMra8hET2ph-xXFGxI3cevKTDeOY2EX_geqK2iVtueQFFhVj0f8HAznvHDdH7kCG2rXUsCbO63Jl96fwD7wsGDcyHTmKOjCFlzX2gEMwpcyol5au5fPqfBURFDQzEIZIf8rhGLbvMM4dB9uBbX9FqBXZPMdd1Pd4PBgifWVl1RnX60M5ARt9TarLT2OSD1xwyxzIvppfDeF9XAdHJc0jlruWYppgrnE073VkVeFSkXH-uR27rhSYBHh6KFUYtmRn_vNdwhiB5-RB-0LPSkF2UXNZku7rwDVD20zjRPzItcXcXjb168J4-m0Ahlc-I34iWbIu957sUxCpLH5zrYaeA&sai=AMfl-YQ6XFcfq0op5vWZTfSNxT-RUfRCwgTrWY3yKYqoZxUi6QtS80Xnu5JRC3NJsSoGlCgTusgQBoi00uvKU-DJHIYGap5zW7oHue-SOvEq1cQHTgr52STWXWj7J3KKQq1w5ANcJeTdJwljVHPwqyPDWzyNw6Ezmhgq2EZV0yxD06kleCbCoB4ITgNn1uNzP7-PO9c-p7kmBuCMySVBUpiJqQBQ9p6h6YT3BiGe_S0DE6v0iW0Q5ajl6-PEfuP10JO1Vn4hLbo6xvzyoyz-0GdC6g&sig=Cg0ArKJSzKIBz_1Bl5EiEAE&uach_m=[UACH]&pr=67:0.136704&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1145&cbvp=1&cisv=r20231109.14262&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 18 Nov 2023 09:26:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
khaos.json
token.rubiconproject.com/ Frame DCD4 		7 B
798 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
khaos.json
token.rubiconproject.com/ Frame B13B 		7 B
798 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame A49F 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
153710
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 14:44:45 GMT
expires
Fri, 15 Nov 2024 14:44:45 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 37BA
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPODNS9haK5el5JUHJGyVII&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPODNS9haK5el5JUHJGyVII&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VTZjZklsRkYxUjRoQjE1&google_gid=CAESEPODNS9haK5el5JUHJGyVII&google_cver=1&google_push=AXcoOmTwdQFURJvaW1PRaXcNDSgJQjjtNLdQ2vCniafM174...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VTZjZklsRkYxUjRoQjE1&google_gid=CAESEPODNS9haK5el5JUHJGyVII&google_cver=1&google_push=AXcoOmTwdQFURJvaW1PRaXcNDSgJQjjtNLdQ2vCniafM1745um_BcLMtYiK8VIMg1YpYkufgOjG9ibCU5kW0egn2q8puQwht9_9X
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 09:26:34 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-029f22d856dc4e10e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VTZjZklsRkYxUjRoQjE1&google_gid=CAESEPODNS9haK5el5JUHJGyVII&google_cver=1&google_push=AXcoOmTwdQFURJvaW1PRaXcNDSgJQjjtNLdQ2vCniafM1745um_BcLMtYiK8VIMg1YpYkufgOjG9ibCU5kW0egn2q8puQwht9_9X
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 37BA
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEMmrQp7-zv3swZlqEfALbaA&google_cver=1&google_push=AXcoOmTJFzYm0w-83Gown9LKDQlvRi8m0DyqOtlOazWEK0VHsBiHS4xXkQSEm-jBGcWu01F40MsMYtNYE5M2wTI40sjFhSFi7TfQ
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8C18D828AD01465CA9B4276E35A499E0&google_push=AXcoOmTJFzYm0w-83Gown9LKDQlvRi8m0DyqOtlOazWEK0VHsBiHS4xXkQSEm-jBGcWu01F40MsMYtNYE5M2wTI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8C18D828AD01465CA9B4276E35A499E0&google_push=AXcoOmTJFzYm0w-83Gown9LKDQlvRi8m0DyqOtlOazWEK0VHsBiHS4xXkQSEm-jBGcWu01F40MsMYtNYE5M2wTI40sjFhSFi7TfQ
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 18 Nov 2023 09:26:35 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8C18D828AD01465CA9B4276E35A499E0&google_push=AXcoOmTJFzYm0w-83Gown9LKDQlvRi8m0DyqOtlOazWEK0VHsBiHS4xXkQSEm-jBGcWu01F40MsMYtNYE5M2wTI40sjFhSFi7TfQ
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 17 Nov 2023 09:26:35 GMT
pixel
cm.g.doubleclick.net/ Frame 37BA
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEDBUKbC1Hn3pLRmST-U0KQ8&google_cver=1&google_push=AXcoOmSsLKcsVszKZeWsa4X3XpyaahQ_9kOX93DQmhqVs4r_qdkHNMLBdoJYogau_xzuD5iOrVqONyz8puZdnOttWVhnkVl2mxo
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=N0JGOTk3OEJCQjAwNTA5QQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=N0JGOTk3OEJCQjAwNTA5QQ==
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=N0JGOTk3OEJCQjAwNTA5QQ==
date
Sat, 18 Nov 2023 09:26:35 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame 37BA
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDlRlKn2-Uko9NS-kFcavRY&google_cver=1&google_push=AXcoOmSIfkTvZrA5nzSslxAOA0ZqqfQ2JH2Qf9Aw46mRKHPVUTDnHu5gyzgZlDEZDMcleXnk3BKnKMahOqpk-AeyHrvLM27...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSIfkTvZrA5nzSslxAOA0ZqqfQ2JH2Qf9Aw46mRKHPVUTDnHu5gyzgZlDEZDMcleXnk3BKnKMahOqpk-AeyHrvLM27nIQ1_&google_hm=eS1waDZOVlN0RTJwSDliTW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSIfkTvZrA5nzSslxAOA0ZqqfQ2JH2Qf9Aw46mRKHPVUTDnHu5gyzgZlDEZDMcleXnk3BKnKMahOqpk-AeyHrvLM27nIQ1_&google_hm=eS1waDZOVlN0RTJwSDliTWFSVTJGZkdiaWpEYUU5cXNpQ35B
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 18 Nov 2023 09:26:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSIfkTvZrA5nzSslxAOA0ZqqfQ2JH2Qf9Aw46mRKHPVUTDnHu5gyzgZlDEZDMcleXnk3BKnKMahOqpk-AeyHrvLM27nIQ1_&google_hm=eS1waDZOVlN0RTJwSDliTWFSVTJGZkdiaWpEYUU5cXNpQ35B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 37BA
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAMKoNK_wmof8jyRJXMZr3A&google_cver=1&google_push=AXcoOmRlRqJmlNsO28WN5MNp1SZd1uojwL0yvojM4knkC4D1jjKS6mR2sN4XArenwz7DO9ggbnog7jFd...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzIxNjgzNjgzMzgzOTkxNTYzNw&google_push=AXcoOmRlRqJmlNsO28WN5MNp1SZd1uojwL0yvojM4knkC4D1jjKS6mR2sN4XArenwz7DO9ggbnog7j...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzIxNjgzNjgzMzgzOTkxNTYzNw&google_push=AXcoOmRlRqJmlNsO28WN5MNp1SZd1uojwL0yvojM4knkC4D1jjKS6mR2sN4XArenwz7DO9ggbnog7jFd3uaGt0qNFyiJInYrNCQ
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzIxNjgzNjgzMzgzOTkxNTYzNw&google_push=AXcoOmRlRqJmlNsO28WN5MNp1SZd1uojwL0yvojM4knkC4D1jjKS6mR2sN4XArenwz7DO9ggbnog7jFd3uaGt0qNFyiJInYrNCQ
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 37BA
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFEQoz_9XDmJPa1EGVeKg-E&google_cver=1&google_push=AXcoOmRZy-IRfC91Qm7ug9N5iJbFMVivBpgov9QO3XOZFFE7H0KNQurWgRNJqjgcOu4vNDftkbyFJLFzrLd1...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRZy-IRfC91Qm7ug9N5iJbFMVivBpgov9QO3XOZFFE7H0KNQurWgRNJqjgcOu4vNDftkbyFJLFzrLd1RkdCKqPh9ec4Jshd
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRZy-IRfC91Qm7ug9N5iJbFMVivBpgov9QO3XOZFFE7H0KNQurWgRNJqjgcOu4vNDftkbyFJLFzrLd1RkdCKqPh9ec4Jshd
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRZy-IRfC91Qm7ug9N5iJbFMVivBpgov9QO3XOZFFE7H0KNQurWgRNJqjgcOu4vNDftkbyFJLFzrLd1RkdCKqPh9ec4Jshd
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
spacer.gif
an.yandex.ru/resource/ Frame 37BA
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEAwBoCsGQhD4qcMMpnB2LFg?ext-param=AXcoOmRdMEz7bO4ifnXbAjDWpZOmmdS3iwudX6maFs8ADw7xIosEzxVctYSX06DSUDcukp1awrZWFmYjy4eGTPatxr8xo-9B7yL8&partner-tag=yandex_ag&g...
  • https://an.yandex.ru/mapuid/google/CAESEAwBoCsGQhD4qcMMpnB2LFg?redir-setuniq=1&ext-param=AXcoOmRdMEz7bO4ifnXbAjDWpZOmmdS3iwudX6maFs8ADw7xIosEzxVctYSX06DSUDcukp1awrZWFmYjy4eGTPatxr8xo-9B7yL8&partner...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEAwBoCsGQhD4qcMMpnB2LFg&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
87.250.250.90 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 02 Nov 2024 09:26:35 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 37BA 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KDhOhmGt-U87VRcEfUQ2FF_YqPmAV3p6tdrVgcQa5Mc6iI20S7hhUjCD3V5DOwO28PjX2mHQ
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
usync.html
eus.rubiconproject.com/ Frame 18B0 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=ch
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 18 Nov 2023 09:26:35 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1606 		1 KB
682 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
42582
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Sat, 18 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
x-mark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		222 B
555 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/x-mark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77882812956b4fa5e7fbee0491c6f732c9b61012e843a61d88d45332c63bb876
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
869732
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230027-FRA, cache-mxp6971-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"de-bFmB/Ch5GN9lTNmNzsBfBB/K8bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mfAw9Bax4%2F73syU7fNBSljggQSmfGkze%2BiXJxBzgb2kjSoWG%2BBh89HgGLAA%2Fc0Csg7vDFYOcrB%2FBQDRj7zoViQKcKVVE%2F%2BvN0odWdkYj19IZVSIrpCvaWz2zV86g3NyTf9g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c37e96d24c0-ZRH
eye.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		455 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/eye.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b72b152262183a46bdf29f00817d35dd88fef330c888814bcffed7ccde27b1b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1415173
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230079-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"1c7-2ihwUVPx/n1zQR+B36KY4usUiEA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SCEQOvC%2FlUpe61B9b6Le4Lk8LumeddTNLe%2FGxxi2LxEI7wKpJ92xDI%2B0RovYJ%2BkABsu8D2NXkMF6OHa2oiP5dfisDCA%2BbPPQfPn%2B%2BWSnzwLn0tT1YBcfLRjum%2Faa9sdRRiQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c3809a524c0-ZRH
logo-40px.svg
1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io/f1676897406070x914614085739208700/ 		2 KB
858 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io/f1676897406070x914614085739208700/logo-40px.svg
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b26090b7c2ddac21b5731cd0dc5ada44fd88d3b7ee421dd8ddc0a7db2b12c70
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:35 GMT
x-amz-version-id
NoYri7j3dqGJ_o.0cuCTxKXFnTaBUSkL
content-encoding
br
cf-cache-status
HIT
content-security-policy
script-src 'none'
x-amz-request-id
1HG26VK2E955E9SR
age
81836
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-id-2
fcAFiGc7xkEsxlb+DWpEIwvrzaMlQjjzOwaS51ktCUwXW9FShClJGiAKCjCzSCGH38gL+TuzSYI=
x-amz-meta-appname
folkd0612
last-modified
Mon, 20 Feb 2023 12:50:07 GMT
server
cloudflare
etag
W/"98bcc0ebb1abcca0eceef4c5f8ed8d71"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
827f2c380eb7f0cf-CDG
x-mark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 		222 B
784 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/x-mark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77882812956b4fa5e7fbee0491c6f732c9b61012e843a61d88d45332c63bb876
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
869732
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230027-FRA, cache-mxp6971-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"de-bFmB/Ch5GN9lTNmNzsBfBB/K8bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jw%2FUeA7qshrH3MW%2FtAtSwHN%2FWINS1cMdDMTejBj7QqLgv3WUA2R7iStObIG7un5axiC%2F5bivAs1EHb4SI9uoGRPQEqr44W7bJCzfF6u95AV3CfhFkE1PKnc9aeDF2%2FJrYYY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c382a0524c0-ZRH
eye.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 		455 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/eye.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b72b152262183a46bdf29f00817d35dd88fef330c888814bcffed7ccde27b1b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1415173
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230079-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"1c7-2ihwUVPx/n1zQR+B36KY4usUiEA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W7Eh2%2FRzB0rAoqM4pH0sCIekuWmp3wlVnieWjC5R7JpXaYGtjFJl62%2BRYUtMLUVcSpBqxo2iNZJAVXCLiL2Bq4DhoBJC6Gvk5zzCB0B6NU8jVAZf8f2REMHqbvzeDnSHFIQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
827f2c382a0724c0-ZRH
truncated
/ Frame AFD5 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b5f40e82dfbc8bfe6af96a333e046cfb5f8ba76d2b063710b53a1d091efe1c30

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
track.adform.net/csimpr/ Frame B063 		35 B
626 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=67903448&csi=nVns1X7T6pkIrGzeXynKVdZ_wxJV8HktN8WBowzf31oJDwKV3Zer3JrMinviHhcLLILTvGFWNWR7Lva6zBXTcQluELkyUlSoyrCoovN7mag1
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
khaos.json
token.rubiconproject.com/ Frame C981 		7 B
798 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:35 GMT
x-amzn-RequestId
e401afd1-06ea-6f57-b9d3-2a5ad0c9c1fc
/
kinesis.us-east-1.amazonaws.com/ Frame FD3A 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
aab233cc3772e54f5dfc66356403103a47d84d9f0f7034e7fbb2c9ceed6e5e75

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=0ca85ef6df197bb72a99ab3418627a0aa9402b97acbe67f828410c4594ae4478
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
d070bdc5ab9c6cc4fcd53f377f2254bbeef50e9f567ddc9e201a660b3eb8b196
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092635Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:35 GMT
x-amzn-RequestId
e233b5e9-757a-294b-bfe1-3062a35987e0
Content-Length
133
x-amz-id-2
5ErsQV77WWq6hlOeKmsYi4m5rLms1k01c32j92WaMy1udDB0nlU9JU2QFFu9OuX9eCzIP70c3SoztM+O+6KvEiSqe1i0ODud
Content-Type
application/x-amz-json-1.1
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame FD3A 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 09:26:35 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame FD3A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstAQYwJlAH-7ZhhsV8xfNN6LcLlGgoKtLkcFuUGbUKZpAj0ckjAx9TkS9s1RHBiQIrPVxTRwR7PMVpFSPRh86oofh1riYnQ5ZB6B33y8fYttv9qdg_KjNoMi9l5LsFo_OjyVncS3OOfZWgR1tFZHBq7KMzpPVZdhoY8oBSd9eQUdW_KgZgVTpWutiKlq7mgRrnjd8JcZ9WEGpbZbDIrxZa0YXxD-I_1arb_bfH2vLgLhsY_81YXjWh8uOylijCexRk1KvpuKSrkdqq6W0vf2DMBbVwQfUb9fWUShlhZ2Th9-gxlGLJpfNHzveSHWea8sN0QMEg--Div7smiQKmP9num5Xr1lvbxR3MXhHfLHQtKTHeDDjG3JJ9F8O41_QvD8tEkZJguBhKXRGi3GwaYpdzLYPEpYHsEYAdu2gjVpgBuDbHwYSjRS5CMqchCKt-yW8TcYvd-7zIuOA_HVx5dhVSfIHydyrrn2-8t6E-7lOUXKqxG1vOxlrNS5fpt8zpUge2YC-NP9TufPmtDLblz7wR6VAeFAoL257K13pFrfWCuwyMvtMayNQJMq3iyXVSNTnAQJHJxL3KG3aHLOlyS9VCnQhPUE-64GJ2ZEIWe5z3LSzNUO8o2fUZW4Sm50vkGTNtloCbp8XARaNWGNDbx07VhER7qMUdOtfP1fWA67yQwBisOC2tFvIWeiei3uuNJuDih7U840dVWhz-afOYyohDwT85O2bi6x_mB8n6CFLgmZueYZgs7QGd1qRli3azQct4pvv_GnVDDntCb7EMf0oKHo-fPCsz9D7eH-QJHQHPDn21zTclyE8rp02CUQXWD0ktFSWqj7c1OsLQqiUgSsmsiIoLjHmjyfA0U7qicX7pyQxf_5Kc1E_YOhgxAGio4iuyhNXbVPfagjn-8vClkz9ZLIRXiDRQs0mxQkss2KTe4l47yPvmT0oLdSlPvCVkk8Y-RzrK-dYFx7TACU8DOXOcWSP3zTl3MtULfxVyM7bElVz2eyyFugCAP7xZFUI7SR7steCW9lbCmBijLgipnVPztqXZY4IHC2b_kfTjIbJhHAKGKKpU1CsxXQNI-Wdzfe69HRfx_8a88aqTsfXKDicUNqeJ1KsNQwt8rxmaHjUGDzM2HwIq_hoBw-0WCL_EEEEKIoLBBmVWObLGdzz7SoPrYBvO6i-Ymnft4IQq4iG21mSTKP9riWdP6bPnihXx_TdpLdqjDN8yAu1jRQDwOkwGk1pRSG6C7nlC4ZhG3nXB72ytrPMDLnvA4yPkQVFj1k2jj3JUubDfvSdgspR6E2BGXJkPv4hQxTnNOz6v2V__-Q6dZemNsnixEqEJkXCna_N0qPxm-dD1nCYydtv4y8bnfjKDqgzaqzLfx4bmC2_ejQkbrdxBraiGbTaminDf1oJqWSFg0Owqtdovoj5ao6p8jKusU4TMyEDTPwUBuCNcFqW-0EsS2&sai=AMfl-YQqXi-jaaRoQeeV-HvuWDZC-mGMu_lecxvmBqZlD-Ypu03TcG-HFDbDtg9eGO83KWyu6DsUCjB5LDelIwCzhmB8AvGaXyFcbsdMYuDokmSHJzVCngpxBnSYQ2coANKRJfkAQkLHKIPz53RLvZj-9AvO0zq-vDWozOgs7Y3BQHmTvGip6gk4z1NZpQe0C_eMuRJ8VSKhTJVqmo1_ejuIF1NEDmNxeXG1fkpzJP4xdyPVT7_j_f4ratCw4o2hu8d5WWmRpj_hU_w5iGTD5W55ZQ&sig=Cg0ArKJSzLV7eRkqq0X-EAE&uach_m=[UACH]&pr=67:0.119843&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2670&vt=11&dtpt=1057&dett=3&cstd=2669&cisv=r20231109.47346&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
CH-DE_Options_Product_Range-1-DECH-728x90-638330546660072439-8f797ce9-0fac-42dc-a7b3-b732475546d3.html
s0.2mdn.net/sadbundle/12403473053583933440/ Frame F0B8 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12403473053583933440/CH-DE_Options_Product_Range-1-DECH-728x90-638330546660072439-8f797ce9-0fac-42dc-a7b3-b732475546d3.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
sffe /
Resource Hash
8232c972bc1862b2d36987930a1a882a2150cedae28cb920c943834b2b6edeb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
61930
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1418
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 16:14:25 GMT
expires
Sat, 16 Nov 2024 16:14:25 GMT
last-modified
Mon, 16 Oct 2023 12:04:34 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame FD3A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C3FoQRINYZfTcEM6OgQfoqr-YA4f0kpBc6Oum6fUEwI23ARABIABg9YXKgdwEggEXY2EtcHViLTM5NDQ5NTQ4NjIzMTYyODPIAQngAgCoAwHIAwKqBIwCT9BsJ3jMmCyrp9Pg_uciZ5F0Jz8TMWqvZulB1Z_yBAnDg2gXDF_eKF2zYoeDWu23zhMUJTEnBjzH_va8dgh3930gJiZOmkFrIR5b_28nyZsCZRqvdYG-ymrhQ-2EcIEw4LosHsYN5qq_1D2Qci8jApfY6SU3YcqnaoWrMWIgXggNLZWYRq_k5cpKZLLLMUup_Vjutf_gY7sUBIKe5w69CY5i_0ddO1ZWccBFOMynxgR96jNmkb-4punAjGipE29I3swmpmmmbd7R9kSVPlA-IS8UYkWqQk21q8zkGc5ssO9ivPMexyrH1OrLsF4JMggx1hnwA3bhg72poZke0lzb97biIfZxYErIWUzcj-AEAYAGwoSuydaxqJVpoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKA_oLAggBgAwB4g0TCLX54MedzYIDFU5H4AodaNUPM9AVAYAXAbIXHAoaEhRwdWItMzk0NDk1NDg2MjMxNjI4MxiY2xA&sigh=xxFMmnFJNQM&uach_m=[UACH]&cid=CAQSPADICaaNVnxyhYCQ0XPYdJunIkR0EtmN7V3YLiIleQCobbY91tlsmyG_NmkbiI4qLnXoi7AHNHe7Xy_x_RgB&tpd=AGWhJmtB3aoQxYQ86KKYopZHxq5dzAeO_Ni1DTFvGdSVrTOulKdKDjxh_GEKmmJj8BYVRHQdKoPjmxKQMzAaEaiaXn1K5OSUb-pmXly1RxolbIk1QJ5RNy2i16Lk6TKp6W1eB19rOZC80SAy0FmaCJiDyAu_vuWw369OGO7bIeQPgEs7T68sGgCX1vj4IxJ-mVv6hU2YVjXjUIosMGC34GABQdK1DG9AI798lKgm-TJ1FuluiL-Ewk3eAARJwx7DLfMmICZ4FUbXx1RrbvT3lfsd2vzeoWVVURcmBelREgy9W1vciYM2DqOzbTbmjEiv31_RzmOyllSDLjstkEsI49BBeU8bP7ha73YvkMekueQP-5JwR52o-9DugB0IUGljg2L_gRnNpp5z2u9N2abFlBNTqNIfOTw39hw_kZyJlj4W7Sa21CM6fPMfC1q6UX5ZkTmRKUFlewesiCVEnxJR947aljtQF9OC4qXtDzpqG2BCDarXI4NQlgmuBMxXHbdKJpC9HXgeacV5c2Z_HUZC_ePdUFMiL7hab4RAtScAGH6dUPQGK7BQhve-8kjG4w9DPglmT1XMzeM3BBt7VS3eMwgAA6Jeqsod7eBRTVrBk8KJPj8jxkLVXRUt-W2U6cgluMb9IQAID5ZtZZEga4Yh0lo4E6b4At_7y1JRoW7i5HalmhFmge1AoqdRhL8YsR3S0NQkiFWkZgnOIZOEQx2fJfrqRgn4FXlMv9iNdRdP-lW3Yt3SkC6ujS5wCsou2FzMlBAX4ixL7g8BGEWfd7Y-6920bAECR_Q-&cbvp=2&vis=1
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ad-choices.svg
static.yieldmo.com/images/ Frame 9EEE 		699 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.yieldmo.com/images/ad-choices.svg
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date
Fri, 17 Nov 2023 12:35:59 GMT
via
1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P5
age
75037
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
699
x-amz-meta-replication-status
COMPLETED
last-modified
Tue, 27 Oct 2015 18:00:31 GMT
server
AmazonS3
etag
"f5483cecc2fab32a508cf2b5e5b94abf"
vary
Accept-Encoding, Origin
content-type
image/svg+xml
cache-control
private, max-age=86400
x-response-headers-policy
static-yieldmo-com_svg
x-amz-meta-version-id
smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges
bytes
x-amz-cf-id
BI1BcQwxE6Pc8XEY15oSC5Y8LeO6DVr6JQpYwE3KCQpn8sFfiyCsKQ==
/
kinesis.us-east-1.amazonaws.com/ Frame AFD5 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
151404956e95c45f664fa64aed55fecf36bd2ec62d827e88a9041c982fa4978a

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=8a968ff20ea8760de22a14ea259650a1dd0fada7ca141d961f6651941439677c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
e0c471e1ba65d4db1600786f2f195c1390caa39618bc2a08ec5c738804061810
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092635Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:35 GMT
x-amzn-RequestId
cf8bb9c5-04bc-054b-9259-3c4e748215c1
Content-Length
133
x-amz-id-2
4Ab/xY+0/oNJrKIL1R9vco43J0HAT4RDt5dmE8lf9HQWasdwjgZHRXk/HMwe4Wya1gsBrfVyct290H2G9OKRke2+Sgn0yZUz
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:35 GMT
x-amzn-RequestId
d190ab3b-bb2b-97f7-8c42-2eb0cb15877d
usync.js
eus.rubiconproject.com/ Frame 18B0 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=ch
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5dd6869cd5c5617dd2d16d966a95ab76178ab37e129250dab0d9ce9dbb30f98a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=eu&co=ch
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 09:26:35 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 Nov 2023 09:11:45 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=85506
Connection
keep-alive
Content-Length
13229
Expires
Sun, 19 Nov 2023 09:11:41 GMT
ionicons.ttf
1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io/f1499272922381x868922997266054100/ 		184 KB
185 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io/f1499272922381x868922997266054100/ionicons.ttf
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_css/067cb34e674f83e7bff7f185f4cc96c6534b4704261009fb511a6267dfa55da7/folkd0612/live/index/xfalse/xfalse/run.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e700835ec05293a3d0f9e354e7d038319d34521cd279e782198dff6d1dd58f2

Request headers

Referer
https://folkd0612.bubbleapps.io/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:35 GMT
x-amz-version-id
xuz8RpJkqRZidkYFNofgAtkL0FYn15De
cf-cache-status
HIT
x-amz-request-id
NYZWGMM9MBYS65AM
age
1485205
x-amz-meta-app-version
test
x-amz-storage-class
INTELLIGENT_TIERING
content-length
188508
x-amz-id-2
meQG8/zsOfXGEC7Yku1zpPx0fbowppVzxekhAXKozNxNAdz43MOnRrajhv/09c0wJPhL0xBD/bk=
x-amz-meta-appname
bubbledemo
last-modified
Wed, 05 Jul 2017 16:42:03 GMT
server
cloudflare
etag
"dd4781d1acc57ba4c4808d1b44301201"
access-control-max-age
3000
access-control-allow-methods
GET, POST
content-type
application/x-font-ttf
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public,max-age=290304000
accept-ranges
bytes
cf-ray
827f2c39cb140204-ZRH
activeview
pagead2.googlesyndication.com/pcs/ Frame B063 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBIsCnAzlZIRrnwI5ngfhknh6-zVoirEk6KXg11bIlOqcp1PsbWjgxW-0rmLn1KvU_QL6hbAweZMpj9QZvrHTTdidHWrJtGciyE-Z9AYkxSnR1Z-UBCA&sig=Cg0ArKJSzGg-paL5jvYmEAE&id=lidar2&mcvt=1282&p=880,386,970,1114&mtos=1282,1282,1282,1282,1282&tos=1282,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=494828697&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700299588377&rpt=6065&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 1CC5 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:09:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
58617
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Nov 2024 17:09:38 GMT
/
track.adform.net/csimpr/ Frame 6063 		35 B
626 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=67903448&csi=CFIJaR9OsRM2JJXaOmGmdHfLT3DbGHcrN8WBowzf31oJDwKV3Zer3JrMinviHhcLHsH-B_DocD8o8fYJEaGzwgluELkyUlSoyrCoovN7mag1
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:35 GMT
x-amzn-RequestId
e783fead-a0ac-1977-ba51-7b26b57af67c
/
kinesis.us-east-1.amazonaws.com/ Frame B063 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
49fd2920b43a2de02ced9a47027f47fbfd495a129a40718a737c4179e60dd98f

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=b1efc0a0155d078adceb373e107e1bebb231388b6f3e718064031689c08eaf68
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
9c7a79894f5bde6407096c4759654b836ed1b3632a3877288d6a92598043d623
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092635Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:35 GMT
x-amzn-RequestId
c4be8abd-0871-2c8a-996c-0f361da7c381
Content-Length
133
x-amz-id-2
ljZk4UFG+qcrhEHaJvey1J0clrkrlPpR0DkSbrndm4L5/boi58ISUk0nhjoX4Q8zzaCLdIF5UcTwWS2Y/TLoz8KadFk25V00
Content-Type
application/x-amz-json-1.1
adview
securepubads.g.doubleclick.net/pagead/ Frame B063 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CI0eoQoNYZaGDNrWQ1PIP5daAgAmH9JKQXOjrpun1BMCNtwEQASAAYPWFyoHcBIIBF2NhLXB1Yi0zOTQ0OTU0ODYyMzE2MjgzyAEJ4AIAqAMByAMCqgSMAk_QRa4CWZP5k9_tTzfChPZq1tUBKACUMg8Uzkegp_8dCyrAgolktU-Y_WQxGZ3GZ-vkJk1-Mw_f9Vu1UJb69c3YhYid8Hh9K7aXaqvHXlV4q39iZBrOJlTjGA7mtjnikX4uKohygYeLlN7mES8SBqcigKo7yYr-TlP-Ip82o4n0H_Cl_V4xuTa-h8Fkt0XhO5ZCvWRK4HnvqNUEBaHKIy3TguoNOVgFWcgGfz0UYqmp536U8k8EbaRAQd1GDOOfcPPN_jQRYG2oGO-yTcWQk8O9YYkjtq8rVv1zo-cOv1xyDnTgyJPwICGcvqNgG8rDel7f87NBBKLWeL61aNiXehx4DeQEmI2Rki8WNtngBAGABo_Qt8LdnaKLG6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgP6CwIIAYAMAeINEwj1l4zHnc2CAxU1CFUIHWUrAJDQFQGAFwGyFxwKGhIUcHViLTM5NDQ5NTQ4NjIzMTYyODMYmNsQ&sigh=a5dMq2FlHNA&uach_m=[UACH]&cid=CAQSPADICaaN7m1j4i6v2JIsRfepUwa8YWxncMKQNbU6UNTEyb-j9eX8MHmgPbIOcOJT-HPO5WeMc37R94DLBBgB&tpd=AGWhJmu7le5aYCNmnNEvNGLoMXFhVKbbEVWag9p7ySJisSVC85O8gnhVm9mJWjZ40y1MI4Q-_X0VuiTwKl42g3zksR4CBMrzulK4jm0y2lCSMSuU1fSbFzhjyl_5xu7APWSK8YByg3M6QCmsHzKO2PPg7A_R6RZN8q9Kj9XEJTH5C9CvCJdNZH7_zqiUPTkqqyIaUuOkA7m9ASAJZkE_TQAW3ZsqRNm3ypU1fiud0nwfVOSRXMHi1fPCKImpq3d4ZHOs1q5M6NoLX2cC83vTov_-A7h3Zz80QhvSAf7BLU7A2BrpdITYIskEzZAHZueKR5sy_tl964My2Oh3wTdNE1Bw7mVuxg2VRAbLzyCC53kbtohMyGcr0VS6S-K0ZB__FIkapaxUxJo2zNJa4bmMJ52iezZBrKRzqNxgi5CU4AWjv_pHofAHA-w_fuaqKUW1sGanqFv1TCIOfuXTk69BGf9LyMYpitmxL1ifLOUCTtBfW5IkDnKV0FUlCw-CFP2gPLIK7bXzkCQhQwZJSMQOvkSBfxgTkwVYJOj0mqsATPNYpG1ZWXnPEn7LLmOFFnQuJ7HqRegrjGceMplvO7CI_0QdeSCciFIaDFgbQ5IIvSlTZeuxR7KyEa6-LJHbUD6ZgFEgXt_XctF136HjIV_0g63ig3JpS4IxsihL-PxarTTsny5Zj2vnyTlWyG5v7ImWxVx_Tkgq0_PGDNl3j9Phv6zn8uMaxoPiqi2RpCnypIU0l_7KUKkmIk1z_7rRlLcKVvk&cbvp=2&vis=1
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
anchor
www.google.com/recaptcha/api2/ Frame 6CDB 		61 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff_I4mAAAAAGHfEhhVXeU12QZE9z2mPvtEr2BI&co=aHR0cHM6Ly9mb2xrZC5jb206NDQz&hl=de-CH&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=normal&cb=ad3usnoadv8t
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de_ch.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
GSE /
Resource Hash
020ac78f7f1ff25d10232c164747af7577310f15b678fa42cb72ff9a66ced18e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ywn8ObUeZSSDRs33-Ds4eQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ywn8ObUeZSSDRs33-Ds4eQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 09:26:35 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:35 GMT
x-amzn-RequestId
f12aba9d-c574-3c46-acf8-3f1648e7fb19
/
kinesis.us-east-1.amazonaws.com/ Frame F7F0 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
4e302f8884baa257417fe26034562b90c6465e48828ec275e5271ab34b90ab19

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=bb87722e08a5c816529ffdc972bf9d3125e7fba5feaffc1c5827efc6088a0c31
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
98e1de2df279b66b9fd0bd38c90f3b68fb78dc7508fec5bdaf5c8010c4d27dec
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092635Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:36 GMT
x-amzn-RequestId
f73d9ec5-ea99-27cb-aaef-1b49670ae094
Content-Length
133
x-amz-id-2
UBrQNInMV7fiIP1X850oiuVRtOBZdgAu+zcQX0xJO7TAo5QvBARSNYbKVZxEXNqsFRavo1jmz+XGgwpTNj5RKTs1LrQdOq/H
Content-Type
application/x-amz-json-1.1
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F7F0 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 09:26:35 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F7F0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuSZFh9c4kuAxdu4yCQoAVZImofgmhiZxbyeKq86CN0mI-hYSjeOE03L5Vkjo65B9u1Yv0EXRBNEqOMaFjxy1t1in3ZyPGuigo3Znkr90GVWV1wN_btsVXB9s47Dy5YA5MR6fEgy_dXkuojayQ0XKO95MyzeKHi2TN2NMoa3OnD03de5Jmpd3DiX4c52XryZToM_UepWY2DkpFhrGPG9-JdRfdcs4IOmQHwWdJ3Nr5YU2EmoyttvfUAUwutV0gutlwA26-Uhoj9jAm6OdzwaKigOSXqRsqr8zyzPhGYL8ZoexG35Azaj3Z_qFfA5oJEe5aKdC_85Jz2TidHHKGCe93fBnMZFaqLcIGTNTDiEFG59TvMfMRqTBqxWH0YCI2wjKvtnuxpWQgKuWPlz2zF2yEyPd9-5rNASXWdAPLCGsSK6otzec5Pgc9KMU5RoQdjl4lQr-UC7WyvaFTDoVkjWF4UxiVI6z09OduuGBQ5btqG-Tdfenx4nXeRw544kxDfDI7ewlqfqntk26raG0krQcFZV7RF9Mrl9HZWHGyAj7-LuJNJvs6NctQNXYxOD25RzgB7RC5gCXy3zgxEuXlleSxxbaUT2Zat_bz5tFthb8648N98WYxp2UzU6S3PsrY1_Qbq-qioUiJ3d3T2mVz8Yc-U0wNsyDDPfhpKq3hIIjx3xyPFkCHdhKngBHES-1xj1Pn8ftJthHz-uOQ_5-LrRibN_5X-hq6ndls1NRz4WbZ0lV1m5yuedqLSxugI0w-ZlUjoFfzTzDBGD65l3fWHGUWTu7_2okZkNJIcx9yLFCgjafkHt3uZLIPpdENFhXuxFh2cCapQJhy1vIdfRyGsh9-c9OmnQrsICipSzfTysPxXfo8zsZaZCRk7wmSYIGbmtjcmvZ9w3dAiAmhoXXfpndp2BxtoFWatyWo-e6chRBwXfVD4psMHUtl3VX5lOrZ6aGuCsuxuYfj8znkTnztLWE9MWZ5b-8QQPLoPEBANyPlm0upfDx3A9YR7YIbcQZYrl1Kzp1GxgFkcJ15k6D5Mdjwheq9BtdfCFpyDSGSrA55JkvUReW_67yYyBorfKmBIzYZ0umwIK92Ar1KlGQKpBn51j89IjKcoJBv3ijvwlAuugvDwsz7dXI1BZukHzzwUt1Urzezu6Z7lTZWjdVzOfs3OJ_be48r6athJSmi_NJibgi86X10TobY58dIV7ycHf62PJ308dzYHqJeaQOYGhAu19B2RGPUuJanDKGuAuVFS04CJr1MaXhDteuHaRyDiSoo3Pam6a7O-jsQ63OB_RNOo5WkG17HV_v22_m_ZPmoLoS8mUn4_RyL9bXeGxJXT4my6lLpoZzfITM5y3SiKhGYqZqBR8KEteCBU_gqiIs7OmhU3HEbwA802W0ZwlB_9b25sHdlsnJ9WRF5siilZ62bmFiy5UQTrRprouh7JfQ&sai=AMfl-YQjF89dXy2ZE1nRuxuUPwLClstT0OYvJZYnQknGIcOS-v3Fv5mI5gQQJNYPanNsgJ0pn0WgX7fRTeIrRFsicy6faJbpfvFjcgOSsKiNq9dWRZLbG7GdJ4vG0l3E3WAC9UHijsoiBTOCbEVmv3NZa7-yL7xywMRo03UIAQCs8KypKExWrgwtt49PYVjVwC8Bgb8q_N7oZjsrKs1vEkJML9nd1ozkv7Uya-UCec4xtShYkwwReJZCKAkYJGDL3IgFCkwLLn4y9CRzTPAk4hzGwg&sig=Cg0ArKJSzCtEI7KiHx3ZEAE&uach_m=[UACH]&pr=67:0.119843&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2794&vt=11&dtpt=1262&dett=3&cstd=2794&cisv=r20231109.88894&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
CH_DE_Price_Gold-1-ENCH-728x90-638330544809535212-9013d0e8-9e15-487f-a049-f6d6eac29397.html
s0.2mdn.net/sadbundle/4861987547447820288/ Frame FB58 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4861987547447820288/CH_DE_Price_Gold-1-ENCH-728x90-638330544809535212-9013d0e8-9e15-487f-a049-f6d6eac29397.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
sffe /
Resource Hash
af1616f03e1a76410339d17afa4d0089529489a909ceddd37f4731ef5347d7ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
65176
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1418
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 15:20:19 GMT
expires
Sat, 16 Nov 2024 15:20:19 GMT
last-modified
Mon, 16 Oct 2023 12:01:31 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame F7F0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C4BLIRINYZa-rEf2G1PIPmIeGoAqH9JKQXOjrpun1BMCNtwEQASAAYPWFyoHcBIIBF2NhLXB1Yi0zOTQ0OTU0ODYyMzE2MjgzyAEJ4AIAqAMByAMCqgSMAk_QhNBLGckn6gwzCLxCBXCYD-r7D1GG2613Ba7SeOE0oDkJ0ZzDIeraDecOnUvEPyne6ZJz9dsmoFmyjFMquD50p-lI_3G_eYRv1YKzRBNJQuQEHVrEF-oFXgFc321KBwQcJ325Z1pOIF9vBGRRfGqSzhGKa1zMydXZgF4967AObvwwX_8upI04KZ30RNckIuP25z4hILeuFvN0LTGFcV_sJV6SA-zn95nFMAEO9deBgWXY-XIWuxLgiAk_xmT9sgi5_kc0Q2fuCUYpn2IhJ1G5eK5ywk-VV52Lm7fhXPdDI40OZG5T1iYbS4EfuHf8RSiK9TeWnlRqnNal8bV8OkdbrIlFJr0d66wPNa_gBAGABsKErsnWsaiVaaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgP6CwIIAYAMAeINEwilxOHHnc2CAxV9A1UIHZiDAaTQFQGAFwGyFxwKGhIUcHViLTM5NDQ5NTQ4NjIzMTYyODMYmNsQ&sigh=HC3bkWPhqxg&uach_m=[UACH]&cid=CAQSPADICaaNbomlwSFxbuZhWqxurbkOPrfS819U3QqOBgw6GMi4ZC2n5IxJ6SgNRgnHWeZqtd6MoL0jtOS9axgB&tpd=AGWhJmuzFAd_6-yb40LLBx6sQiEt0qXRQW1AhSOr91qYPGAbz6bLjEPUdBo0q_m7ybNJkxoo26rPSOf5K2ZKvuHtV7WHSXeqk7HyT3maRaaryc-WPbfPQijhvagYzBQdIslw7qTq0uCO1MY2mYysYHwPC2lJoUWAsjGq-YtZiiSh-4JwonH78jsMZZGJKodxMIsKwdYuxLA1r-eO9Ye0GkjG3kQGEYpgv_mi5Oeo2y_124V0LLSL0J9ItlyPXpV0L19k0q-p6_N1QIGsHbnTMELV9cEuh4QydOAVj-qQz47Lbe9qRO_w0ybtNifBQz-0Jg_ih9IZNeOCI9xzl1KPK6TKHi1yjvE6Rr_BWa-qHADh_Zf7SE6bw40CDbkD-xqPwkMf3vhxpJy21bTrWLlIQJUMQ7yQh5n3FbGLnyyZ-c2VX310QGgaaE9yyYc6ZikKmKbEJ2UsRFT-e6qEnTSOwhOwdtRVkTOWc-mu1421RURnOM1arzv4wfODlBxMIES6oBpS69onRE2bn-fdOOk17Yrk4lByF4C8JkROHMQUIIV55FQIOPaAQ0zt9gj3H4JthAm6idmprIx9tl_aZSSCI0RV29mJ3u4uijxGhRRpl6XZRcNwEjHWipSci5a1l-qyLh0-PXVICiEvo3komAqKmpA3FjRnf8ZuGHispAk2xMB9GOFTsvj9JRc3ig65qv7HTBajOTbusTLoiT9ytnbJFUVBSnRtl8Lg3hq_lOqBSnOMCa7KnY6TCUbRgl1-TrUO8vDaa3iqFkACSG7nDf-6OWR1KtOmVoPy&cbvp=2&vis=1
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:35 GMT
x-amzn-RequestId
fb78875c-f795-c575-a6aa-02d727aefa16
/
kinesis.us-east-1.amazonaws.com/ Frame C9B3 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
79279097afd1b8895450cdd6b54654852622d309ece138d4fed87f0fe5ab9f92

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=ab62e6232cfa76d05a8400c176fd00e6ca05887aec98fea7a8e294b38c69fe73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
6d418899ba969a519ab115987eb8de4d0c42e8b4145cfd78cb1fdb03b91dc0de
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092635Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:36 GMT
x-amzn-RequestId
d21e0b26-11fe-adaf-8fcc-8eaac1c592cc
Content-Length
133
x-amz-id-2
WJ4jeugFDmSSUPVLq5Iv2iLcxbydOw6sgALBYIAqTOe2illHPcw37snEvWca41RNLvmZd3jPT11GoEm8spkJ96twReYo9V4F
Content-Type
application/x-amz-json-1.1
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C9B3 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 09:26:36 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C9B3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv1JvOLCUwiVw5PxZIlPYFDNRJM7_QpjhsuFwxABXz0AAusS6ibkgIRVQNurOU6AlEm60GxXTtfrTWnaNaAUOwu2sOPZVQ8oxi8-0e2ZTSp6YP5f0Lqxfo722kq8cie8KmFmVQxFgDEyKEzX3fL0dZPYzfNjuDnW_1RtxmtCHwIR0PdaLxLvhDJ4a1uaRSNs-j6ZnEXchVl53Yxnd9qV5vLiF3ymGlBVhu34NreH3Npt8QDAaTuXl9408IKVmHx3-A_hacj96St-QNIAZbtU_hP_EUENxxqPDQSOcseg7ePebuOKCA7RwqOyjN9tBXOKzCI7fjDSizG_Kaj9ehDBuJnFnvhicNyVYGV8ntpa0x6By8Hi_HpncRPD5kVTev54kCAiP_YfRccLWwSxrsZEhm_sTSL4AtaJScXtGvQ7owZZRAxrJwgKbl_agTQjudQSbN1HOizPJwdPAuC6mfxLFwUd78ypN9nJ3ZLfD_63UnRxYnJ4zvYtLrnouT6eIV4xz9oQk3gHowoIRe5s6rmUB4YLOUItxppVL1yIM5PQ3ym6X-quWFlsSRclvTBh10fQ9ilzYXpgOtxVnzAowWwYob0YXMvBQZp2568PEmP_cDQv3D5ibj8c_R2YNfuHXBwc0t5DWZ-vAcRYmPRWixKDJHhvZBhNTLI7mt4DFYrANa1dIU9dcz4EcAIiGShYJEA386vnI3-LeA3biuGMp_oFrnzuXGiC0TsALlQbni9F-eSf7PEHBysgijWEvsw7Mb4AmXHZ26yQgqH0VTdhP4t-HGhtXM3lOVtQQ7nCF2gKctGy39iIQAJa2XpASb347Usn7EYO7u6bOL3h4aL-xr9hPfs6nz8kaTLaqkIIIYeoo7M-__KtcZcnWCDX8Eg0F29tC6PSJhEphiWjoWbtI4YLaquW24-KWaRWzr1DQ-KYNgurdzWjB6QfBq4eMdhU55Cyw-dpRlHDRvwxEpaEHrs6KYyqBg5Efx2aU4ZWL9FIh-3vJSGL-9I0hQ4kl6NaN1hTwWeVNfx_Ouubfj4h4WOZdHdecCdjQ930G_Ye8H7Rz0mxmnm65WFW2qj-YrWgEPeoSYJ8BAIVPuO7gpalpP-dHWKxtCFdUi5w_qVkMBcSVWRXGjm2bx8KRYUkPc9mqUok2E4FPH3T4H1FeXxOG4itlmTEBkBuQ_CjjShsCBv-_sZAY0rRO1Lxp-VRY3nOKBHFPaKRUlmnrco1LB95DHEHM5PisrxCrVlSQdx2h3GEJ3R6SARf3rQTXbe4XEnkaZI5IMqyho67oW7dck0fz_uRyd-APsVElEqFXUxX7C6LEsnIcQn8CKfoY0ZkMiNi0E6QDsHfklyHvgNJuHDx0lukQSJ64LyNtfa8MFb7ceswRg9q9YNx0hUSyAwCk-bX14wbl2VtfeyoBEQfrJyt3k06Q_XBYpMDYWWOMoJZniyC6FJyWFzIlmj&sai=AMfl-YTAjo-tt1K1ZqEz5P9GC1pGy8ssW5FZR3BwjEGeHjkaPLhTWML5Ql1rlcJ3c5i0t7d3MxwcmclqK2qWwtfqHH_8TtVeZM6gkoUOaTNdn9gQoEQgo8znJXUIpUeAXAsBw20G8eXqR9uARp83R9fmDj_qVxgdDbN8l23WPjk6bkSUjDTYIfrWpDLrNwtqsWP7tSJu3Cl_CJrEAu6442nFYczy_R40Yi79Nq-pbYnyTsaIvCcRAeWibkqwp2zNw-qy4Z1jBn9yJrE6-iBSEwLcYA&sig=Cg0ArKJSzDroAVUcNdRGEAE&uach_m=[UACH]&pr=67:0.136704&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2742&vt=11&dtpt=1294&dett=3&cstd=2742&cisv=r20231109.51945&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
CH-DE_FX_Productrange-2-DECH-728x90-638330545160052832-df08ecc5-0d94-4367-9809-0dfd7fcec4ca.html
s0.2mdn.net/sadbundle/18180890864186818560/ Frame 017E 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18180890864186818560/CH-DE_FX_Productrange-2-DECH-728x90-638330545160052832-df08ecc5-0d94-4367-9809-0dfd7fcec4ca.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
sffe /
Resource Hash
18ae936e604734bfd85ff6326793899e161dcbcc0d77a2965f8c0987d3a92276
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
133859
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1418
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 20:15:36 GMT
expires
Fri, 15 Nov 2024 20:15:36 GMT
last-modified
Mon, 16 Oct 2023 12:02:02 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame C9B3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C6zyFRINYZcngEJSp1PIPhYqjSIf0kpBc6Oum6fUEwI23ARABIABg9YXKgdwEggEXY2EtcHViLTM5NDQ5NTQ4NjIzMTYyODPIAQngAgCoAwHIAwKqBIwCT9CB7_qXVeBHkqVLxooqFgc85DLJYoTKBI_ZnwrYntNsVuHWKeWvY-NmRygA5kA7Z0yMnzGj_y-5duJs3sa5vkEjQ9LuqUEPuDpXt76olWPR-YE0aJS5RSTxlXiud8x4P0wq9SfK6-w0T9r3BwNtzZn446k3kE58x8uwUbKUCtX1bWHYB5w8LBKf5t6JV0REZMDKB-5IJ7yzV3tbVowmtgJxhC7la0t5r0HfB2BjerNtXcxpkeh7L_6bjemZpDhfCmIJ2YUSM75ZGzItGrCtYjRIcKmwcS9YSeJfV6FSrWK8DG-1jP91zAdeurCD5lad9wcUadgIQPlnOiC4L7pLqYD6WZRg_LoDTtcT-eAEAYAGwoSuydaxqJVpoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKA_oLAggBgAwB4g0TCIj34MedzYIDFZQUVQgdBcUICdAVAYAXAbIXHAoaEhRwdWItMzk0NDk1NDg2MjMxNjI4MxiY2xA&sigh=pns-SNySAu8&uach_m=[UACH]&cid=CAQSPADICaaNS5ERVsX_MF5hBChFwGUSErqfkA29y3yczqOHR3eO_0pBf_LSTI-RRgY3LuPQyWcbTwRP4hn81hgB&tpd=AGWhJmuyB5SRe1oDojaEtvBN2-f3hLmw1-vrV0KmYxCDN_e8H4Jdxrf35Zsekjx0sk00TrvoQbrJo97IDQGyy6hg55xU0PsTHqu6N0eAh6NCzf86ge-mQ-MVuZI68IKEQAo6_vRV32rqztOcZcaQVNC4w16C4xOeJLnwRTPglqKnuAfk_UpJHa7aGyFJV1nwT_sOS1rA7kpbn5jJpiEc0DJ78U_h4eI7cFhKBJO6ja_t4uIF2zbOVPOZPiWVjGHu5eDsKOKug0dUVhTAPBhEQrClEDjvEW2hOgJjsmxmbuoqKiJJlu8Nr48LGvKtBpKG22bV05AkCHLYjcOX4M6sf_rCBy_w-5WsQHGqk1id0wQNsODdVhTx4lmjNEhyXoJje_ft_TUiGIqw-pXPGDbQ5Wdp10iKzK9cSCW6nr2_nl0hCwLubczwhdW9HYx5tpYgYEcxgf4TIUsXWvpsJtML_NCVT3o1ideso6kFzUf89ujmsr6-Bwukqc2eEcnah8Ys5-SHtG0KNom13HVo9Z_7fW6isha35XAJo7bEbCsCx8UVJMgkThtkAT1mTZehcX2VgisGSqG7Fxo26p8IcC3MJMO4qDn_4Xn0VkMz6oK9oKbCIGwpi-guwHz460TzA_a35xGQQt68pY0lLtNBf_8qm6AmtWOBCT9ZMseIQNKE4124jUk5VMaf0N70YIKq4Zh0zY7AzWhkgNN63r5MtKlkeLA2dIsFH3janT9gs4qCDfCF7mqm-zJXYTCikDpoHVTzJDbY58GdZlJg5D2Uwo-3V2LtNSdz8cY&cbvp=2&vis=1
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
frg
folkd.com/ 		5 B
980 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://folkd.com/frg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel / Express
Resource Hash
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

X-Bubble-Fiber-ID
1700299595881x674308314554607100
X-Bubble-PL
1700299583072x669
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://folkd.com/
cache-control
no-cache
Referer
https://folkd.com/
X-Requested-With
XMLHttpRequest
x-coalias-route
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNzAwMjk5NTgzfQ.5YJFcOdi4ajlFBqM_APR1BqM4pt1FL3JmqJsfDSf0JM
X-Bubble-Breaking-Revision
5

Response headers

date
Sat, 18 Nov 2023 09:26:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bubble-perf
{"total":15.8,"percents":{"top":{"bubble_cpu":20.3,"block":76.4,"capacity_rl":0,"other_pause":0,"pre_fiber":3.5},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":39.2,"fiber_queue":3.6,"capacity_wait":23}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":9,"fiber_queue":11,"blocks":10},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":481375}}
strict-transport-security
max-age=63072000
x-bubble-appname
folkd0612
x-powered-by
Express
x-bubble-capacity-used
0.007 unit-seconds used
x-coalias-cache
MISS
server
Vercel
x-vercel-id
fra1::z287l-1700299595899-596dfcfbc0ec
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xUiIqmhzeLpIw1tly5YA0PkbsrGLmUBMlTTr6pnb7QBRFT%2BehYJQAzcBv1XGar7YksvTHMKfgEqUEk%2FtZXZRXFwE%2B8ydXZykHNjnrxBZHtoSAVPEEKRm5%2F0%2BcQwzxAUvc3lh5KerVerNRnwJ5toEwojcVaGM1EfOff9aDpQ54VIHOTfDow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
x-bubble-request-took
16
cache-control
no-cache
cf-ray
827f2c3a7c069bd0-FRA
x-bubble-capacity-limit
0 ms slower
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame FD3A 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
25679e64b105c0acb0da7fe3cf9f7988027e9511a28c536f5ea322ac08e642dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 08:29:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
3420
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24357
x-xss-protection
0
server
cafe
etag
17020722232796629264
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 09:29:35 GMT
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:35 GMT
x-amzn-RequestId
d609753b-3578-41d7-8bdb-f0b0e35bef7c
/
kinesis.us-east-1.amazonaws.com/ Frame DEB4 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
e626286c5e914523ae2f9ca2d5a015f33783fd2a9243cc94feaef6a6d30d1fcd

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=53c2af6964f98182a0e4d07d6ec8cc0dada87a9cff246ad67d559dfad514eb64
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
e8f3727580ec38587954ab7d5f53e4158b7fc530c19331f2f7f25b95fe6248a3
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092635Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:36 GMT
x-amzn-RequestId
c1ed19f8-b80b-3417-9c3f-9c74addddb1c
Content-Length
133
x-amz-id-2
iPDTZaFylyFx1qi3L9DdbEbD1utqMWnbmXT1dSkxG3fNPEyk7fLVU2ee919pGsMQ/vM7KkP5B57dlFCQVZq6wTpqBGDDtoCh
Content-Type
application/x-amz-json-1.1
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame DEB4 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 09:26:36 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame DEB4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst_QgcUN2jR2qbIRGxnTF4CtpFZKIHAdHmYvxt01NHAD6VI3px1_9FomKfbkP4_cwZyufH_X608TmIEfVqXH-k9HSA1nX6UTp-S6jDHDKW2szrFJG1iCplBAsm5FkpCH80O2Tu8agDlB9I56rjEP2k9PGlwcmQtRX7vt6H1udLTCe9PYnQybAV41KCLEyiZZfeeDDMsPop0Pe9sWVFmAjNHj4ys7fe0GIl0KkMsw1ZZwifsmQ7LKMQQ40pmyApFA4pieHYAGQ_4Fvh1xi8tNN4Pb6we58GW5O_0cWH63yu5_PYxYntp696vPJij1FCIcPBuGQ7totec_-qIo3bt3gHWJnYwezL1AaD_iBBgMjEAL-f4co4WnnhHnOdRcpRVLjdG0O4QqMxCg3MjZHQr63G7HcFM4Tg5RkvMQ_GS95aq3WmmM07RVim6sBhjbYNhhX9q2wAuzFnQzrQscdEUIKnM5yxOlhk_D5ZZLA_FN8Ojf5HMQNQ0CUs5S87grCm-doBZiKtQ8AKi6Keh8fCS0WDmy-bE6g1tJnU0juodpjXDhLgs_JQ5Uy4jd3lstSd1OYYucQLWFphINjE7Mis3TuukR-4GSIJysbNq6Q87K3HjVAOKJHXn4krczm3LIJDKdu6kAb3d8aMBB0LB0myFZJ60giL--ustnxwaqfxSTEm6ocshjCqU-mLo6ZCBGUY6-fwojGjTEY6nn5SJGcqdAe9UJ4LjpCV50RZmJKQxwAUzD6HwSRgW2MUWnObz5SIjSkGReTUGqaa1eJB72HO-DcbQcPBMHGEciDYa7bC0_lxL2XiqAyt235BRu9-5U_M2ILR0AzADF310qCFRXhdD-dgo3qj0UBnpeG2vla5Au6327sFi0cPunmVkSh17ICASCqXq3WRYRjgy3eFX03WeDtYZYG3qlsxn6ztcx4QmhV4rUBwTiazCfEskXyeJQE7XI51XPkcXLDn_DsdAm6sLH44G9yDM61F38WxLVhBZ375KBdLnd-4z4czsNy5Ar-AkdJjtYEz9XByMEeC-91Not5gV0EOvLVg3rFdiburgePb80eNn-txoUahrkq-l2wl9eIZ-ISa7Cgtl1R_3yd15by7dFUttZ2PeBF5gbt-aykAb1QLqQQL4e0EOPXRANsWLCUhCmSfL7AyNS_G9P1_eFguSvmdWUlfEsGMT6u-IGZW9yBcILvBTAAwaASQ5qHiKKXhDqQpPMfTWaOdmbdZNNDALUPEZ6LEJFcbCiSxpY5oUZtyh7ItLFaB-Zp_D0O-MVPpm-sTLraTsxtVxz1qHGt3nMFjFLOoO7pSSJnUzvr00L9FbfSoePwdi5oLlJo5s3FRVES3_x4TNlVCYzxdnadg1DS8Pa4Pn8CDpHIV1pF-cAneUvQAX7RNTAAIyHH3mo6IXWSTbSnBDGIfenDcRycPPOEqAi5OHEy6BwgokyXZ1GMCzE5k3XQ&sai=AMfl-YQmStbgj298iCaXnwj25t4ythrDPwKDFEsr22stG70XXTX_zp14UgCm-XK_s8wwES51U9NIdkEDgOJmD_DHARHET65JV2mFRRGG2jv2nucpkiHDcyylZjw_qh6e1ONpuXj2qJ4I_JuFj8xBY290_mHPbXSLpe99_YdVxdcsRX83WQiOVTgVPF3Rwa5AEM95b7cX3IgnhHGpl2kavI_WYykLhzu-149vnAi7tWs2orRtzV3hs2JuX0WEALvtzhok4Dm65DaA8MWBGGaRUl6uUA&sig=Cg0ArKJSzGQzfOfQp9-1EAE&uach_m=%5BUACH%5D&pr=67:0.119843&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2352&vt=11&dtpt=1283&dett=3&cstd=2352&cisv=r20231109.45658&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
CH-DE_Options_Product_Range-1-DECH-728x90-638330546660072439-8f797ce9-0fac-42dc-a7b3-b732475546d3.html
s0.2mdn.net/sadbundle/12403473053583933440/ Frame 20F0 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12403473053583933440/CH-DE_Options_Product_Range-1-DECH-728x90-638330546660072439-8f797ce9-0fac-42dc-a7b3-b732475546d3.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
sffe /
Resource Hash
8232c972bc1862b2d36987930a1a882a2150cedae28cb920c943834b2b6edeb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
61930
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1418
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 16:14:25 GMT
expires
Sat, 16 Nov 2024 16:14:25 GMT
last-modified
Mon, 16 Oct 2023 12:04:34 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame DEB4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CLdC0RINYZZLXEIHWgAeCpZeIC4f0kpBc6Oum6fUEwI23ARABIABg9YXKgdwEggEXY2EtcHViLTM5NDQ5NTQ4NjIzMTYyODPIAQngAgCoAwHIAwKqBIwCT9A0DJODsVe9jYWy9h1bVoZ0Qv-DaZkP1vg1hyqSmCEUKK6ZWt3PsxQoqRVM56mrJx7TSAsuci20cwWt_4eX49R5FXc48g50AYvL7H1d86ZHM_TQlN8AgeBZhdvwpZVdiXq-bYfS6hdsAakksqSaSyvg7msFgADbYwloLliaTBGi9gBlzb571AmnYPuy574AHjrt18T3tUUaeexneGI9HL0djZHYQ83i5zFDcx4Fs9k1yL87vhfHWpsimlVzB9zMMAEeb6LGDTvSwl7rjmxiW4q-LA89zuHCsgK3RB-2oP6VXxFUOm0Oz99xucRrEjZhXehttftjDn0Jv2K0hVGa1XfLRraMLrSnB3pt8OAEAYAGwoSuydaxqJVpoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKA_oLAggBgAwB4g0TCMDv4MedzYIDFQEr4AodgtIFsdAVAYAXAbIXHAoaEhRwdWItMzk0NDk1NDg2MjMxNjI4MxiY2xA&sigh=qzYYTsyDUsg&uach_m=[UACH]&cid=CAQSPADICaaNvIUsHzyvfEymI0J_nXeeVkhnUF20mOJQ7R6zIupUsS-WlWM3aF9JK7bamopymR8t09-NYNWMpBgB&tpd=AGWhJmtwhDviVbo-BgvDkI1oK04ituTDsc--tus3R1bcIBnVhyyTgtColpPnDOHpRFgQ7gqQtT92zmdXR7rWG4axIz97-d2mSmYGPB15lBXKKDtttKmh30aOU_HyM6EV-D1_8fvsPV6KVOeZ7FuZguPZ0pTfA3fiGgY8iS8k96OSy-U9YDkH_YG17icV7fXSW34Hyg45ckzfo_kJHKuj9nP-6--81kql9OIjhXiWHLOoHzXW9z3tWuqKIr89dA634zgzERUA_6FC3RxomvEfQcmOtkejKjqbuIW8kVfpi6Iwfkc-zAmEY4SkXkP0jnqCi31WW1rk0bsm_AzLrLfc34T78lIYvbOfZi60xOkjVL2dEYogp1aS70N75RYtEKHk_Oj_H5z1wqffjqy92pFu_wwqyzcxMG31f6k6m2eWKtexLU4HD9HCSbDH3wQh6XBY50i6-opl9i1zjdk7VcJyjR79NWkIz_nAlIr1yvokdcwhPI6krVBDn0w9QAy2f2ngPEMMZO7-HUNy3rQ1nGHXIHiNN_VQeHN4HnQZI70MYZRe6sevnSkBc0aH2VQcfVSLKK5E5HXGWSxpZmIdoko5Wqzt34BTU4Y6Rmq7i8dK9JZHm-j6bMhXhk4CuntGe0e_p4lh-aL45XFK8mzNHht6BUuQ2gP6pWxqf40qC8z4b5ytmivvdzIfiooGbDRSC0bUxyn4Ju5m32bqCwMpP9-FeaFhI9cw2GGXdYYBsQg0pB82RLrzP4e1W10-J-7YvPj2BTMz8Si5wGf7nncX7QLR9K0BUshmxOGj&cbvp=2&vis=1
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame DA2A 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:09:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
58617
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Nov 2024 17:09:38 GMT
pixel
cm.g.doubleclick.net/ Frame DCD4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWI4NzliMTFhOGRmMzJhZjUwMGM3NGIxODdmMDA1MGFkMjIyYTgzNg&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWI4NzliMTFhOGRmMzJhZjUwMGM3NGIxODdmMDA1MGFkMjIyYTgzNg&gdpr=0
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWI4NzliMTFhOGRmMzJhZjUwMGM3NGIxODdmMDA1MGFkMjIyYTgzNg&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame DCD4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP3UH1V1-21-638U&gdpr=0
0
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP3UH1V1-21-638U&gdpr=0
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:36 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 68A68E8C3973408D9F0330353AF6F5F5 Ref B: GVA30EDGE0119 Ref C: 2023-11-18T09:26:36Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYKadl3dMx307yXjg7heQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP3UH1V1-21-638U&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame DCD4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFAzVUgxVjEtMjEtNjM4VQ==&gdpr=0
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEKOoATOO-vYRYYJsibzkgdI&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAzVUgxVjEtMjEtNjM4VQ==&google_push=&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAzVUgxVjEtMjEtNjM4VQ==&google_push=&gdpr=0
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAzVUgxVjEtMjEtNjM4VQ==&google_push=&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
Expires
0
tap.php
pixel.rubiconproject.com/ Frame DCD4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEMbXU6sbdZfdGYRDnzzzEnU&google_cver=1
42 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEMbXU6sbdZfdGYRDnzzzEnU&google_cver=1
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEMbXU6sbdZfdGYRDnzzzEnU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame DCD4
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=MaK9BcumToyKKm2JLvvrFw&rk=usync-other&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=MaK9BcumToyKKm2JLvvrFw&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=MaK9BcumToyKKm2JLvvrFw&gdpr=0
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
HTTP/1.1
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 09:26:36 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CF9SJS6Y79F5N22RF7QJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=MaK9BcumToyKKm2JLvvrFw&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame DCD4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/17haR8BQImWxB4fcK1O2Ssn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-wrPSjVdE2oJPztRd8ZQ1pzicjskQ4CBswkUwjQ--~A
42 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-wrPSjVdE2oJPztRd8ZQ1pzicjskQ4CBswkUwjQ--~A
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sat, 18 Nov 2023 09:26:36 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-wrPSjVdE2oJPztRd8ZQ1pzicjskQ4CBswkUwjQ--~A
content-length
0
ecm3
s.amazon-adsystem.com/ Frame DCD4
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=xa_jhoZLTka1TykPvw3klQ&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=xa_jhoZLTka1TykPvw3klQ&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=xa_jhoZLTka1TykPvw3klQ&gdpr=0
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 09:26:36 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YZSY17YTHA6FAVS8T0D5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=xa_jhoZLTka1TykPvw3klQ&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame DCD4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9eu&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=LP3UH1V1-21-638U&ex=d-rubiconproject.com&status=ok&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=LP3UH1V1-21-638U&ex=d-rubiconproject.com&status=ok&gdpr=0
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
HTTP/1.1
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 09:26:36 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Q3RM6EES25FJX5A0E3C8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=LP3UH1V1-21-638U&ex=d-rubiconproject.com&status=ok&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
rubicon
match.adsrvr.org/track/cmf/ Frame DCD4 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:35 GMT
server
Kestrel
content-length
70
content-type
image/gif
tap.php
pixel.rubiconproject.com/ Frame DCD4
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABcLU7KsQcAABQNiJcdwQ&expires=30&gdpr=0
42 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABcLU7KsQcAABQNiJcdwQ&expires=30&gdpr=0
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABcLU7KsQcAABQNiJcdwQ&expires=30&gdpr=0
Date
Sat, 18 Nov 2023 09:26:35 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
cksync
hb.yahoo.net/ Frame DCD4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LP3UH1V1-21-638U&redir=true&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LP3UH1V1-21-638U&gdpr=0&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1RdkdsSDh4RTJ1RWt5cWZmQUI3Vk5ZQk54RVBRTnQ0R35B&gdpr=0&ovsid=LP3UH1V1-21-638U&dpid=58160
52 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1RdkdsSDh4RTJ1RWt5cWZmQUI3Vk5ZQk54RVBRTnQ0R35B&gdpr=0&ovsid=LP3UH1V1-21-638U&dpid=58160
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Server
2.22.242.10 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-22-242-10.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Sat, 18 Nov 2023 09:26:36 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
52
x-mnet-hl2
E
expires
Sat, 18 Nov 2023 09:26:36 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1RdkdsSDh4RTJ1RWt5cWZmQUI3Vk5ZQk54RVBRTnQ0R35B&gdpr=0&ovsid=LP3UH1V1-21-638U&dpid=58160
date
Sat, 18 Nov 2023 09:26:36 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
magnite
prebid.a-mo.net/setuid/ Frame DCD4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0
  • https://prebid.a-mo.net/setuid/magnite?uid=LP3UH1V1-21-638U&gdpr=0
0
207 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LP3UH1V1-21-638U&gdpr=0
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:35 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LP3UH1V1-21-638U&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
liveCS.php
live.primis.tech/live/ Frame DCD4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP3UH1V1-21-638U&gdpr=0
0
527 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP3UH1V1-21-638U&gdpr=0
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Server
13.32.121.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-122.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:36 GMT
content-encoding
gzip
via
1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
IIITE0l7KkMNZ2lKWTYeOw-g0FNZFJOMnnvaaStK2muN5UMSWvDPVQ==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP3UH1V1-21-638U&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
Expires
0
receive
pixel.tapad.com/idsync/ex/ Frame DCD4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1&gdpr=0
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LP3UH1V1-21-638U&gdpr=0
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LP3UH1V1-21-638U&gdpr=0
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:36 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LP3UH1V1-21-638U&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
ib.adnxs.com/prebid/ Frame DCD4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP3UH1V1-21-638U&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP3UH1V1-21-638U&gdpr=0
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:36 GMT
an-x-request-uuid
ae42c78b-42ff-4910-9cb9-50ddfdf66c82
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
82.197.161.4; 82.197.161.4; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP3UH1V1-21-638U&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
merge
ce.lijit.com/ Frame DCD4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0
  • https://ce.lijit.com/merge?pid=80&3pid=LP3UH1V1-21-638U&gdpr=0
  • https://ce.lijit.com/merge?pid=80&3pid=LP3UH1V1-21-638U&gdpr=0&dnr=1
43 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LP3UH1V1-21-638U&gdpr=0&dnr=1
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
HTTP/1.1
Server
216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 09:26:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 18 Nov 2023 09:26:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=80&3pid=LP3UH1V1-21-638U&gdpr=0&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
13004046.js
s1.adform.net/Banners/Elements/Files/2135726/13004046/ Frame F44B 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2135726/13004046/13004046.js?ADFassetID=13004046&bv=257
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b20bc5329149e6637212eaf6266a9c94caf7656ba8cb4c95578fa6b11b43f9ad

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:35 GMT
content-encoding
gzip
last-modified
Wed, 07 Jun 2023 14:48:52 GMT
server
nginx
x-amz-request-id
tx000009ca6907604149055-00654f1947-3295f919-default
etag
W/"89cd79f2fe79c8114d5504d943c51189"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame B063 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
25679e64b105c0acb0da7fe3cf9f7988027e9511a28c536f5ea322ac08e642dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 08:29:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
3420
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24357
x-xss-protection
0
server
cafe
etag
17020722232796629264
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 09:29:35 GMT
tap.php
pixel.rubiconproject.com/ Frame B13B
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=f6b8bdba-2eaf-4914-82cf-9030d4a5ff98&expires=30&gdpr=0
42 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=f6b8bdba-2eaf-4914-82cf-9030d4a5ff98&expires=30&gdpr=0
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=f6b8bdba-2eaf-4914-82cf-9030d4a5ff98&expires=30&gdpr=0
Date
Sat, 18 Nov 2023 09:26:36 GMT
Connection
keep-alive
X-CI-RTID
880675b3-ce13-4c4d-9d43-a64e5dcaba67
Content-Length
155
Content-Type
text/html; charset=utf-8
v1
match.sharethrough.com/sync/ Frame B13B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LP3UH1V1-21-638U&gdpr=0
0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LP3UH1V1-21-638U&gdpr=0
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Server
3.122.6.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-6-226.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:36 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LP3UH1V1-21-638U&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
pixel
capi.connatix.com/us/ Frame B13B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&gdpr=0
  • https://capi.connatix.com/us/pixel?puid=LP3UH1V1-21-638U&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0
  • https://capi.connatix.com/us/pixel?puid=LP3UH1V1-21-638U&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LP3UH1V1-21-638U&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
827f2c3e79890200-ZRH
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sat, 18 Nov 2023 09:26:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LP3UH1V1-21-638U&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
827f2c3dd8840200-ZRH
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
tap.php
pixel.rubiconproject.com/ Frame B13B
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=3f3b5356-533f-4497-a176-93f407a9c77d&gdpr=0
42 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=3f3b5356-533f-4497-a176-93f407a9c77d&gdpr=0
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=3f3b5356-533f-4497-a176-93f407a9c77d&gdpr=0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
518036
content-length
0
expires
Sat, 18 Nov 2023 00:00:00 GMT
cookiesync
bttrack.com/pixel/ Frame B13B 		35 B
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3&gdpr=0
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.68 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
68.bidtellect.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-servername
Track001-iad
pragma
no-cache
date
Sat, 18 Nov 2023 09:25:35 GMT
strict-transport-security
max-age=31536000;
content-type
image/gif
cache-control
private,no-cache
content-length
35
expires
-1
tap.php
pixel.rubiconproject.com/ Frame B13B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1164&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=3216836833839915637
42 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=3216836833839915637
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=3216836833839915637
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
tap.php
pixel.rubiconproject.com/ Frame B13B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=14&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=ICU9rQacXFJ_CB5fi3yQN1LFoQQ
42 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=ICU9rQacXFJ_CB5fi3yQN1LFoQQ
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=ICU9rQacXFJ_CB5fi3yQN1LFoQQ
Date
Sat, 18 Nov 2023 09:26:36 GMT
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
Rubicon
s.seedtag.com/cs/cookiesync/ Frame B13B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag&gdpr=0
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LP3UH1V1-21-638U&gdpr=0
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LP3UH1V1-21-638U&gdpr=0
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:36 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LP3UH1V1-21-638U&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
tap.php
pixel.rubiconproject.com/ Frame B13B
Redirect Chain
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=7815611394653132251&expires=30&gdpr=0
42 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=7815611394653132251&expires=30&gdpr=0
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:36 GMT
an-x-request-uuid
5ac8bccd-d9a8-4969-882d-49dcfc5d7f0a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=7815611394653132251&expires=30&gdpr=0
x-proxy-origin
82.197.161.4; 82.197.161.4; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame B13B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=6&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=7427790401613152250&expires=60&gdpr=0&gdpr_consent=
42 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=7427790401613152250&expires=60&gdpr=0&gdpr_consent=
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=7427790401613152250&expires=60&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
generic
match.adsrvr.org/track/cmf/ Frame B13B
Redirect Chain
  • https://sync.1rx.io/usersync2/rubicon?gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7009964682
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7009964682
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:36 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:36 GMT
etag
RX906d15be19724e9dbd7d18ae1ca45bb1003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7009964682
cache-control
no-store, no-cache, must-revalidate
expires
0
709414.gif
id.rlcdn.com/ Frame B13B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif?gdpr=0
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
redirect
exchange.mediavine.com/usersync/ Frame B13B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17404&gdpr=0
  • https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LP3UH1V1-21-638U&gdpr=0
0
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LP3UH1V1-21-638U&gdpr=0
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Server
3.73.198.115 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-198-115.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:36 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LP3UH1V1-21-638U&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
Expires
0
143
match.deepintent.com/usersync/ Frame B13B 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/143?gdpr=0
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:35 GMT
content-length
0
server
a
tap.php
pixel.rubiconproject.com/ Frame B13B
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=1&gdpr=0
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=1&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=649816e3-acbd-454b-bc2b-add3b219c3f3-6558834c-4348&expires=360&gdpr=0&gdpr_consent=
42 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=649816e3-acbd-454b-bc2b-add3b219c3f3-6558834c-4348&expires=360&gdpr=0&gdpr_consent=
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:35 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=649816e3-acbd-454b-bc2b-add3b219c3f3-6558834c-4348&expires=360&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
cookie-sync
sync.outbrain.com/ Frame B13B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=outbrain&gdpr=0
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LP3UH1V1-21-638U&obUid=&initiator=&gdpr=0
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LP3UH1V1-21-638U&obUid=&initiator=&gdpr=0
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
HTTP/1.1
Server
64.202.112.223 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 09:26:36 GMT
Cache-Control
no-cache
X-TraceId
a461a4098ac2d0044dc4c44151fd61fb
Content-Length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LP3UH1V1-21-638U&obUid=&initiator=&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 05D4 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:09:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
58618
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Nov 2024 17:09:38 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame F7F0 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
25679e64b105c0acb0da7fe3cf9f7988027e9511a28c536f5ea322ac08e642dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 08:29:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
3420
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24357
x-xss-protection
0
server
cafe
etag
17020722232796629264
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 09:29:35 GMT
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:36 GMT
x-amzn-RequestId
dca2f4c7-a1f0-26c6-8170-714b7b98f7ec
/
kinesis.us-east-1.amazonaws.com/ Frame 6391 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
6f5f67c7b2bc45acd339ab8a39009ee0e49f7914b90177b6561fb491277ac11e

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=29bd5aab99ec583a03f43620e9b143584e9812efa42bc234fe498fcea5f21cc5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
eabb7a85e11becdca6984aeb426317a6d71dcc2cf4689fff176fa8f9bc370cb3
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092635Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:36 GMT
x-amzn-RequestId
dc3ade2f-9a2f-e57a-81e8-5ba340473450
Content-Length
133
x-amz-id-2
RFedL4FtQs504POCjqqyn/DS5y0CrpH+ZfY04lzrkoBWBgJRE9dnqPpMRYBTBYQGqB7oO+5eqfBQVk2q2MT02kOW2fU37Itw
Content-Type
application/x-amz-json-1.1
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 6391 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 09:26:36 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6391 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssFYTSiosNsy7siVOEkUkA8gdtZIU4BYTIRlTnH9CYGT1Xlhxoi5QTSR1e9tI26juY6PsjdttflIBAxvQauHrqznGukj7pqF3jcyrgi4vbNop8QT9Fg9fAUSoYbEZUY59dJVpndD3prrSb6Cx8Ip-JdnNcnA8dFZD7I2GUkn1UWvESN8aFvDvW6dRLD04ieGPf_IOgKPI1354HJUdZvwAufxKoNtg7MgCEhc85oC5tGu1Ha3rR5z3SeQg81qaMmA-lBMqb3q5CJDw1fpxrEQvCkwu-pja_ibGNU8ktljp88QxuQ-UcAsr2Aymhr3UGbI8ZTozA5AhR6G1e0HwwfEDQFN9iHswZmqdUHRqvDkiGSS9uewvu96meixVmT7RqpV5uf89Eh9Iv2_zU5lCSCgMMnHrVapfWdlsL0Tp2x1llfStTS3mKKY77u1FR9MDLxf0WIOVvT130ox_U5YKCaQUbYtDchVGPKSJsjYw4YHQDiNPoqcM5FJtNF36-AZT4TxOOvfUqU6gJdHEKigUxR48uzmJ76ZjqyKMWc1Me4ADdpn4CP9R75nG2EE-fehuPg9MJRE_xYOwwi8kPKs1Axo1r1RtOvDPh3BkGpuBov_ZVcCiICMz54Dclaf2XMBk_xpkyOWuGuHbKtx5hfZcJdp2vykG6_NArNh-v53fWK-7JUgJxsxZf9pv7d9-pbyBLLBESi1aAbwpczZ2L_97B8824TiSglqnY1HQdLCGa4iFgeQOhIn5cKP1TGP8avovQYgM300BbwwhFI5QP2ZVP0LQhlzmN9Uc-UWL1zWcf_uwfOt9XEXdS0g_ocDK3r61eYr5jsXujFmPDIhFyRZdE7pmhMAdiOi4Bpm5OHF7JyureResxP8i23VDNsncsmQwtTnq0aS3UvXAqmlJk929MZPHKCq1cBtb9O9xigRrRjZpyxu2Phlo_dWMBBqMEO89VxYZvRgAfSL3Qg77jgb-VsXR_GYcZ-wR4z-0TRwt6rJ3bIN3H0aIQ_Q-NveGdRqSNqCgg4hgrCPYfkB91hxDZjWsM9acsf4WCiTnlxpZ_qZhsg66PBogxM69NJee3bB9trNI6Q6tBiMK6D8uleu7w1LJVzmB8q9zlzhhMra8hET2ph-xXFGxI3cevKTDeOY2EX_geqK2iVtueQFFhVj0f8HAznvHDdH7kCG2rXUsCbO63Jl96fwD7wsGDcyHTmKOjCFlzX2gEMwpcyol5au5fPqfBURFDQzEIZIf8rhGLbvMM4dB9uBbX9FqBXZPMdd1Pd4PBgifWVl1RnX60M5ARt9TarLT2OSD1xwyxzIvppfDeF9XAdHJc0jlruWYppgrnE073VkVeFSkXH-uR27rhSYBHh6KFUYtmRn_vNdwhiB5-RB-0LPSkF2UXNZku7rwDVD20zjRPzItcXcXjb168J4-m0Ahlc-I34iWbIu957sUxCpLH5zrYaeA&sai=AMfl-YQ6XFcfq0op5vWZTfSNxT-RUfRCwgTrWY3yKYqoZxUi6QtS80Xnu5JRC3NJsSoGlCgTusgQBoi00uvKU-DJHIYGap5zW7oHue-SOvEq1cQHTgr52STWXWj7J3KKQq1w5ANcJeTdJwljVHPwqyPDWzyNw6Ezmhgq2EZV0yxD06kleCbCoB4ITgNn1uNzP7-PO9c-p7kmBuCMySVBUpiJqQBQ9p6h6YT3BiGe_S0DE6v0iW0Q5ajl6-PEfuP10JO1Vn4hLbo6xvzyoyz-0GdC6g&sig=Cg0ArKJSzKIBz_1Bl5EiEAE&uach_m=[UACH]&pr=67:0.136704&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1875&vt=11&dtpt=730&dett=3&cstd=1875&cisv=r20231109.14262&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
CH-DE_FX_Productrange-2-DECH-728x90-638330545160052832-df08ecc5-0d94-4367-9809-0dfd7fcec4ca.html
s0.2mdn.net/sadbundle/18180890864186818560/ Frame 5DA7 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18180890864186818560/CH-DE_FX_Productrange-2-DECH-728x90-638330545160052832-df08ecc5-0d94-4367-9809-0dfd7fcec4ca.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
sffe /
Resource Hash
18ae936e604734bfd85ff6326793899e161dcbcc0d77a2965f8c0987d3a92276
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
133860
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1418
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 20:15:36 GMT
expires
Fri, 15 Nov 2024 20:15:36 GMT
last-modified
Mon, 16 Oct 2023 12:02:02 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 6391 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CNuVPRINYZZi7EZuX-gbGpoDIAYf0kpBc6Oum6fUEwI23ARABIABg9YXKgdwEggEXY2EtcHViLTM5NDQ5NTQ4NjIzMTYyODPIAQngAgCoAwHIAwKqBIwCT9Bnq6d-tfzAYjh-QUHHh27lrvu0WshueEVVDGnll93UqPy86EdXU8Cz6N5q9wU7LOlzHPMUUXDFHrrJSCikSHKf_SJQ-PmElqOzvw8BRSstjVWiv3mBY0FlArFVObXE3ji7GU4oNuZPpcABZ5zx6nAe7Tb6YfE23zWfr-Y6xipiQl5oKACD79AedpAnyjPDltlWJFlP7M2Xu0aFSSwV2oP_rSSqyuoOGuWJUV4loPaMTg4TcuXhuAYa0YhYIjw4l42ChEh_gE_xsyX6qAG5CVBiEakuocbUit2klj_nLmJD16avm5WO3gTyvzUyqzW36EgQIoSag5i5mJKz2LZ1Dpy70zOxD-DnRUypUeAEAYAGwoSuydaxqJVpoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKA_oLAggBgAwB4g0TCN7b4cedzYIDFZuL3godRhMAGdAVAYAXAbIXHAoaEhRwdWItMzk0NDk1NDg2MjMxNjI4MxiY2xA&sigh=xl0DbQsP1Dk&uach_m=[UACH]&cid=CAQSPADICaaNrmcrsRNPpFfivlJj8AXYe5qvR5KUrTxXfSvN6d4pUO3Kz76ryySyJaJ95ZhpVEQ_fJyxVji63xgB&tpd=AGWhJmuPf9gK9UnQQGj9uWZZfzWZszQG69syG94tRPTQ984Lx9DQD0Ic8Q74G3CgieDU0c4q86vGi2Mw6Xa23lrkmWjsdsPCir7dXUA6Mzwq44TWXRspucnkZnOat9IvNBubCkKA8Rl790s_Hu417klX_A_EiFqZO9WQ1Io-TBgYEGRdujLJmV-JTEzJQ0ZDzojYLcBhjpN7w3nNg4jw0vzg-EKIqrwmts10bOpDYXZudSB9dMKhyvD-1XWsEGJ30hJOOp8H94pm1JC27X1FkDscBxLkV1_0MbshCm14ZrLj23JITM-6yTTvKd9I6C7_oZ8eVGyg7RkqJxjMPMEMOUQchLTXuYakism9Oziv_E6VkXOkiPBSxeRR9pRCaKwdtW7X0eRzigM2AwEXpEJxNZKFQVD57WINheyOMi0ft8NQVUMU12TyB5sdnqK0VV4jNhOtcW9OW1pjHnkCEEpzKr0fCtbBA1zYgG7IQlFiiyDQO6Vd1H6_g4rYVtdvGtvtUZXu56QC1L7QoWrYGHUg-aSrs_5sLeDYKDgOj3pomoy3Df-4W2FkUhvYpIIpKECUgBtbIEUGcCw9ZamzYNpB6_ZNlJMhrJ1WCMZwBljtrm5ZBB4XSti85ostScygb7dzAfz9MP-S0qCOMDG4xncypHSh06_iW_xq7UNVTOCRT7zIby0gqIhJU2Ei7BLnruTSWGdE59rx3AZ8_9lBNLusR2IhoQnKjV323JvobmKLPhphpeEo5PB24jdfdJLRwdR9Bu9ZDbd6mu3_2Wll0KpnU5G3FFwxy8ZO&cbvp=2&vis=1
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:36 GMT
x-amzn-RequestId
ce03ca40-6731-9cd7-93d1-4fcc170f8c5d
/
kinesis.us-east-1.amazonaws.com/ Frame 6063 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
3aba039046e512852b23c8803ecbd8a1655f73e9b59dee90cc290efe8d96db3c

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=e14e990609034bdea0fd82115775cd7e86a07eb1f566a230af39c3429aa6bc70
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
046bf596b09631ea2e980c564fb7ca385a822610bb5436678e45d158cb80f353
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092636Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:36 GMT
x-amzn-RequestId
c7e8d879-e453-c0a5-9a3a-5df5946dd02f
Content-Length
133
x-amz-id-2
zAKA5pLbz+9HYM1lkmioveQDrRiyNYBQr1zY4PJqyla8STCsialkIPQtLdppAr6wWLOsUk7chynTfvc8nH+ESGUf7YQUsr3f
Content-Type
application/x-amz-json-1.1
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 4397 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:09:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
58618
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Nov 2024 17:09:38 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame C9B3 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
25679e64b105c0acb0da7fe3cf9f7988027e9511a28c536f5ea322ac08e642dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 08:29:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
3421
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24357
x-xss-protection
0
server
cafe
etag
17020722232796629264
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 09:29:35 GMT
ztpv.php
www.conrad.ch/ Frame D772
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2246412&v=11467&q=346432&r=414915&pref1=20504700034430604438266012512005&pv=1
  • https://www.conrad.ch/ztpv.php?awc=11467_414915_1700299596_920ddac0-85f4-11ee-819e-22341370d01f&insert=AW&gdpr=&gdpr_consent=
0
495 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.conrad.ch/ztpv.php?awc=11467_414915_1700299596_920ddac0-85f4-11ee-819e-22341370d01f&insert=AW&gdpr=&gdpr_consent=
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.187.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache
cf-ccp-worker
HTLPHandler-v1
cf-ray
827f2c4068ad0221-ZRH
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 18 Nov 2023 09:26:36 GMT
expires
-1
server
cloudflare
strict-transport-security
max-age=15552000
vary
Accept-Encoding

Redirect headers

Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:36 GMT
Location
https://www.conrad.ch/ztpv.php?awc=11467_414915_1700299596_920ddac0-85f4-11ee-819e-22341370d01f&insert=AW&gdpr=&gdpr_consent=
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Strict-Transport-Security
max-age=86400
cshow.php
www.awin1.com/ Frame AF6C 		43 B
702 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.awin1.com/cshow.php?s=2476255&v=15168&q=372492&r=414915&pref1=20504700034430604438266012512005&pv=1
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-205-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Awin-Akamai-Rule-Set
default
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 18 Nov 2023 09:26:36 GMT
Expires
0
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma
no-cache
Strict-Transport-Security
max-age=86400
request_content.php
hal90005.redintelligence.net/ Frame D130 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90005.redintelligence.net/request_content.php?s=20504700034430604438266012512005&a=63a9d708
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
11d4664d0d48c3423c1eceb34ae5195d8edd83095ecaae3473aad0be154affac

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2170
Content-Type
text/html; charset=utf-8
Date
Sat, 18 Nov 2023 09:26:36 GMT
Expires
Sat, 18 Nov 2023 09:26:36 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
impression.php
t23.intelliad.de/ Frame C48E 		43 B
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t23.intelliad.de/impression.php?cl=2353636373136323131303&cp=101&ag=248&bm=100&bmcl=5373735313236323131303&crid=101&timestamp=1700299595&co=
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.138.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-138-165.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:36 GMT
server
Apache
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW NID PSAo PSDo OUR STP OTC"
content-type
image/gif
cache-control
no-store, no-cache, max-age=0, must-revalidate
content-length
43
expires
Sat, 26 Jul 1997 05:00:00 GMT
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:36 GMT
x-amzn-RequestId
caa57306-0d27-0dbc-9777-f68a18f1e2b7
/
kinesis.us-east-1.amazonaws.com/ Frame A740 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
8aa32b246bf265aa153692960b6f7825275d97c8bc33df4957c1020166c7582d

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=6e36a38caa61e6d585a7d21d4a74e656162626a7e02caa4970cbe29a4f8679c1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
991528081fbebc085cf90f3fde54107807df3a4837d8b4171cc8bb96b58eb7f8
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092636Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:36 GMT
x-amzn-RequestId
fa763a04-83fb-fbaa-a7a4-bf88962d14a1
Content-Length
133
x-amz-id-2
AD4TVmvD8tqAvZ7DSQ2q9kfjne/ePWc9KI+FDYWXDPWKWvvmh6sFf0/9dUCA3I+vrz5/7hP+QDNzghbZQPnEPego3qcNIsUn
Content-Type
application/x-amz-json-1.1
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame A740 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 09:26:36 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A740 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsslu5f6gmpzKxogKWkGG3qjrQ9CDHEZTVZTHpBHuHpjCxFQN3NOwrIslQ8ZSPhss2elgFnpMlN8TRACBzXhw7lxTGNAqR7YkvpEVbwu1HARlx30L_ib-CM17fN7KXEOkhjqzlwOOHlWvX12cGNhfpu9GmdMAfBBLKcVC0bJCwh9aT6e-uh8tgoGPhRozxwLwjRRjfKGgvpCGVytuchBtmzTpdIfwBS6wMVa7oZ3k-hOCCk3LZ9c-e9_1sWfzTRVamviaJq7hvS8tK1SDdcSpd37MCEnokHvHZm-mQcr60dZT0iMkAC9R-FLTMiEGn39lOVjDZJ3eUBGfse1ixp3EhswLmL_hoz_6fxCmpGiy1Zqsax2bVwmZgE3LOB6sAMGbjzOzrzFzX2qxy-RPuIK_5t5u_oMa7RHrX9Y--28z5rst6_SCEHQVUHvrfCngnWu5MnnsLyRO1VDJX7VurfXKU32LRgb25wCGlOJyYPyHOL0ToHwhX91VKEZLdhUqfZnfpdWirovNWj6JsTG9XVaSlIJTSJVERgb3829wXxOud8X179kXQlwhQuVwDXxxgH5EcSFDOim-0piisDyYgHXnB5qVjo5_u99Gch4Mfs-ncKPf7jgUipx-Gvvbihbo9QR5IdnfR2FyU3ciaVsUmE9DscilSnb5yKSevl6xoyuj34ugVQ7f42BkRPQkZopjGGVUyolhBfkaDFNU6hN4gos-dOpCQB9HGbvU3FEip2Pq1SFjO3BEFE_P1vrNbONmFiUUxDV2H_ii_ve1TOjZrMLKXJmGFo9qEhVhJnFqLzaqtCosg6Aa5T-IZT9uZWf6YaVSHGROtXgte8c6Rl_i5fCfHV0dTg2rc-Yfyw6cxN9M59xESuOukTw8HN3LJyyjqjWXl6lG7-r5r7YIAWPrKH21zT4sJFdbpcWKw45QubCGKlM9XqDxDDhwixijS18uRkDGG36EqT9xy0JhD8aSuhMwBlkkUAtdO8fBRYIGAtwbVuK1aJJVfE5TrJh6RSXoD0O6Xsp1yUeJNUG1F5E43nfE6ILo9bfvmV3HpUHOpWkC6YIXSW2n6jV1XZI2LA-gazwIDAyWDgr5sdSlQbwQQh4_cFwMJDoEHgLJxmQjky1HrqgTQPUqNp0xcUVAT9IwoxuA-MXg6YaJzzjk0aPs1qrdZWH-oCO33ok9BYxr2RFO09txuoSVGgV501KsDrhOnln6vJq_Tz5iDI4MPxmTombWiUkj_vMcGvHQgyJmHNur8HZ7byyjrNzkrVqBTuC095x9Tczv2ROE_X7LCdKclk1He6eYjGJ5fucbSmx_yp0-Kkt59xGHF_d_zcfFKuHRvdaBqWbvRPjEkFed264ivrgDSCk7kVVBzHt7xmmL1O09k9suPtHE0IcFl-xhbQYQyik51JPM0hcdpTS9CJ_DrSmM1mPQuazidOSVpzP0PzH_t-rofDR&sai=AMfl-YRoedleX4Nf-H3hB1-krbXffP8XV-IQtlrD4WTayfH654iadM3WX0UCZGavWXeqMEj4K8aeLAH2JiBwCnsBtHV0hsucux30n4eF9nNYUvXR6lZZrmmnd7EBUrBph4-LiSCBVV8OMDut9409nsaA-ILnHqcmde3cBPQDB_89wi2Lak8PmiCpep_FpcQPUR10eHRmQahmv0dmle0cFjrWkCRWip788cKJn2CIgLpgZ1oOSmjZ3W3XXNz7DDtH3I3U5f2JwES2sl2CXz_QH4WZqw&sig=Cg0ArKJSzA_tQp3ruKe7EAE&uach_m=[UACH]&pr=8:489F9114CF8ACACE&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2057&vt=11&dtpt=1186&dett=3&cstd=2057&cisv=r20231109.35219&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
CH-EN_CFD_Price-1-Singapore-728x90-638326037557461764-6116462f-2685-4f3a-a48c-89017f79f1b9.html
s0.2mdn.net/sadbundle/17177723152520708096/ Frame F02C 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17177723152520708096/CH-EN_CFD_Price-1-Singapore-728x90-638326037557461764-6116462f-2685-4f3a-a48c-89017f79f1b9.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
sffe /
Resource Hash
416d585830fab35b1a584df727b30e059cf56efee8bc0d95f90e40f9859209e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
965
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1418
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 09:10:31 GMT
expires
Sun, 17 Nov 2024 09:10:31 GMT
last-modified
Wed, 11 Oct 2023 06:49:24 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame A740 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cb4aARINYZZvNEMbw7gPfnJq4DIf0kpBc6Oum6fUEwI23ARABIABg9YXKgdwEggEXY2EtcHViLTM5NDQ5NTQ4NjIzMTYyODPIAQngAgCoAwHIAwKqBIwCT9CIz15vBxJiIrxZNLcsFIhNs_2kRkX1ZCmtd8ddEVVmMI2wv89wmQ6tQcxxuvfhBIXbkqzdpaJwKMGn7fUDO5xH8rYN_zrF1XuJK2V72FGWu0BAF76CW912z2cMHgG-Dm2fDc5xX-vfi_SJekYS5uIZ8V10iMTv-KdpcxwlOUbKqykyayHeyXYv6ylKH_iSKs8j49EgGVQ74dSMpVo-jPE-Nv9nZ9Hva6AenIK8pn9L3OzsmSUGHOQoVmzxDkrj1bG70kQE2Ycz-mkEDdjX_qnkqvJ8vnJOB9yQmdGEf6ne-YzW_r0a6TF8BbbcObO7l0Do9LyWgtVpBRQSEMPDErWGCxWa7ngS08YbceAEAYAGqJ-T-tjF5IcKoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKA_oLAggBgAwB4g0TCMjq4MedzYIDFUa4ewodX44Gx9AVAYAXAbIXHAoaEhRwdWItMzk0NDk1NDg2MjMxNjI4MxiY2xA&sigh=o_p5AqtdyNk&uach_m=[UACH]&cid=CAQSPADICaaNsUBPfW4vlBSDDy70VwX4SaQZS-ExrA5M9zD-GRd2hhFwT4Mlzrex5W--y7yCXVkxtvULVzyEQxgB&tpd=AGWhJmvzGKA7YeXjvcvimqPpPkCcpnt6NXWQT09bmeEtfewIBfbvEvVSYc-7XvnT27xoNSIr5UNzl9kCIgHjtaM3J_B5g0r7w4hLm79TIlbb4_rf0Uj6uIRuhHxnvDfEauYeUugKWUM0ljvz5k1WTjG7cUytCQrviy4AltbDcCZc7uk2nBRJp3x2DMLZMVSPjDsLc4peFHyawGA3ZAlroZmVjBP_bkFNSNKL-Jo3wn9w9QZIHrLzJ77ZAdHJxA4JE7za2lXRSv0_xl7LBPomwpVnf1xBcFvt8BsKEmoYlDbBEyMD8yczJynLnXzu4lp7Gcng-e2bb6170daolw8MnpOcUd9y7lzvfkcC8EsOCESsl9WMObFmtOz9bvXJerCJJHxxfqa_Ys4CWuaGBAtpwr0pZCcPjxKjkiRGKOw8ID1mSsJOCdrv7Ffku9F6WHTEg2tqwsO-rHneC4qWnIf_53HyPJ36pisscnROJ3EvIj5N5BKNxB5kciEpG5YWfC3DGZvxRYWRmr8-4xlqAeRyhF1JUMkx2KjZ4tGgBxhnYVlcgLzOKX_V6_syN_mMujhZc-ssE3ZBBhK3rCP-oHNOFYERgRK3bbJDwfgj83N50CWfTaU2KCWAwVcq_0pcTu2OYkq3SWRElJ_gKFnq15xKNLHQZPgXtnXlgO82Ozj2vmfUKQe5SGXRn_n9U9Pn530heizhLbswZ7Mh_05eAacmgXdGqDjBRfnZnx9a7wUSyThaB8Pp0EeOqU94rjP0AafZ3Ws&cbvp=2&vis=1
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame E400 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:09:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
58618
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Nov 2024 17:09:38 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame DEB4 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
25679e64b105c0acb0da7fe3cf9f7988027e9511a28c536f5ea322ac08e642dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 08:29:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
3421
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24357
x-xss-protection
0
server
cafe
etag
17020722232796629264
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 09:29:35 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 6CDB 		55 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff_I4mAAAAAGHfEhhVXeU12QZE9z2mPvtEr2BI&co=aHR0cHM6Ly9mb2xrZC5jb206NDQz&hl=de-CH&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=normal&cb=ad3usnoadv8t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 00:50:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30991
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 17 Nov 2024 00:50:05 GMT
recaptcha__de_ch.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 6CDB 		468 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de_ch.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff_I4mAAAAAGHfEhhVXeU12QZE9z2mPvtEr2BI&co=aHR0cHM6Ly9mb2xrZC5jb206NDQz&hl=de-CH&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=normal&cb=ad3usnoadv8t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
14f58d534c595bf9b24e8f67fbfba7a9213884866ed47888cc10ec5525b41777
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 07:57:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
350960
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192023
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Nov 2024 07:57:17 GMT
pixel
cm.g.doubleclick.net/ Frame 1606
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEF7-SG7CLoSet3-m9XqLLsU&google_cver=1&google_push=AXcoOmSE4kZgB9gjzTMnFkdAL8yP0vzdSy7-o4PtXy5UcMRahAOr1GcLhcZK_QbH9NDrHxRi_qfYYaWQz4J6Xac3rs6G8NgVOF5a3g
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=VnZjV1ZHVnZCdHExdGZZVVRJTllaUQ%3D%3D&google_push=AXcoOmSE4kZgB9gjzTMnFkdAL8yP0vzdSy7-o4PtXy5UcMRahAOr1GcLhcZK_QbH9NDrHxRi_qfYYaWQz4J6X...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=VnZjV1ZHVnZCdHExdGZZVVRJTllaUQ%3D%3D&google_push=AXcoOmSE4kZgB9gjzTMnFkdAL8yP0vzdSy7-o4PtXy5UcMRahAOr1GcLhcZK_QbH9NDrHxRi_qfYYaWQz4J6Xac3rs6G8NgVOF5a3g
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 18 Nov 2023 09:26:36 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=VnZjV1ZHVnZCdHExdGZZVVRJTllaUQ%3D%3D&google_push=AXcoOmSE4kZgB9gjzTMnFkdAL8yP0vzdSy7-o4PtXy5UcMRahAOr1GcLhcZK_QbH9NDrHxRi_qfYYaWQz4J6Xac3rs6G8NgVOF5a3g
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
245
pixel
cm.g.doubleclick.net/ Frame 1606
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESELya3wUKRDOHpwj5TgaQwr8&google_cver=1&google_push=AXcoOmRQe1ubLh3sVfihN80QtyqektBeYENJVE2fbIv5Gb_bgUZ5rqks9vSOQo-kSOEeAiWqfBoWZIwFBGFCMZI2xOcSP3R3cVvv
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=853692979260&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=853692979260&us_privacy=1---
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=853692979260&us_privacy=1---
content-length
0
pixel
cm.g.doubleclick.net/ Frame 1606
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESENBEHDh0raE0Y77ecHs4djE&google_cver=1&google_push=AXcoOmSWSnze4yt5Q5rHE6wQr5WDnUywabJPsoJ41pwscWE9IHevTw0HIUVadYn-cGY8bR4iLmlrphD0jjCqcetokSI6eRO...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSWSnze4yt5Q5rHE6wQr5WDnUywabJPsoJ41pwscWE9IHevTw0HIUVadYn-cGY8bR4iLmlrphD0jjCqcetokSI6eROTuu3s
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSWSnze4yt5Q5rHE6wQr5WDnUywabJPsoJ41pwscWE9IHevTw0HIUVadYn-cGY8bR4iLmlrphD0jjCqcetokSI6eROTuu3s
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSWSnze4yt5Q5rHE6wQr5WDnUywabJPsoJ41pwscWE9IHevTw0HIUVadYn-cGY8bR4iLmlrphD0jjCqcetokSI6eROTuu3s
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 1606
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEMmFmAcRjOzs6nRuw_7GY58&google_cver=1&google_push=AXcoOmRMWN1nIwP-O8kSGWPsepnC0akcyYWl-pR0og07MXI8UA4uv2e73h0QCV2U2Yo7p01IuJIIenRdJ-CcyjzTGk7uVXRdeJZl1A
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmRMWN1nIwP-O8kSGWPsepnC0akcyYWl-pR0og07MXI8UA4uv2e73h0QCV2U2Yo7p01IuJIIenRdJ-CcyjzTGk7uVXRdeJZl1A&google_hm=lPpImljajrWp3gsfov-k0g==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmRMWN1nIwP-O8kSGWPsepnC0akcyYWl-pR0og07MXI8UA4uv2e73h0QCV2U2Yo7p01IuJIIenRdJ-CcyjzTGk7uVXRdeJZl1A&google_hm=lPpImljajrWp3gsfov-k0g==
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:36 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmRMWN1nIwP-O8kSGWPsepnC0akcyYWl-pR0og07MXI8UA4uv2e73h0QCV2U2Yo7p01IuJIIenRdJ-CcyjzTGk7uVXRdeJZl1A&google_hm=lPpImljajrWp3gsfov-k0g==
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
231
pixel
cm.g.doubleclick.net/ Frame 1606
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEG_8mc7NE70EZzRUaAlM1NM&google_cver=1&google_push=AXcoOmT4MojQ3KqlWH_j13AQjXG2D_mq-64zG9UehrZoTJ_wToeUQF7-f31njGTDpUyXLsCPd0IV7gejcTb2yGnWHMbAgj...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=fjD_WiwsRh2btLD0-cTDdA&google_push=AXcoOmT4MojQ3KqlWH_j13AQjXG2D_mq-64zG9UehrZoTJ_wToeUQF7-f31njGTDpUyXLsCPd0IV7gejcTb2yGn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=fjD_WiwsRh2btLD0-cTDdA&google_push=AXcoOmT4MojQ3KqlWH_j13AQjXG2D_mq-64zG9UehrZoTJ_wToeUQF7-f31njGTDpUyXLsCPd0IV7gejcTb2yGnWHMbAgjbCthtacQ
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=fjD_WiwsRh2btLD0-cTDdA&google_push=AXcoOmT4MojQ3KqlWH_j13AQjXG2D_mq-64zG9UehrZoTJ_wToeUQF7-f31njGTDpUyXLsCPd0IV7gejcTb2yGnWHMbAgjbCthtacQ
access-control-allow-origin
*
date
Sat, 18 Nov 2023 09:26:36 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 1606
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE...
  • https://sync.targeting.unrulymedia.com/csync/RX-906d15be-1972-4e9d-bd7d-18ae1ca45bb1-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTM3lyIS6-7is8TnHHpP...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTM3lyIS6-7is8TnHHpPS0VyB_wiYDaUPvVc4UFtp35JDerPcfDcz4kLwf1FRlAwfxbZFvt66B7d9JCn2eS6VwwgLCNA7ZhLg&google_hm=A5BtFb4Zck6dvX0YrhykW7E
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTM3lyIS6-7is8TnHHpPS0VyB_wiYDaUPvVc4UFtp35JDerPcfDcz4kLwf1FRlAwfxbZFvt66B7d9JCn2eS6VwwgLCNA7ZhLg&google_hm=A5BtFb4Zck6dvX0YrhykW7E
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTM3lyIS6-7is8TnHHpPS0VyB_wiYDaUPvVc4UFtp35JDerPcfDcz4kLwf1FRlAwfxbZFvt66B7d9JCn2eS6VwwgLCNA7ZhLg&google_hm=A5BtFb4Zck6dvX0YrhykW7E
date
Sat, 18 Nov 2023 09:26:36 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX906d15be19724e9dbd7d18ae1ca45bb1003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 1606
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEL5bxwZR1MM8z6wMVarYh3A&google_cver=1&google_push=AXcoOmQYTOlQ-jbvB...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzgxNTYxMTM5NDY1MzEzMjI1MQ%3D%3D&google_gid=CAESEL5bxwZR1MM8z6wMVarYh3A&google_cver=1&google_push=AXcoOmQYTOlQ-jbvB0maSQmkmZcqQV97Si...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzgxNTYxMTM5NDY1MzEzMjI1MQ%3D%3D&google_gid=CAESEL5bxwZR1MM8z6wMVarYh3A&google_cver=1&google_push=AXcoOmQYTOlQ-jbvB0maSQmkmZcqQV97SiFBp73mY2sHANA_NSUnSDEkIx3nc7MmPg3Uu2Hnbom08A3TtxwkiP4ulBTr3smucJAH_g
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:36 GMT
an-x-request-uuid
50719e8d-a201-453d-85ab-0e1ff0381ff2
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzgxNTYxMTM5NDY1MzEzMjI1MQ%3D%3D&google_gid=CAESEL5bxwZR1MM8z6wMVarYh3A&google_cver=1&google_push=AXcoOmQYTOlQ-jbvB0maSQmkmZcqQV97SiFBp73mY2sHANA_NSUnSDEkIx3nc7MmPg3Uu2Hnbom08A3TtxwkiP4ulBTr3smucJAH_g
x-proxy-origin
82.197.161.4; 82.197.161.4; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 1606 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KYBZ0pm5PQxVpUS9tMUUrCy9bedfFkw3sWXUdhKH19j4ZYldskJrnKpPLAiwKbLWQVnMCLCw
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
13004046.js
s1.adform.net/Banners/Elements/Files/2135726/13004046/ Frame 408C 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2135726/13004046/13004046.js?ADFassetID=13004046&bv=257
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b20bc5329149e6637212eaf6266a9c94caf7656ba8cb4c95578fa6b11b43f9ad

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:36 GMT
content-encoding
gzip
last-modified
Wed, 07 Jun 2023 14:48:52 GMT
server
nginx
x-amz-request-id
tx000009ca6907604149055-00654f1947-3295f919-default
etag
W/"89cd79f2fe79c8114d5504d943c51189"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:36 GMT
x-amzn-RequestId
c3cf3272-82a7-f2f2-9e1d-b7fe58cf23d8
/
kinesis.us-east-1.amazonaws.com/ Frame AFD5 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
671420dc598786680012065f82e83d76374f22ae2dda80a2747726a4d623db81

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=a7d0c69d92ab5f0139e3d6d6b59f1eb3236d26bc0edfdc22be97c41625c7b062
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
b98e62ecee68fc6eb16a38653f0a15c66f9b0f6210c3896b891074b071a7751b
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092636Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:36 GMT
x-amzn-RequestId
c4b9d4ed-e323-4ff3-996b-5161394b9ed9
Content-Length
133
x-amz-id-2
QVjCNtLFWEutlq89SguvOVjKp1oA2SvGv3Nz/hRdkcn6k4/5dClwFTPR7iDAtq3p2yO0ueHEHHq5WWNGIQKvHffteoUmDKXg
Content-Type
application/x-amz-json-1.1
ev
ads.yieldmo.com/v000/t_tkr/ Frame AFD5 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/v000/t_tkr/ev?type=mrcv&imp=6421225417988955068&plid=2521236318193655889&pvid=3409479185010479232&fmtid=90&offsetX=0&offsetY=0&pvt=1700299591383&stime=1700299596315&etime=1700299596315&viewportHeight=600&viewportWidth=300&adSlotLeft=0%2C0&adSlotRight=600%2C300
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:36 GMT
access-control-allow-credentials
true
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
GET
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 7E2E 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
153711
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 14:44:45 GMT
expires
Fri, 15 Nov 2024 14:44:45 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame AFD5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssmQ1lFx2dQNrxqJQAsWrMxXTD-gH38ITxf9y6l4kfSI-k810nyy_HeZHFGWALX2zEU4U95049mTagMx1S7KzqUuGPyYImwu76hXL_C4eXRKl1xcFphvPjTH-KpNzoZVQPa0PoU3Wbj9kwLXMY--NmFpFXXIEpMd5w2FS9-WDhnWyJfMAAw9WhSts2ETQJ0yx5pn4UFPfvQ6gWbMa1uEEsUYzznpYYDSydTBwUs8ow1abIIPhFEo5-u49uNJDU4bCJxhc9laZdufW_rEa5M9m7VVDLnNhaGyplrAUzQsPNDG__pcM_fGSBwGo-jtWtZGgAuni04rryqYNt2-VXgMyEX_wcrt7N1-Z-1ssMvodtPnnwBQ3003MzYLmvy2YPm04v8lX8dNy2MkdxJqdzEnkEio2jK7AsrhOV3x3pwVHTLQDVxY7EC3ptMF41HzCY0cgnhXkZ_IYzxGKC6-7vHkkU4aUAlvP8EJfC7ScNjxGPNDXd5Cwj3mqyxXKVzBLwF80pF84bK4PB5Hu19SCSvETqPAp0pjMXMi6r3-D2vvXda4Su7ssTBzMKMkCj9JO_eyCqUDil5O3RJEO92yA0Rqy9QjPRsniOmq5kyCikp0zp5d68Vlq5BI3OL5f3c-4i4AXIFEhkkBcyUXGxpKsOLXVlplOQbG7ZzRMu9avAeIr5ltMCn0xbeJFBs7tEI8fcj1hkC9LqFeMGzZmmqtFakxMGfl552nTWQ3RJ-5EcMDbBVbYjNAmlHP8xaPUmgZSwBwkyB-VH2_vr3v_tr1mLEB3sC1RtrSfV1VMX-7XAKH13NQmnp1zbnCnUQS8YE_ODc0t0oDe2-xDSHsKRi4B3LnGm-okknGdI4LyYHBt0ebMT4D92msQ7H0SaREOGuz3gqoYaFF11i3LlI5yKKUzSySyraVHGd07gwumOS_y8_qYZBqAAX9seM51cO5AhyzvpzeDI7SbUM8ebJVMvRYSyLywNYxGsl6HMasvHLtESLwZa3RXq9ORCKDJkIvgIv38-ve-Nwfgp-Zaj0xfhgd71xP_-R82zN2zOoAwTuDXa2fwcBOoqw850V5wIBrQ8SjspRziVMmTr8ZnR-4o-95vtVC5lrtm-IgkIhQwGns53SJERkVO32W_FLI77aTuqL6vV8n0VGadMOhytkvESbJCD40qNeGpzUU5ItpEq6SQ970ebOvuSF3BygB18GlQxixH2_A2ODKMF1iyBvcuai75ndOUkep7A-r6TAbJbcq78YgfzUkMi-jlvAonja_7ODY4WKtJ7C-etPEf-_BFJoTAWf8EOWQEEdjBcFnbd8rGBwgaRXaUuLmcDPm12s1auU3N-0N8ud94_x8x4jOroZxvaGBCwTXGMTH6tN3yhAeuhvNyypIVJDMCYEh8u3OyfnZVxEe0Fsb6EiQAGfBfpwM-vI_YyCdXF0Nqu9ExBov7f5HKmuy5XQDBhU&sai=AMfl-YRKuLiMacVM5r-v7JoPxyyIkxijSrBsFjEiQAatysZbuSz8jLK0SR4BPADxXa27ubVrfxM5EPaRDAEWobFThSjfR0V02zF_cGREczghciHl8JJb9k974qzLy_wx2f1a5cZpAL8L7tCTtkKy8fg2mrt4uae9diiBVG4IXPRyAFKg9WZyLKckD8VsjeAIbbj9ocP6TFE1s7syWJzMwAw3q1Hu7osx4WvrDFbeGkyGr1croVKYTe1Ud5dDE9twGCnvVDe5UtxF8tLvsjodndJroQ&sig=Cg0ArKJSzNRLywz3Et3iEAE&uach_m=[UACH]&pr=8:414555A0233F1638&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1113&cbvp=1&cisv=r20231109.72634&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 18 Nov 2023 09:26:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
10629540410154418784
s0.2mdn.net/simgad/ Frame AFD5 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/10629540410154418784
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
sffe /
Resource Hash
bf5987ccde0ba234cfbce4da9283d2b94372a2e1cc2d8dbb72405da644298680
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 05:29:18 GMT
x-content-type-options
nosniff
age
14238
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27208
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 14:20:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 17 Nov 2024 05:29:18 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame B2FC 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:09:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
58618
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Nov 2024 17:09:38 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 6391 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
25679e64b105c0acb0da7fe3cf9f7988027e9511a28c536f5ea322ac08e642dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 08:29:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
3421
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24357
x-xss-protection
0
server
cafe
etag
17020722232796629264
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 09:29:35 GMT
sync
visitor.omnitagjs.com/visitor/ Frame C981
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr=0
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LP3UH1V1-21-638U&name=RUBICON&gdpr=0
49 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LP3UH1V1-21-638U&name=RUBICON&gdpr=0
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Server
34.255.45.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-45-246.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:36 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LP3UH1V1-21-638U&name=RUBICON&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
cs
cs.yellowblue.io/ Frame C981
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=rise_engage&gdpr=0
  • https://cs.yellowblue.io/cs?aid=11590&id=LP3UH1V1-21-638U&gdpr=0
0
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11590&id=LP3UH1V1-21-638U&gdpr=0
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Server
54.228.90.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-90-72.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:36 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.yellowblue.io/cs?aid=11590&id=LP3UH1V1-21-638U&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
Expires
0
tap.php
pixel.rubiconproject.com/ Frame C981
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=unruly&gdpr=0
  • https://sync.1rx.io/usersync/rubicon/LP3UH1V1-21-638U?gdpr=0
  • https://sync.targeting.unrulymedia.com/csync/RX-906d15be-1972-4e9d-bd7d-18ae1ca45bb1-003?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-906d15be-1972-4e...
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-906d15be-1972-4e9d-bd7d-18ae1ca45bb1-003&expires=30
42 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-906d15be-1972-4e9d-bd7d-18ae1ca45bb1-003&expires=30
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-906d15be-1972-4e9d-bd7d-18ae1ca45bb1-003&expires=30
date
Sat, 18 Nov 2023 09:26:36 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX906d15be19724e9dbd7d18ae1ca45bb1003
content-type
text/html
/
ssc-cms.33across.com/ps/ Frame C981
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=33across&gdpr=0
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LP3UH1V1-21-638U&gdpr=0
0
73 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?xi=1&xu=LP3UH1V1-21-638U&gdpr=0
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP008 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-33x-status
2020008
date
Sat, 18 Nov 2023 09:26:36 GMT
server
33XP008

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ssc-cms.33across.com/ps/?xi=1&xu=LP3UH1V1-21-638U&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
setuid
s2s.t13.io/ Frame C981
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13&gdpr=0
  • https://s2s.t13.io/setuid?bidder=rubicon&uid=LP3UH1V1-21-638U&gdpr=0
86 B
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=rubicon&uid=LP3UH1V1-21-638U&gdpr=0
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:36 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s2s.t13.io/setuid?bidder=rubicon&uid=LP3UH1V1-21-638U&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
Expires
0
cs
cs.minutemedia-prebid.com/ Frame C981
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media&gdpr=0
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LP3UH1V1-21-638U&gdpr=0
0
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LP3UH1V1-21-638U&gdpr=0
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Server
54.171.40.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-40-33.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:36 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LP3UH1V1-21-638U&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
tap.php
pixel.rubiconproject.com/ Frame C981
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=0
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=0&_test=ZViDTAAAhugB2ABU
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZViDTAAAhugB2ABU&gdpr=0&_test=ZViDTAAAhugB2ABU
42 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZViDTAAAhugB2ABU&gdpr=0&_test=ZViDTAAAhugB2ABU
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-vie6325-VIE
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:36 GMT
via
1.1 varnish
server
Varnish
x-timer
S1700299597.738738,VS0,VE0
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZViDTAAAhugB2ABU&gdpr=0&_test=ZViDTAAAhugB2ABU
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
bridge
cm.adgrx.com/ Frame C981 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_SETCOOKIE&AG_PID=rubicon&gdpr=0
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.179 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:36 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-7
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
tap.php
pixel.rubiconproject.com/ Frame C981
Redirect Chain
  • https://um.simpli.fi/rb_match?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=8C18D828AD01465CA9B4276E35A499E0&expires=365
42 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=8C18D828AD01465CA9B4276E35A499E0&expires=365
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sat, 18 Nov 2023 09:26:36 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=8C18D828AD01465CA9B4276E35A499E0&expires=365
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 17 Nov 2023 09:26:36 GMT
tap.php
pixel.rubiconproject.com/ Frame C981
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2046&pt=n&a=1&gdpr=0
  • https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=dSSKWIkYCeudzV--4R-hWoXsnMZhMiGdLdsvN9R-tmQ&gdpr=0
  • https://rubicon-match.dotomi.com/match/bounce/current?DotomiTest=79f2dbbd7f0a18d4&is_secure=true&networkId=12783&version=1&nuid=dSSKWIkYCeudzV--4R-hWoXsnMZhMiGdLdsvN9R-tmQ&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAI0iF8EVhIZAMs4tP5AAAAAAA&expiration=1700385996&nuid=dSSKWIkYCeudzV--4R-hWoXsnMZhMiGdLdsvN9R-tmQ&is_secure=true&gdpr=0
42 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAI0iF8EVhIZAMs4tP5AAAAAAA&expiration=1700385996&nuid=dSSKWIkYCeudzV--4R-hWoXsnMZhMiGdLdsvN9R-tmQ&is_secure=true&gdpr=0
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:36 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAI0iF8EVhIZAMs4tP5AAAAAAA&expiration=1700385996&nuid=dSSKWIkYCeudzV--4R-hWoXsnMZhMiGdLdsvN9R-tmQ&is_secure=true&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
rubicon
tr.blismedia.com/v1/api/sync/ Frame C981 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/rubicon?gdpr=0
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:36 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sync
usr.undertone.com/userPixel/ Frame C981
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&gdpr=0
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LP3UH1V1-21-638U&gdpr=0
0
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LP3UH1V1-21-638U&gdpr=0
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Server
18.66.97.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-81.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:36 GMT
via
1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
content-length
0
x-amz-cf-id
GTaF5n5UEtoioj8kwEThcqyGD5LtWGmTxRh0b-3HxM6-dKaEXxeOFg==
x-cache
Miss from cloudfront

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LP3UH1V1-21-638U&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
tap.php
pixel.rubiconproject.com/ Frame C981
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560687&ev=1&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D390200%26nid%3D5120%26put%3D%25%25VGUID%25%25&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=FJM5RlkxxPgD&ev=1&pid=560687&gdpr=0
42 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=FJM5RlkxxPgD&ev=1&pid=560687&gdpr=0
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=FJM5RlkxxPgD&ev=1&pid=560687&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6b57df6cd5-bhg7b
expires
-1
sync
ads.yieldmo.com/ Frame C981
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=yieldmo&gdpr=0
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LP3UH1V1-21-638U&gdpr=0
43 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=rc&id=LP3UH1V1-21-638U&gdpr=0
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Server
34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:36 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.yieldmo.com/sync?pn_id=rc&id=LP3UH1V1-21-638U&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
/
rtb-csync.smartadserver.com/redir/ Frame C981
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=smartadserver&gdpr=0
  • https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LP3UH1V1-21-638U&gdpr=0
43 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LP3UH1V1-21-638U&gdpr=0
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
HTTP/1.1
Server
89.149.192.74 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:36 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LP3UH1V1-21-638U&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
Expires
0
cookiesyncendpoint
sync.aniview.com/ Frame C981
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17184&gdpr=0
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LP3UH1V1-21-638U&gdpr=0
0
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LP3UH1V1-21-638U&gdpr=0
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:37 GMT
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LP3UH1V1-21-638U&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 6063 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
25679e64b105c0acb0da7fe3cf9f7988027e9511a28c536f5ea322ac08e642dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 08:29:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
3421
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24357
x-xss-protection
0
server
cafe
etag
17020722232796629264
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 09:29:35 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F0DA 		1 KB
684 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
42583
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Sat, 18 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C48E 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b8e43e8a8b2029c0398f8d807eb7f41a8a0130e801ab47ab44247d828f795e1

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame A49F 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:09:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
58618
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Nov 2024 17:09:38 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame A740 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
25679e64b105c0acb0da7fe3cf9f7988027e9511a28c536f5ea322ac08e642dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 08:29:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
3421
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24357
x-xss-protection
0
server
cafe
etag
17020722232796629264
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 09:29:35 GMT
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame F44B
Redirect Chain
  • https://track.adform.net/banners/scripts/rmb/Adform.DHTML.js
  • https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:36 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:02:22 GMT
server
nginx
x-amz-request-id
tx00000dcb04a2980ec1f5a-0063765ffa-329373d4-default
etag
W/"4731aef0a5114a59b4311776d270e848"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800

Redirect headers

location
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
date
Sat, 18 Nov 2023 09:26:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
content-type
text/html
css
fonts.googleapis.com/ Frame D130 		2 KB
530 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=20504700034430604438266012512005&a=63a9d708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
ESF /
Resource Hash
bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal90005.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 18 Nov 2023 09:26:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 18 Nov 2023 09:26:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 18 Nov 2023 09:26:36 GMT
Conrad_Logo_120x60.png
ct.conrad.ch/content-chb2c/affiliate/banner/logo1/ Frame D130
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2246412&v=11467&q=346432&r=414915&pref1=20504700034430604438266012512005&pv=0
  • https://ct.conrad.ch/content-chb2c/affiliate/banner/logo1/Conrad_Logo_120x60.png
1012 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.conrad.ch/content-chb2c/affiliate/banner/logo1/Conrad_Logo_120x60.png
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=20504700034430604438266012512005&a=63a9d708
Protocol
H2
Server
104.19.241.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76621d3b2561de39d3266e42c194d7e0265989a375a2e234be586fa227573e8c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal90005.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:37 GMT
via
1.1 google
cf-cache-status
HIT
strict-transport-security
max-age=15552000
age
5874
cf-polished
origFmt=png, origSize=2194
content-disposition
inline; filename="Conrad_Logo_120x60.webp"
content-length
1012
cf-bgj
imgq:85,h2pri
last-modified
Mon, 06 Feb 2023 15:01:05 GMT
server
cloudflare
etag
"892-5f4094ce178c6"
vary
Accept
content-type
image/webp
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
827f2c420ab80488-CDG
expires
Sat, 18 Nov 2023 13:26:37 GMT

Redirect headers

Date
Sat, 18 Nov 2023 09:26:36 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://ct.conrad.ch/content-chb2c/affiliate/banner/logo1/Conrad_Logo_120x60.png
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
/
hal9000.redintelligence.net/scale/ Frame D130 		25 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/11287/creativesup/NativeAd_Fruehling_1200x627.jpg
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=20504700034430604438266012512005&a=63a9d708
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
686e328bb99a6f1cb897023e1cf2bb20907efc895069fe086005a84fb80fe1c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal90005.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 09:26:36 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
24889
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame D130 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/71572/creativesup/iQ_Online-Deutschkurse_1200x627px.jpg
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=20504700034430604438266012512005&a=63a9d708
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
4dfa6580a31cb84d795125a78177f0d300e99eb3fecd99eabc47a354b651e653

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal90005.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 09:26:36 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
10145
Vary
Accept-Encoding
Content-Type
image/png
652d26b6843eb9eeda76728d
c.bannerflow.net/a/ Frame F0B8 		70 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/a/652d26b6843eb9eeda76728d?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssZ-UFH0pfFNAsY-ikl_lPYXIVNJ5iNo_hIkmS0m3Uc_7axWjw-RCv3WHVlq-i3P_gNDwFXWbpVtWf8rudvWSOBViCJeM48teykOwy-3XtI7PvBBZ5IMTgmOwSSZeKVqcReDW-a2mv5I3wuVf_pyRgXaYEkEH6ZR_2NwTicakh5lLz_o0HX98bzxJTWQI7H1GwfcXZjskG1teoExmySMWkY6jnbRowGQZPqrI8CbtF8RT0YItDtEkp989gbZYkHhFLzuuD7_OfQUEDJRIHmsSVmUBDwRr-K1pq-umLRWjg0TaMMtrID98UkxfoVjfYUNLJysgpkPbtsGckHsJaZsew4YrawbwLavZfQmKRhgifKBy4rFVNQFNY0s8hq9BhiiPR2HEDs2rJSvSAYtbjYU8WuDLKSDi6K_uhMCTW9EX2e4M5shG129ZJ-ljAL8d0Rp1kuwNr0mkt7JCo8SD44ZfeFZNm-BawJ6wRYpyOk0yPqxccWTX9pMK60fuCGAhl_ZWo4fY6miyLeQh4B6uxaTd_bR0ytLysCih6rupjr3sHAHIR6FdWAxXO8W6QrABdNE10LvgNybYH3okct7idVwNwK64LvSLfaFw55xEMhNzjqEjgGA61tvLdfQ-33to9ua4knN1U2w-sck_wrVdUiRDb4AoSO40hQqxn6Pv4htwDdVylPpVapUin6PZLAhRQW1mIgm3fC0_D0SVLcs6XBt3ZuCQ7PkqRymeT8go6kNlCWW7EhHAffIYKirpAzriNo77YGxqyjBXNWGlP9SdJsW9QqtTnkzxhzmAw3-Bl2hwexYoZaMK3UQ4EP0dJckzTyfBsQvOR5kZiOYSDu-Dwj54ovETLFAoKCfcWEtaikyNX0zR21E_toBe8UI3ptLM2aF3wiRSwb4ukfzgV_Z7BUrtxU2XbCJvKbIXFijxcKRmkwWYgwHYi6Fq4BEWlZzkwAR55btkyHb78NmM-idgVs2Yv53n0a7Uj_fTkysPsjrVcyv1SN5U2vQ8UeEsO0elqABuio57r8hdfS5DibLgA-PnqAVDgeibzHk6K06uCGzC2vEQ0_8_veg2ljkVw1pOLgvziKgfamTJsKgnKFH-Rl0JtLyDYbtKN0bihVr4Uavp0E-h8LhKQyqtJvZfdMQIiWgR160oEZ-7TA0NNhxBwq0dxk0iCLNWdFZjoKrMdKHSLnCg3guUR8gYR_osd7q2GifK1e3V-yMNAE55NLcsSnyhUxQx-y7BCh61qNwwyq6VeYDjd4ntFanZRzDFeOX_XdqrHE5yy9BMuJIHtKScm031zUzvbi_drx_YxRKkTn9r4UNhNP581aS8AeYJHJ8ypA4a_GlzWkEjzBra0L5NylCVJCswLSTKae0cCO43gqwGC6oFKJv_Msv9Q42ssPuDbRqeNu89aW6pZT4bAjxzvyGj-kYR-XPZDrJZz8gPtWM2eMBsZBkMYtQI7CtCWAX03NB5HUWdCQnp2WP9Ud6t5YKQzjqm9A%26sai%3DAMfl-YTu_t8jc2IDS7vxwEo_DSWKfAW_SInzO6mxxwp8U0aa0BPyLJQk4DqsQL2W9Q8tZalsHswBMphdL3fHiMcFbG9AnvUIvophjtPViWGUEg3g9FWgZnt12Z8KgVjZGZ-ayiRhMUzase-sBFmxa1BZ08DeUAYLiUplNbwVbpmV75FHCPpmkg4YB4AWxF_KVBhFpjMbPS4VAUepyPDgcx90quAfMxxqYeHXVM0Bg5VUS_Zes7fcyqwWjm82_Acg2buYblA_G4N0fBzrPJ1q3G4OuaOINAk-n049%26sig%3DCg0ArKJSzJUTEQDyRaaeEAE%26pr%3D67%3A0.119843%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fproducts%252Flisted-options%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285515_525707621
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12403473053583933440/CH-DE_Options_Product_Range-1-DECH-728x90-638330546660072439-8f797ce9-0fac-42dc-a7b3-b732475546d3.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03d545202ded079b782dd3003825ccaade849837a71c704904e5c9535d91c7b3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:37 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 18 Nov 2023 09:26:37 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, s-maxage=10
cf-ray
827f2c41c85a24c4-ZRH
request-context
appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 408C
Redirect Chain
  • https://track.adform.net/banners/scripts/rmb/Adform.DHTML.js
  • https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:36 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:02:22 GMT
server
nginx
x-amz-request-id
tx00000dcb04a2980ec1f5a-0063765ffa-329373d4-default
etag
W/"4731aef0a5114a59b4311776d270e848"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800

Redirect headers

location
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
date
Sat, 18 Nov 2023 09:26:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
content-type
text/html
652d26b6843eb9eeda76728d
c.bannerflow.net/a/ Frame 20F0 		70 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/a/652d26b6843eb9eeda76728d?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuPfAsaWFTKZqJYAQYNqd8Du6f8XchFRyoyIeSPD5DqN4F3tfRQQeqQ0_HwDYWkzRWmvVLt4s-JX28UW1RQBKddJ0nZAd6xL2fZQkZv36BSZa7kiv1eU2Y1lCW5KJ3yy-DTQQ2u8gt6YuzG9sTOHbnwh3Mtus2-NrW3CsGxFCB2-ScO7B0_eeuVQvBWp6gDQ9JDv_6wRV0dM0J2wsRCrpBPjXGSw26PzpMD2CD9_SATRaLcez-9r2V4j910LCH6dKAGVyKwa6XCsrDp0Wdgmc6T9UITd4ofD8JyKMAg79epBhfP67DoirFa1xzalR6fKCHuHt7Tgs_k3H6NZqD2bRlSPqSTXAtNCnReCBSkNHGtiSoIBW5IoR8hmXuJ7Z6J41sDU_xiU475VfmOpqZWVGMkMieYMjYcAdj1aviU7p3F-aMJADNw9yzGnwDFgyzcCzRHDIENe2lqJylRfAzcyCf-f3Tb5Z2dZLVeh0eiwUl3oxmKLVRi_5vW1fr7YowVztcq5j-G0SWBc-LAny3Xsp_mMoaMEhJ6P66uHCtmklKsbv-bsirZ8WVysiPBFPYUf023ZYgWhxi6V0FHzinp7C-c9i2pR6AU5jw8xYyA9GdkBLdsg0Acq8WPbpAt7akVNi1sTtjlGbwrV5ejCWPtIdqgUutr-GJrfISU8_DVnZBYjVWtWOfqMHX3sd8N5kEref0ASzEBeDCvurX-rsrVMn6xdLBwkRmTazIsBkZMkTVLAhds275WiA9vTTlLS3_rDYjZX7ePh8wIoVqWckHevXLy5clBg_adl-8Iy5xqIKWRJHxTaOCbM56WjpKUG16h9DIiELmtCAvpwgkkOUW4CpJ7d2jWgZ1oC7R7-NJ104hIO1MmXV-uWuIOqS5Y1uyUduADDBLKKcrc6V2UzI5JPec33ib6nhpldqglwY5PI2jgfjLMZfzUrQj1E9pCcBohL09yTk8mDdYxdxdsNJfSDAGViqPGGO_YlWPOFgcGsZNalqyxl1uqeRDkRCcD8tskLdWYlf9iOMzdZ_An0DXhM6X1LuLBWsZGcpJrmcRfD7SdSUclZcHpv7doBkx4ziuZ1NgUlreaQPe-WnYi2QYKkSlWVfBald4xtN1ZIGPFNSc4Z6R1yJT1VBAJkV20b8meAjL3ciL2cqrNwXgNh8ry3Okr-4rvRcK_lFUGYHzqwvA6DuAfqA2qDe8VLnMwbNtzSxw_K88wx71FyDZkwbszo69xUwnCP6g1YcnFU-wOAEbec-AEa6mXzSlnhyr65sTh6xRGTDK1BpocLLif2CSlY4VOlO-qyrGGnjrxoQdgancBxB14Az8biMRifAviq79IrEUigrCbff8EPUXYRUjuWO3q67v1ktAuKkp717yNMUEtRrusX9wMcCs-OdRlM25EHQcLp23h_fETGE7jsNy8b0DZj33DVVKzTOr7DcDxbiSH78ZUodr_QA81w81Qao9Cu1pnnxcFGbDwrV1quWVGyWXQmVz7Qw%26sai%3DAMfl-YS0HQC0tIMZB6Z-xdS2_YWdFcpdKfSRM7BBEc_yooU6B81rxHJanlRmlnBHm7VPvwbmohzceerVVMQTc1Uyw2YE1q_Fw90FagDg5oFsBHKt-VJeHFn-v7g15aiaWVFcgLDpARNFOqkgLX0n1JbsDseR9MoHAXt7xUrPQqhOfzzgXx1auky4F7MYincEOm3iUjpzD76_Vi3HPZ9weVqyXeTyWfTnDcAUPfBCBFJDmyaZkhzOjL_1GgeZENTbrsk9t5Pv2p5429Hiux4bKl61fzPuQ9WkBQz1%26sig%3DCg0ArKJSzF4xJJ5wL9QWEAE%26pr%3D67%3A0.119843%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fproducts%252Flisted-options%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285515_525707621
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12403473053583933440/CH-DE_Options_Product_Range-1-DECH-728x90-638330546660072439-8f797ce9-0fac-42dc-a7b3-b732475546d3.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03d545202ded079b782dd3003825ccaade849837a71c704904e5c9535d91c7b3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:37 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 18 Nov 2023 09:26:37 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, s-maxage=10
cf-ray
827f2c41c86724c4-ZRH
request-context
appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:36 GMT
x-amzn-RequestId
c23d1971-1be1-a1b5-9fef-9cfdc189709f
/
kinesis.us-east-1.amazonaws.com/ Frame AFD5 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
84d20d6d9646eac4d68b2ef87e2ba5ef7131c4f7831be173c4fc2819074da6e0

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=b92fb35dd9bf2f86b732652e57da3667da6d03207a8a9c3ded2843ea7fb6827e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
80793de3b040a4c5f6b486b49674518b0a9a986f6b3f3baf0e7c30f19e189c1b
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092636Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:36 GMT
x-amzn-RequestId
f7556098-35c2-d3fa-aa87-e514efaa02d0
Content-Length
133
x-amz-id-2
PicE10izocR45EZDij2teHepA+jhuMBkR/qzQnryFB8fIXVKo5iBA3BqGoxB9lC5P8dOSl4NTp1j0d4Z60+bNX0sp0EzOkEV
Content-Type
application/x-amz-json-1.1
csi
csi.gstatic.com/ Frame B063 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lp3uh99n&chm=1&c=4076639824696142&ctx=2&qqid=CKGsjcedzYIDFTUIVQgdZSsAkA&met.4=fb.ra~lb.4n0~cmrload.57a~ol.5pv~idt.-gq~dt.-1bg&met.3=492.rd_1~443.5j0~441.5j4~440.5pk~440.5pq~443.5pq~438.5pq~441.5pu~438.5pu~439.5pu~438.5pu~113.6c3_5~112.6c1_7&met.1=1.lp3uh2xl~6.a~7.a~8.a~9.a~10.a~12.f~13.1g~14.1i~15.7y~16.547~17.547~18.548~19.5pc~20.5pc~21.5pw~22.4oy~23.4oy&met.7=CBsQCBgBKAowNjj0OWgPcDR4iReAAd0UiAGSMLABAbgBAw~CBsQDSDuBDjiAg~CBsQCiDbBzjABA~CBsQCiDcBzjJAg~CBsQBiDiBziDAw~CBsQBiDiBziCAw~CBsQBiDiBzjFAg~CBsQBiDiBziPBA~CBsQBiDiBzirAg~CB4QChgBIOIHKOIHMMQLOOIDaPEKcMMLeIAMgAHUCYgBgRWwAQG4AQM~CBwQChgBIOMHKOMHMMMLOOEDaPEKcMILeIlFgAHdQogB8KEBsAEBuAED~CBsQBhgBIOMHKOMHML4IOFs~CBEQChgBIOMHKOMHMMELON8DUOYHWPEKYJkKaPEKcMALeK40gAGCMogBi70BsAEBuAED~CCoQChgBIOMHKOMHMKQNOMEFUIAIWMYLYLIKaMcLcPkMeNr-A4ABrvwDiAHd0AywAQG4AQM~CBsQBiDjBzj5AQ~CBsQCiCDGDiQAw~CBsQDSDoGDjUBQ~CBsQDSCsGTjCBg~CBsQBSCyGTiLGA~CBsQDSDAGTisBg~CBsQDSDBGTg8~CBsQDSD9HTitBA~CBsQDSD_HTjGAQ~CBsQDSCBHjjEAQ~CBsQDSCpHziMAw~CBsQCiDJIThg~CBsQDSCCIjjJAg~CBsQDSD1KTh0~CBsQDSD_KTi4Ag~CBsQDSDYLTiHAg~CBsQBSD0LjjZCg~CBwQBRgBIPkuKPkuMLsvOENoji9wuy94lgeAAeoEiAGWCbABAbgBAw~CBsQCiDuMDhW~CBsQASCVODg8~CBsQDSDxOTikAg~CCEQBhgBIPM5KPM5MM86OFw~CCgQChgBIKo7KKo7MPQ7OEpoqztw8zt40cABgAGlvgGIAf_-A7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:36 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FD3A 		0
59 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3831359033749&version=m202311060101&ct=76&x=67&cor=18129275253088823000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:36 GMT
x-amzn-RequestId
f6b10ae3-00e8-3aa0-ab63-8f6f153ed5ab
/
kinesis.us-east-1.amazonaws.com/ Frame AFD5 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
e48a63110f0df8c1b2cf588844afa848d8ea61738fccd2e2925dc32dfc3f896b

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=75bb2acf8252d3c688277d7584c8c468bf85e03a67286d927b6dacee93b15a57
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
e88cc3c8edb4cb0dd0b4e58efc04c13e39f2e9627c264198649c035bf9d7968d
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092636Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:37 GMT
x-amzn-RequestId
f4c336cc-55b4-a5c7-a911-b34140624acc
Content-Length
133
x-amz-id-2
H3ELsakyk08YeAqlnyO4RLAPT2IV+uzpwX0MKTZjBMMdrzZn9K6l/ZmvAeN6C7DffH4ZgPlPtwrd8Pe84XXKU48mc3V57PY6
Content-Type
application/x-amz-json-1.1
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame AFD5 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 09:26:36 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame AFD5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssmQ1lFx2dQNrxqJQAsWrMxXTD-gH38ITxf9y6l4kfSI-k810nyy_HeZHFGWALX2zEU4U95049mTagMx1S7KzqUuGPyYImwu76hXL_C4eXRKl1xcFphvPjTH-KpNzoZVQPa0PoU3Wbj9kwLXMY--NmFpFXXIEpMd5w2FS9-WDhnWyJfMAAw9WhSts2ETQJ0yx5pn4UFPfvQ6gWbMa1uEEsUYzznpYYDSydTBwUs8ow1abIIPhFEo5-u49uNJDU4bCJxhc9laZdufW_rEa5M9m7VVDLnNhaGyplrAUzQsPNDG__pcM_fGSBwGo-jtWtZGgAuni04rryqYNt2-VXgMyEX_wcrt7N1-Z-1ssMvodtPnnwBQ3003MzYLmvy2YPm04v8lX8dNy2MkdxJqdzEnkEio2jK7AsrhOV3x3pwVHTLQDVxY7EC3ptMF41HzCY0cgnhXkZ_IYzxGKC6-7vHkkU4aUAlvP8EJfC7ScNjxGPNDXd5Cwj3mqyxXKVzBLwF80pF84bK4PB5Hu19SCSvETqPAp0pjMXMi6r3-D2vvXda4Su7ssTBzMKMkCj9JO_eyCqUDil5O3RJEO92yA0Rqy9QjPRsniOmq5kyCikp0zp5d68Vlq5BI3OL5f3c-4i4AXIFEhkkBcyUXGxpKsOLXVlplOQbG7ZzRMu9avAeIr5ltMCn0xbeJFBs7tEI8fcj1hkC9LqFeMGzZmmqtFakxMGfl552nTWQ3RJ-5EcMDbBVbYjNAmlHP8xaPUmgZSwBwkyB-VH2_vr3v_tr1mLEB3sC1RtrSfV1VMX-7XAKH13NQmnp1zbnCnUQS8YE_ODc0t0oDe2-xDSHsKRi4B3LnGm-okknGdI4LyYHBt0ebMT4D92msQ7H0SaREOGuz3gqoYaFF11i3LlI5yKKUzSySyraVHGd07gwumOS_y8_qYZBqAAX9seM51cO5AhyzvpzeDI7SbUM8ebJVMvRYSyLywNYxGsl6HMasvHLtESLwZa3RXq9ORCKDJkIvgIv38-ve-Nwfgp-Zaj0xfhgd71xP_-R82zN2zOoAwTuDXa2fwcBOoqw850V5wIBrQ8SjspRziVMmTr8ZnR-4o-95vtVC5lrtm-IgkIhQwGns53SJERkVO32W_FLI77aTuqL6vV8n0VGadMOhytkvESbJCD40qNeGpzUU5ItpEq6SQ970ebOvuSF3BygB18GlQxixH2_A2ODKMF1iyBvcuai75ndOUkep7A-r6TAbJbcq78YgfzUkMi-jlvAonja_7ODY4WKtJ7C-etPEf-_BFJoTAWf8EOWQEEdjBcFnbd8rGBwgaRXaUuLmcDPm12s1auU3N-0N8ud94_x8x4jOroZxvaGBCwTXGMTH6tN3yhAeuhvNyypIVJDMCYEh8u3OyfnZVxEe0Fsb6EiQAGfBfpwM-vI_YyCdXF0Nqu9ExBov7f5HKmuy5XQDBhU&sai=AMfl-YRKuLiMacVM5r-v7JoPxyyIkxijSrBsFjEiQAatysZbuSz8jLK0SR4BPADxXa27ubVrfxM5EPaRDAEWobFThSjfR0V02zF_cGREczghciHl8JJb9k974qzLy_wx2f1a5cZpAL8L7tCTtkKy8fg2mrt4uae9diiBVG4IXPRyAFKg9WZyLKckD8VsjeAIbbj9ocP6TFE1s7syWJzMwAw3q1Hu7osx4WvrDFbeGkyGr1croVKYTe1Ud5dDE9twGCnvVDe5UtxF8tLvsjodndJroQ&sig=Cg0ArKJSzNRLywz3Et3iEAE&uach_m=[UACH]&pr=8:414555A0233F1638&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1687&vt=11&dtpt=574&dett=3&cstd=1687&cisv=r20231109.72634&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
CH-EN_Options_Core_Messaging-1-Global-300x600-638325444140859338-7a0e12a8-cfa6-4117-9cfc-18a44ed9c9bc.html
s0.2mdn.net/sadbundle/878616523147575296/ Frame 0461 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/878616523147575296/CH-EN_Options_Core_Messaging-1-Global-300x600-638325444140859338-7a0e12a8-cfa6-4117-9cfc-18a44ed9c9bc.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
sffe /
Resource Hash
0ee9e911116d9c87ebf25b8d22119d94618cbe958de58d405af3b58226eb3932
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
214149
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1418
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 21:57:27 GMT
expires
Thu, 14 Nov 2024 21:57:27 GMT
last-modified
Tue, 10 Oct 2023 14:20:22 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame AFD5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CtSXhR4NYZee-Ev2G1PIPmIeGoAqH9JKQXOjrpun1BMCNtwEQASAAYPWFyoHcBIIBF2NhLXB1Yi0zOTQ0OTU0ODYyMzE2MjgzyAEJ4AIAqAMByAMCqgSIAk_QGuwg9Mee07jWiJNeBQEbPIyKQQVKrLD6pLkqlnwRiz6wXIf0bwhszzqH-0QvAf7-Ph96TSH8DEx0YBXay7paUdKxRHuJPPCi63bXBKqkDuCUUA-Y1zotpcHIk3QXnk_07xqwp-pq5b6RzS4xBd4muplW-lWrqzkWBNvW4ES17e7bR-TIFsOFgnDqyT5MO1iUM__n4mr34ogHncp9EY8vRlIREsFXiK8r9rwiENnKk2zBaOBFq1XWTBEMbz9EutV-AA-DjyQnfn7w7hbqKwS8T8TPXh6UDKpGv--bePG8xOQ91NgKTgULqTcp-FXcYNLHQJmtey5px5ALI4BrMSteS3ADuv9ziuAEAYAGqJ-T-tjF5IcKoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKA_oLAggBgAwB4g0TCPvlmcmdzYIDFX0DVQgdmIMBpNAVAYAXAbIXHAoaEhRwdWItMzk0NDk1NDg2MjMxNjI4MxiY2xA&sigh=ogK7G_lWSEo&uach_m=[UACH]&cid=CAQSPADICaaND3FDbz696pzw6A86mPNpjrl7nnwxnkttxMh-STF3qkvyoFQZyIHB7hRID99SSqkCpmV1W3z6MhgB&tpd=AGWhJmug283nW6oLDNi9r2cQIXjxBKpd0sNrsWtvKmbCyn085aGb-JRsoR9QWMXsHKNGqF1h5u2A-rerldQvSmjCksKzWzMOsayL4tWVdfR-iRYd7TC1cyqpS-B0ebGSnKRaP--tADzczgh0AHUFZDSSJ5nx8ERbhOxQsyon_5FokuIsno7U7NRjlu4mrlAnMAT8mqbKqb0Fe1GqJQcY5vxgIuabjJTH6XiT_YgkziaJ1CQVsSEpf9jTRV-Og3DwFWteG4K5bDLH3a3HVQ5Lc6kOxha93r44ae20tdB8SgxGZDw1MAyaJuay-bevp6AndKygIEYF48q3Z78z-AMim4rq4jHWw1AQqdoT1WhubaY5onehm8u7vdfSlrgKxHF9fTmptBSEePSCDxBq1f1V2JsOAlJAV9pnNDreXL9dLbYEHwu2vB_AsO_HJPd5hTDNAdVQN0AEOZwKaUqeEi--nfDycEJ4yni71aTY6TLZoHGAmypzKe9UOEQbS2UEoR27Al3k2mqLpX9-lJpGyHJsa87dNLKMxz-cwgvD0z8SIkU0BCnJ0gtmOS8HnISrwwiKb6MFyPYV-0-0QRugW6t4ptrb5Plt6Lev8CE1FOPPCdmSq2O0A3-CKbfAXyGCsb4Jmyad0AiugZwCGwcXy47KmdnYjCH47z_hsLWMi_5z6wKujfZSzyIWvECDzXlgEnaLLmDh4tSAkLjG_ghNoVMDHgTynac_LcVUpnjqRzqxnwD0u-yYfieu7wDitzvjEqkPnWg&cbvp=2&vis=1
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame F0DA
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlZpRFRBQUFodWdCMkFCVQ==&google_gid=CAESEF6Z2M7TRDm4C9xnsYiV5es&google_cver=1&google_push=AXcoOmQdvVjcz7zYDZzBUJeA9A3VorwYMz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlZpRFRBQUFodWdCMkFCVQ==&google_gid=CAESEF6Z2M7TRDm4C9xnsYiV5es&google_cver=1&google_push=AXcoOmQdvVjcz7zYDZzBUJeA9A3VorwYMz4HRyXc2SumzVKdQrK2Z5snCBQmuwOHQxiNmONsWn0ykVPPSfW475ymt2cbENuKcK2meQ
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-vie6325-VIE
pragma
no-cache
date
Sat, 18 Nov 2023 09:26:36 GMT
via
1.1 varnish
server
Varnish
x-timer
S1700299597.972752,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlZpRFRBQUFodWdCMkFCVQ==&google_gid=CAESEF6Z2M7TRDm4C9xnsYiV5es&google_cver=1&google_push=AXcoOmQdvVjcz7zYDZzBUJeA9A3VorwYMz4HRyXc2SumzVKdQrK2Z5snCBQmuwOHQxiNmONsWn0ykVPPSfW475ymt2cbENuKcK2meQ
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame F0DA
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESENEry3vG7MJ-T22lr76Irqw&google_cver=1&google_push=AXcoOmSG1smXame-TrGetYTI0XhlNdL_ByrMzbWSsIp0u3sZhgpNBxY4lGwuFF0AqjynUNb0D5ptDwSC0RHUYm...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjczMTE1MzkzMDkwOTg0MA%3D%3D&google_push=AXcoOmSG1smXame-TrGetYTI0XhlNdL_ByrMzbWSsIp0u3sZhgpNBxY4lGwuFF0AqjynUNb0D5ptDwSC0RHUYmOd2i...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjczMTE1MzkzMDkwOTg0MA%3D%3D&google_push=AXcoOmSG1smXame-TrGetYTI0XhlNdL_ByrMzbWSsIp0u3sZhgpNBxY4lGwuFF0AqjynUNb0D5ptDwSC0RHUYmOd2iH6CrrOH7J8
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjczMTE1MzkzMDkwOTg0MA%3D%3D&google_push=AXcoOmSG1smXame-TrGetYTI0XhlNdL_ByrMzbWSsIp0u3sZhgpNBxY4lGwuFF0AqjynUNb0D5ptDwSC0RHUYmOd2iH6CrrOH7J8
Date
Sat, 18 Nov 2023 09:26:36 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame F0DA
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESENBEHDh0raE0Y77ecHs4djE&google_cver=1&google_push=AXcoOmSmy7kWEAze7W-bwDJpT_Qh8TOZ3QXCK2Kn-dLqS3k5KGqkjBq1gRHn0AvxQjg8EB0U1h5Aq5VAJBNscdd3joqHmeb...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSmy7kWEAze7W-bwDJpT_Qh8TOZ3QXCK2Kn-dLqS3k5KGqkjBq1gRHn0AvxQjg8EB0U1h5Aq5VAJBNscdd3joqHmebd-DqMRg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSmy7kWEAze7W-bwDJpT_Qh8TOZ3QXCK2Kn-dLqS3k5KGqkjBq1gRHn0AvxQjg8EB0U1h5Aq5VAJBNscdd3joqHmebd-DqMRg
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSmy7kWEAze7W-bwDJpT_Qh8TOZ3QXCK2Kn-dLqS3k5KGqkjBq1gRHn0AvxQjg8EB0U1h5Aq5VAJBNscdd3joqHmebd-DqMRg
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame F0DA
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENScDt1iPmW729WNVXdJCII&google_cver=1&google_push=AXcoOmS_5UgBQZg5_yg9uwoYIGh9orbOtET9_VKXT9iUse1J8_U2aljvhx07boja_DNGSKbAH_Bg-iubDgtroHnc7...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmS_5UgBQZg5_yg9uwoYIGh9orbOtET9_VKXT9iUse1J8_U2aljvhx07boja_DNGSKbAH_Bg-iubDgtroHnc7V2UPMkNL_i2kA&google_hm=HrRWqQZHIY778zB1T1OV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmS_5UgBQZg5_yg9uwoYIGh9orbOtET9_VKXT9iUse1J8_U2aljvhx07boja_DNGSKbAH_Bg-iubDgtroHnc7V2UPMkNL_i2kA&google_hm=HrRWqQZHIY778zB1T1OVMcYz
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 18 Nov 2023 09:26:37 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmS_5UgBQZg5_yg9uwoYIGh9orbOtET9_VKXT9iUse1J8_U2aljvhx07boja_DNGSKbAH_Bg-iubDgtroHnc7V2UPMkNL_i2kA&google_hm=HrRWqQZHIY778zB1T1OVMcYz
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2sea1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame F0DA
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE...
  • https://sync.targeting.unrulymedia.com/csync/RX-906d15be-1972-4e9d-bd7d-18ae1ca45bb1-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRPJKt337--I_ifd5B6Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRPJKt337--I_ifd5B6Y-hMZ0npQnOmklEvbohh66RZeVt_PhG-dzCDzx4kCW_dp0kEB8vMtktHsx94rOqP2ebLisB6GxbkOg&google_hm=A5BtFb4Zck6dvX0YrhykW7E
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRPJKt337--I_ifd5B6Y-hMZ0npQnOmklEvbohh66RZeVt_PhG-dzCDzx4kCW_dp0kEB8vMtktHsx94rOqP2ebLisB6GxbkOg&google_hm=A5BtFb4Zck6dvX0YrhykW7E
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRPJKt337--I_ifd5B6Y-hMZ0npQnOmklEvbohh66RZeVt_PhG-dzCDzx4kCW_dp0kEB8vMtktHsx94rOqP2ebLisB6GxbkOg&google_hm=A5BtFb4Zck6dvX0YrhykW7E
date
Sat, 18 Nov 2023 09:26:37 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX906d15be19724e9dbd7d18ae1ca45bb1003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame F0DA
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmRpJ-WfvtyHyOlvvIWVMmkT4-1Hs2pxW_U7Wf8iPHbPkUE6AYJWjIB-M0-MUE2pq5GKnhWNeFFLFQWrY_hRXJiYLZUFUQAg-Q&google_gid=CAESEL0SgtmcDOP...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL0SgtmcDOPt0proOLngvmQ&google_hm=T1BVNjkzMWE0N2IzNWNiNDBmZGFiN2YzNjIyMzkzZWM5M2U&google_nid=opera_norway_as&google_push=AXcoOmRpJ-Wf...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL0SgtmcDOPt0proOLngvmQ&google_hm=T1BVNjkzMWE0N2IzNWNiNDBmZGFiN2YzNjIyMzkzZWM5M2U&google_nid=opera_norway_as&google_push=AXcoOmRpJ-WfvtyHyOlvvIWVMmkT4-1Hs2pxW_U7Wf8iPHbPkUE6AYJWjIB-M0-MUE2pq5GKnhWNeFFLFQWrY_hRXJiYLZUFUQAg-Q
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:36 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL0SgtmcDOPt0proOLngvmQ&google_hm=T1BVNjkzMWE0N2IzNWNiNDBmZGFiN2YzNjIyMzkzZWM5M2U&google_nid=opera_norway_as&google_push=AXcoOmRpJ-WfvtyHyOlvvIWVMmkT4-1Hs2pxW_U7Wf8iPHbPkUE6AYJWjIB-M0-MUE2pq5GKnhWNeFFLFQWrY_hRXJiYLZUFUQAg-Q
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
326
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F0DA
Redirect Chain
  • https://trace.mediago.io/cs/google?google_gid=CAESEJkAPqh_G8yp9t2icYv_zqM&google_cver=1&google_push=AXcoOmQRmBCtpwvhmucyK-ZvxH7ZllwltGTC8AO6etr9dd-yU5xBULwmbV_CMDRnLT1s4FM5raleYC02HbDGLd-WwoNdlrR-H...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQRmBCtpwvhmucyK-ZvxH7ZllwltGTC8AO6etr9dd-yU5xBULwmbV_CMDRnLT1s4FM5raleYC02HbDGLd-WwoNdlrR-Hi8jZHs&google_hm=f34e969978f...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQRmBCtpwvhmucyK-ZvxH7ZllwltGTC8AO6etr9dd-yU5xBULwmbV_CMDRnLT1s4FM5raleYC02HbDGLd-WwoNdlrR-Hi8jZHs&google_hm=f34e969978f0b1271k9hgw00lp3uh87v
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQRmBCtpwvhmucyK-ZvxH7ZllwltGTC8AO6etr9dd-yU5xBULwmbV_CMDRnLT1s4FM5raleYC02HbDGLd-WwoNdlrR-Hi8jZHs&google_hm=f34e969978f0b1271k9hgw00lp3uh87v
date
Sat, 18 Nov 2023 09:26:37 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
content-type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame F0DA 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L0TaRRPwQMeiqznxinbNddFurjcfqBGn7qP5NNxmurP5zWXBodS6bS5gNS258fJh6ljm0VZas
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
652d25f2843eb9eeda767251
c.bannerflow.net/a/ Frame FB58 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/a/652d25f2843eb9eeda767251?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsu0SfDSRm9QKTl3QIJtXssZusSkWj6_H7O6sSlQWQV8Vb5sJzGthOimRkEyuooQf3oRdBZnuZBXldTvMR5jK59oCeam5wwJEaFmHbx5JCpMohvWlomzBfQa5t7fE3FOU-kZuk7qfT1NNQTGnNYSHcZgqbnqPJ5RZZx5AZus8M-HPKGTTfFA3Y47D019zps9sR8gOjTijTE0WWwJXHXd12K3FfXEzmSUwVc6e9Y1jUdPh_l5TzBoND2E5hnbkFpMJnCBMvcX6S5WJYPBF58oxlcb_V2DaEdRqmBD1AioF2lr25xBgedPEqYu7Cw1_iKV9wHiwSn9wo5XxlkHYy5Fa0Fjg6tuKtGJxC7MwGLfdF6mwohnpEs5LoscoZ4J36P4pW6IfSZ3BoOhBPFe9_bf3oOZVh8bYDBpD2YCC0KrsKoj5g20YAeEzvoNNEEm8NEXReuVIOAWJCbuZJjfRBTSgPQiG8FPRQK3mZQzdmnVrwKobYFdLkIYe7IjJfxzMoNGhGR2eDx9N7q5mZegsbm8-4kkyU7xLFVGst_Y_Wj2pH3lsuiNWPVzWfmzI2NED-1KZ-P_XoWID1xK1w7V-_6PHeLGAQgV544Gpe5RF045hH45Nmz1n_G0OCvR42aiXCpkp0viMIIUPSax7zSHPFvEZTAe1WH_VP0iIoWZHejNRiqHL4QNz4NNEvDDFRDmAMdCxTKBr6OxKEtWDgNHQnk7mrYuxFDc43G9CJBvFYhFc90CFlsq_C3iXChNg4gAQa_acohKq-M1ljGqvljoDoDGAsa-uSzukDxqeFIDKvHm02NwvnvCh1oGqPA4q-0EL_fGK2O4et-agbtA3l5aKqNuXKlfHuGi7CsPou4mS362wVDZGQp5Ac7vcrghhXUoq2ytkn0P79F0IqSQsI5qKKMAbk02I4Ru1MOkNuTbAOSgd9LHC6erWKvOJJ1pAxwFLKYLkKB8sfjz4QZjRd4piL9B0adloYNCz2anKIkUuMjqxC7u6VZ3_r542fcPY15iCesCXdQbRXkg4tFHicyRLASLrLsL17IByz_BabhAwNESXKv94IxUpMtiRt1fZrY1L1fi2sOs32Fr2iJoOmY3T7wZ5XsGznzqbru9dF-yuyZCj6ntIYICc9GUMhqawO1iFSYgyU_s6pu6w27HkZsQlD6orHD1gpMLQlIt6eWeTsmhYGMPtAwSiJUOhZdnWnY1NbCCGkR19tgPpyvp_dw6dwAgeFt1pAumW8bF7Nti2LI2Y811SGWa4w_SaPq71idOJF5km6E87FZvCYtXhg6px_KVVnS39CGN4azxYQFQkSsb45gM4JSf0VZ0_PaHdyLkgJ4Wvd2fiNHlGrQ0d4UaFEU133svSBTLmnA-gTHw9j-A5DJVCSZn66ED-LNgzcyZN6EWUVQTkpvocRRnOoSYF2v6FnB6CxPnVLDTMlq8XH3boFjsJDX4gAloKODxoXsg9gRuql0k-qQqjaoyp5U%26sai%3DAMfl-YS3SXYB1GeofkiCIGQZK0RL9XB4KirW_zCpFP8m4e-0QmgjDxJKq1f5SbBMgx_bkK6FAflBDRXoE9l-Q9g1CKDCukZh-W7tDeSPOHv_V9RP8RCs5Hvv-wxOPkh-VqTqn3dwKzS2HyXx9v9jsMfQ8YoFjTxQVehg-TMhAUlXfKHU5WQ7w5T2JwqHQ-vHTIarmBgyZEyEWbfRzVX_F2S1sx8Ac36Cn7ptLkKKtrOl-zBOaAnlTwnhOLykcuMLYVkNSfhaOfRjwrlNmzUnlkaIXytw1F-WeplF%26sig%3DCg0ArKJSzI5O3KpS2tm6EAE%26pr%3D67%3A0.119843%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fen-ch%252Fcampaigns%252Ftrading-gold%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285515_525707621
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4861987547447820288/CH_DE_Price_Gold-1-ENCH-728x90-638330544809535212-9013d0e8-9e15-487f-a049-f6d6eac29397.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
908ee4e8be9d2335eeccd1de048cc36aa6ef2a7998e06618f8c68c4759626a60

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:37 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 18 Nov 2023 09:26:37 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, s-maxage=10
cf-ray
827f2c41c85f24c4-ZRH
request-context
appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
652d261c843eb9eeda767266
c.bannerflow.net/a/ Frame 017E 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/a/652d261c843eb9eeda767266?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssRxeFXxDyo3De2Pi3Vhm1Qr_UJfAiP7GKTCZB05kzdu20TXw4_maYS_a3u1hP3sibf-KCRMbnYmqK_HJ-mnUNV32v-dC8Yqwp1aSDG_p9ts6YwyImM3ArtWjcUP6agpBZrk8Q1g6Hgdt9wrVMog7PgNzBtglZb89sWxH1gZEUWXor_ADJziDm81pV59fzmbSp6PknHnWLtlOZsl6ykPxpdsF2bA5s1E6dlxzYBmzaLMF9L9cKge6FYgqT-6LDvpRtolmp4Cg0iuc7pePo5i-wj4zVfVCHPfJ9M95F8pr3rRMJc8bs6Hlb5JJtJrS8E2OPfzI77rklk1I52Xqt9DX1kl-tEDhOEjSN1unjP-FN7o6nw3gzmlqWSAlksMijJyRhau7FC59lAkY9UxBqXxHs9J2iiQfNe0YHxqjeC4enQMTa6XjMI_-CTI4EWg8z3CgttBd5dan7_k0JHKXXTOi30YuLdfGKcJ0gysyGkBc-G7VANGpeFuv0Ci5F9_DDlggQUVokz9ae-Q1jh-RHPJV7i-8NWRzEJNC9N5_bJQgxK0Z7jhZcGIIL0jEeMNp9Thz085Y8VeC_WtcjN849RH8emqViz5IrpV_AOEXSX6qMDW9DQCA3pYMnFmAP_W_xKqcozVErAknX3Nfe_2ktkmubvlVrkSOCM7uUX1nuOBTRFUheym_4IELoHSmH6CzmvlwcBU6EpQC1LB61igG0TaQzzJ2r1WKEj6idEZn5oEdBvlrWvAX-JW9UdqRifH2jx-3941WwVjiNLHvEC13zISyebbSO1Bf18FdiRBS-vzvomP2V98aDu4WzwSAWSP_fSjNPoyTm0hkPvGWH5Cq2Oq1cN7dfOSHzIOKXptNALyVvuSA0fiXdi0-ZRAA7CaOj_3JJyOv4tUPhHtLNPNKvnLD6TbjDrrWxRFryQRDxacDvfxssq_tYl25NBkpykU4HivIEBLhTZYIJSmKeZ98NipnSHYsMqcXeuFuGTrjwQcRBQuksZjHnHGroZRheTpMeyIMLqDzu26InhPw_Xhpz-AbONFhmRGxmdW04cNKG8db50Lb19DyOWm1wMj5BJ4AkX7A1YNBH5C3IBltuUceWffKiFadj2yMIC7Tykv8dFoF2TSGaOJd6X24bIya4ynv_djADoqIN2zU2ML5K0mrsadcjoh8iVO5kwKf76PLGRzkgFKik4hhE9AG6XvzovQhII4DkRnMPdb1g8vMv3s4oLsIBJHisNI72WVDR7syQ8n3eKXHHLUQIXHotYvMgPLvfmIcr5_0Bt23Hlg4g2k2iRAj5XBwHABNEVRXqlEVpR8YO7N9ul9-MGbuF3nEtjPKI6KcEI1QbBSbZnx97NOy-Nmn7zU-NBiMlQD2zqBAgXigfpzClUprr6CfOUbhtJCI1JVLN6KidrSS4XgfgT5-CjL9tZzeHO6Njk63MtxtCPISxMIHmHVa2rgp4KNj0G__uuLokDEgXJ1Z50RcFNdsV2iNGTzmO6%26sai%3DAMfl-YQaMX6XqXq8u_L9uNOvhNT4JyOl7SDxiVlHckkl5rFBaUntrYBV8x_UA81y_9815_6lK67U-lv8jHv2eSmsxjNkWQ73dppv5EHtwYFlJOVY09WWx6icNNFp9HYmLI7KjYDlublOkqX0LPbIGZKCQnAw9ygzSpxm0tPrcv3kKCPelmY5YiFCZa_q23tBJoMApi1_5kkx6esI33_k63s_-VdlptM3-NtyBBGHC6Hf1DxC8uy5Vjpe2FMCB9ioaZGCUBA1-5nXB5L-atPoLcGtoWOr_LO9Ov48%26sig%3DCg0ArKJSzDG4mMaS8ptpEAE%26pr%3D67%3A0.136704%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fproducts%252Fforex%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285515_525707621
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18180890864186818560/CH-DE_FX_Productrange-2-DECH-728x90-638330545160052832-df08ecc5-0d94-4367-9809-0dfd7fcec4ca.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fcbee980e745d60a339bae632746b8c28da2eccb95afb4e4ce2b98ed1015a2a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:37 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 18 Nov 2023 09:26:37 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, s-maxage=10
cf-ray
827f2c41c86424c4-ZRH
request-context
appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
viewability
hal90005.redintelligence.net/ Frame D130 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90005.redintelligence.net/viewability?s=20504700034430604438266012512005&a=313e4362&vb=m
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=20504700034430604438266012512005&a=63a9d708
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal90005.redintelligence.net/request_content.php?s=20504700034430604438266012512005&a=63a9d708
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 09:26:37 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
652d261c843eb9eeda767266
c.bannerflow.net/a/ Frame 5DA7 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/a/652d261c843eb9eeda767266?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvsAZbv5UQ7YhbVeQdUUm2-2fc1FlSCeyw2rMsLF8aSj8h6ncA-zrll9f4DNN1DGziLuihtcs9E4WAKEhc3xvkrrhe3wJUtTMkCfHA9j5hU_UKBJRGHfI9hM6YX-XFbmyX_Ft2TqUrE-pQp27WaKVO3A-FZS-fLk951manRYxSIxyZUvb-ctpJXbae-nXqWo5r2fSybXcaPMzOI3_HrnrtoD68Z0ejnCAttSQeMod6Sz0Cm48hfUJeM4fa4aTwk_bFqop4T3PfFi-XNxMThWLiesq3vNXDvh2DNlp55_EE6hkdTHasOG7HC02iyNq8W19glbgBnNKYPEmgfWo7t796VdN31oSSCGw7L1altBP9zjWOzLNNqvZ-CQOnhuIxvQbmWUv5wRmbxh0naPmBWcB1u94XB9EaoYFbaAIputPPJ52RIHIDXoZz8u43ftq-rMChiZFBlOeVkccGAy0gQ4xHWNh_b_dgLGu3b0jdMhJi9A1tb46cziT7Hy_b5rXgLZvKOp7HdqJho8P3wHx2bP0VQ55lEkfmyA5Qo8Uy5g5eUoxdaemkvmsvZlzySVMtCUmm7PEtVzTBiUwOC_5Q3tJFw8OsAXqs_kkKCmPoIKg6QcG_T6qLMCtv7V2fxieBZUM00IwOUhXtn_H6Xhc_uy0yWGAyA4vxLqhUvTQgny6OnKjswfVxvED9HVnaBOztztqk0LwhFZi7hO_OjUonY4sDkDlBj45Um839CyFXTx06vF9owgJ4OPsEL3YdHAydalHBU5mDeDRvhVaLwY7FMJmhkLVGuRYaGr0YjelH5rmFiAby_ATVnMaIfeywcN6XBDfeaU8GOusBBQUJgguuzMyYG8dNxjfk1aXTx_viOJLN1kLZ_2urd1TvMQ9qRROdn8aujrhNLUXgIF9wqPggZRAWmxVCPKU2O3dIRZez5QW6yfVv3kCS0FS_SHdf-DvIxzcgFk72J6XLhF8TaaECyDMzTtj_hX3myEmPrqO4uyio6pDq65wfORHc3qcct0c1oOR66LcLC14qRdIiXYwLDfI0mnDhTm9Fub8_b4drbY8LxIeZikjhr_6tjw80i9IaI6bLLw0VkHj87QRPIHOt89dF7wmbS-G5wuKqeJC8ilCI5Rf__rG5MIOl8y7kcw7QaWiFX60yrDOJi9C9HCdSMFaHkssMcgA51qayzqB0ZxOeSXKk8KYAnKxMoM5TxM3cd2ighNnpldr4DOw4O8WDepOzOCP_mqV72s1r6eUCM4G8OZV_L7S-GfAp8AIdkcu8MlFmtaRRVZ1ScI82BKwAFYo7F4lwlLLxpLbt2mK-xV35cbsHKtoTWQKjweFfdWF85lfABz6nlLHl5GcRKR3Dw7x0jfwE6K2Hjohk-Eio3msn5Jv8kcTIt4ClGafwV3oJeFKSc1lh6_8M6i_RiuH1hhED5SCVU-Ell8q4gSg0-OtW5EXCuo0sTAuc20ZNECxGbmSkHsgSpu7QVUEFsBOaAmzptM0eWpg%26sai%3DAMfl-YRbhFBE322qcLLjTxF1KtyTySLA4Wl_sVAZ-30bCuo9Fk1LuBPaCPaHNvoglavRBb6TCuLGz9mHTrHohlTpNgX6DWuUGj1gKK9rbvc_Dot2tZB2miUFUDEWOY_wrcxZ6Qny0wr-AHwnhUWutiWE2qb2ngr4Mc1uYSGVVLAQKG7QLg0dtqrCmtXlH3bWgW5Y6bN8ntUpjzh2k-vfnFiZ7hcb-1qij-FYSg7IH-SVhNNV54HAOFtpY-_i88by1D-g357Y6tyoC7V3f-oPGC03NTapah-UBXVq%26sig%3DCg0ArKJSzGQY69rlVFb1EAE%26pr%3D67%3A0.136704%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fproducts%252Fforex%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285515_525707621
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18180890864186818560/CH-DE_FX_Productrange-2-DECH-728x90-638330545160052832-df08ecc5-0d94-4367-9809-0dfd7fcec4ca.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fcbee980e745d60a339bae632746b8c28da2eccb95afb4e4ce2b98ed1015a2a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:37 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 18 Nov 2023 09:26:37 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, s-maxage=10
cf-ray
827f2c41c86024c4-ZRH
request-context
appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
65264552843eb9eeda76293a
c.bannerflow.net/a/ Frame F02C 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/a/65264552843eb9eeda76293a?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsstOsOMcO6K1CsOSo7oxLBgm7BOlbOLmq_HTdXjkgKvZAo7gXnjpcl6OZisao8yAQ1cwI2Z03xEexMgUCj_wUaeDsq4ZBnmRLczjnLuP1roOSVNvdWHYJlRBIkVoQlTy4mNK0PIrnC9QZJFAERNmFoyByuI0dyl36tKCEAlBsYIX325Mq_DjVytl3s8NlwLjtVTcTeDZ2hcTP6aJof7jU4Ei4_ZYp9Bjcg9Z6iPRX4XGiaCqOCc6w9EeRQnxeLNrjMgorlzlxadD2Dy6qWOl3UZzgfL0mwqyBQVHqnEtWMVzg2a19lr83j8KGbCBbQKrHFwzbxbX5Ko_8r6d5Eoew45j-t-3ma_SO0a5rWIcj4cfROF0OPnRGgWWKz-tXvtvMBUZI9mmFCN0UbyXpLBJ1ol33eySD-GiVTNl-vkVUap8VgYZU_yLKTkJHTmJgQ9r5xGaYATuXrsExZS8sUFsMnLLn8FZ6K1qXd-bNXE8x0VwPKK_lr1SgEQkQHz-9dbo-sZpt1NWrPumBhNP1AAfYfTmfIcFa6LK9TMk8stEguiBy2dhoWkdg5rNR19dEmm86IzcbY-RmMbB8B8rdRhIlgqDFjzFL3j-PNk7a6IAa1_bCqoC5ai9YRaEYvWvrfo2KnHq0Zv6x_ZexTeCM8VDU5MGBHJ4PZSOHGXAAuUOBPS2sMpWDbmQDqkeLsXFpmWAjK7j64J5g3ena8j6tXEuySarpgFiT9Hr036UqFaXE35m6B8BAqcWMyfvkyXD2cfZc5jZh_7FcUoWZykbA2bJy1ehvX3eSc6Ie-psV2OC5BuBx5suzdnOs1xEk-j5PTieRf1zoQUVjr8piFtfckyA-LZxn16C3e_bVt6vX1-w3bRmpaWHuT4a0xjJdjA2I7uUu2ZGxWvGCFMQBXBEFQFzbZ_QB9UNmhfJbN4UWjbN9UfV1R3NyMwvBbjiJON3YE5nVUZdz-KSoxT2ZMotqwpgVV4QkltmWzm1k39UUGB4Oyei5zMRniRM4dlQiQ1eiEo7SVN1fkFQH5RiuDaDqTPSE26ZhOzuGQgjm06KtuoOCKQCYbSzQse5ZFbWBbm9PClH1NS-DXhvX6EZdHTj3nOTtCohJNuUwTjl00WLiAXkDa373zsCXNJ1JIxTED2_pJRujOTSiQYJzh8NAwu8Kx83QlXTpt_qF6JyDtFlnax1LjghQx2Vkg2h7JLpApXiInE_8lQaALZ2iUTaakdmbPkR5OUY8ZfoCO1DjpjWMGoIAQ4fYX1oJkGciFcID9jxkASVOTCq1_w0QfelYYbn2-iXREjTTTRvtLlTQtMgHNnbB7oN9aDIJ-9AtMGNtwq1OALg9Tbyi_z5xAjqqNZsTk4qVeE5IUjgCrjJI8c7O8ju3NheeKLkSJ1uljFuCiVxMBtxamaAkZVzw1mOFGRXSK634_0jkyq6WD9rNHQUNo5sxLMtg1fieDnI8XcCWn5NgxpNpTjwO4XigbOrjNqg8loeAo%26sai%3DAMfl-YQdx_Z9ckfxvm269VUjbsgnfPP4ALmwMjTXww4GnB_KC_ulMN9Wb4gPKeSaqCKDKvMHaid9Ooxhx20GZ3hijuYeDTfS_XKu-_HGmBTTEk065dSLmhwOncmQaB8LZaseZEArPQTcjmhuxklwaLAX6VR8z5oI2H5cwK0gC_DhsRX7U8bgepJdHspuHKERVvcm0AxJONUbWiIWGtl5dIWDWVKpo50yTRaNXUqcygdaOskVDcyzJetQkzhHkPvqckPVQmrLm8Jx_1a-ELArz88BMLQ9NLO7ER_V%26sig%3DCg0ArKJSzEMlzCHiunrPEAE%26pr%3D8%3A489F9114CF8ACACE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fen-ch%252Fproducts%252Fcfds%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014735043_20642292212_524464410%2523platforms
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17177723152520708096/CH-EN_CFD_Price-1-Singapore-728x90-638326037557461764-6116462f-2685-4f3a-a48c-89017f79f1b9.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b665e5be543fddecc7656aa3ad9d413555226c9bb83756abbc4f73d2569eb956

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:37 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 18 Nov 2023 09:26:37 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, s-maxage=10
cf-ray
827f2c41d88524c4-ZRH
request-context
appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
gen_204
pagead2.googlesyndication.com/pagead/ Frame F7F0 		0
59 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6786117196072&version=m202309260101&ct=76&x=67&cor=14211877173526102000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C9B3 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6459644328000&version=m202309260101&ct=76&x=67&cor=12428669718799270000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 7E2E 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:09:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
58619
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Nov 2024 17:09:38 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame AFD5 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
25679e64b105c0acb0da7fe3cf9f7988027e9511a28c536f5ea322ac08e642dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 08:29:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
3422
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24357
x-xss-protection
0
server
cafe
etag
17020722232796629264
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 09:29:35 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DEB4 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2340849309513&version=m202311060101&ct=76&x=67&cor=1832682424014107400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 6063 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lp3uh9j9&chm=1&c=4076639824696142&ctx=2&qqid=COW14sedzYIDFQQV4Aod6Y8C9g&met.4=fb.1fd~lb.4mu~cmrload.50n~ol.5kw~idt.e6~dt.-gk&met.3=443.5cv~441.5cw~440.5kj~440.5kq~443.5kq~438.5kq~441.5kw~438.5kw~439.5kw~438.5kw~113.69o_2~112.69n_3&met.1=1.lp3uh39m~6.a~7.a~8.a~9.a~10.a~12.d~13.1k~14.1m~15.mu~16.4vn~17.4vn~18.4vn~19.5ka~20.5ka~21.5kw&met.7=CBsQCBgBKAowOjjAOGgOcDl4iReAAd0UiAGSMLABAbgBAw~CBsQDSCdDTiWAQ~CCEQBBgBIL0OKL0OMLQPOHc~CBsQCiC_DjhC~CBsQCiDADjhd~CBsQBiDIDji5Ag~CBsQBiDIDji4Ag~CBsQBiDIDji3Ag~CBsQBiDIDjh1~CBsQBiDJDjhU~CB4QChgBIMkOKMkOMMIPOHlozA5wwQ94gAyAAdQJiAGBFbABAbgBAw~CBsQBhgBIMkOKMkOMP8QOLYC~CBwQChgBIMkOKMkOML8POHZozA5wvg94iUWAAd1CiAHwoQGwAQG4AQM~CBEQChgBIMkOKMkOMMEPOHdozQ5wvw94rjSAAYIyiAGLvQGwAQG4AQM~CCoQChgBIMkOKMkOMLcROO4CaM0OcLIReNr-A4ABrvwDiAHd0AywAQG4AQM~CBsQBiDJDjjZAg~CBsQDSDgGDi1Ag~CBsQDSD1GDjwBA~CBsQDSChGTi7BA~CBsQDSCiGThG~CBsQCiCSGzhT~CBsQDSDPHjjLAg~CBsQCiD-JThX~CBsQBSDwLji7CQ~CBwQBRgBIPMuKPMuMMEvOE5o9y5wwC94lgeAAeoEiAGWCbABAbgBAw~CBsQCiDeLzjlAQ~CBsQASCpNjhl~CBsQDSC_ODisAg~CCgQChgBIPU6KPU6MLk7OERo9TpwtTt40cABgAGlvgGIAf_-A7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:37 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 6063 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=2~lp3uh9qu&chm=1&c=4076639824696142&ctx=2&qqid=COW14sedzYIDFQQV4Aod6Y8C9g&met.6=6.1_ChAYxgcgpAEqCAgEEgQQATABChAYlgkg4AEqCAgEEgQQATABChAYggsglAEqCAgEEgQQATABChAYngwgqwIqCAgBEgQQATABChAY0g4gmwEqCAgEEgQQATABCg8Y-Q8geyoICAQSBBABMAEKEBivESCSASoICAQSBBABMAEKEBigEyCoASoICAQSBBABMAEKDBiFFSCOASoECAgSAAoLGKgWIH8qBAgIEgAKCxi2FyBbKgQICBIACgsYkxggOyoECAgSAAoLGNsYIEsqBAgIEgAKDBipGSCLASoECAgSAAoPGOQfIFMqCAgEEgQQATABCg8YxCAgSioICAQSBBABMAEKDxifISBIKggIBBIEEAEwAQoQGKMiIJYBKggIBBIEEAEwAQoMGL8jIJABKgQICBIACg8Y2yQgWCoICAQSBBABMAEKDxi_JyBAKggIBBIEEAEwAQoPGIkpIEMqCAgEEgQQATABCg8Y0ikgRCoICAQSBBABMAEKCxjDKyBEKgQICBIACgsY8C4gNyoECAgSAAoPGL8xIEwqCAgEEgQQATABCgsYwjMgayoECAUSAAoLGNM4IHwqBAgFEgA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:37 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame FD3A 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lp3uh9jd&chm=1&c=4076639824696142&ctx=2&qqid=CPSO4sedzYIDFU5H4AodaNUPMw&met.4=fb.14h~lb.3yi~cmrload.4ki~ol.5b3~idt.fu~dt.-ew&met.3=492.14i~374.4vw~440.5ap~440.5az~443.5az~438.5az~441.5b2~438.5b2~439.5b2~438.5b2~113.6bs_4~112.6br_5&met.1=1.lp3uh37m~6.a~7.a~8.a~9.a~10.a~12.c~13.2c~14.2d~15.nw~16.4k4~17.4k4~18.4k5~19.5a7~20.5aa~21.5b3&met.7=CBsQCBgBKAowVTjfNWgMcFR4iReAAd0UiAGSMLABAbgBAw~CBsQCiCzCzg7~CCgQBRgBILQLKLQLMJANONwBaLQMcI8NeJQDgAFoiAGZArABAbgBAw~CBwQChgBILULKLULMK8MOHtouQtwqAx4wYICgAGVgAKIAcHfBbABAbgBAw~CBsQBiC9CzhB~CBsQBiC9CzhC~CBwQBhgBIL0LKL0LMKQMOGdowgtwngx41gKAASqIASqwAQG4AQM~CBwQBhgBIL0LKL0LMJ0MOGBowgtwkAx4rAKwAQG4AQM~CB4QChgBIL0LKL0LMPELODRowgtw8At4gAyAAdQJiAGBFbABAbgBAw~CBwQChgBIL0LKL0LMO8LODJowgtw6wt4iUWAAd1CiAHwoQGwAQG4AQM~CBsQBhgBIL4LKL4LMPILODQ~CBEQChgBIL4LKL4LMPALODNowgtw7wt4rjSAAYIyiAGLvQGwAQG4AQM~CCoQChgBIL4LKL4LML0MOIABaMILcKQMeNr-A4ABrvwDiAHd0AywAQG4AQM~CBsQBiC-CzhJ~CBsQDSCTFzjEBA~CBsQDSDMFzjKBQ~CBsQDSDrFzivBQ~CBsQDSDsFzh9~CBwQARgBIJ0bKJ0bMOsbOE5onhtw6ht4rAKwAQG4AQM~CBwQARgBIJ8bKJ8bMPQbOFRooBtw8xt4rAKwAQG4AQM~CCgQChgBIKkbKKkbMIwcOGNoqhtwiBx4wrgCgAGWtgKIAYvnBbABAbgBAw~CBsQDSCiHTidBA~CCkQChgBIPQgKPQgMKclOLMEUIUhWKkkYLgjaKokcPckeKq5AoAB_rYCiAGx9QawAQG4AQM~CBwQChgBIPUgKPUgMJwhOCho9yBwmyF4miOAAe4giAGAWLABAbgBAw~CAkQChgBIPsgKPsgMLYhODto_CBwtSF4jl-AAeJciAH2-AGwAQG4AQM~CCcQChgBIP0gKP0gMLQhODho_SBwsyF4nW-AAfFsiAHpyQKwAQG4AQM~CBwQBRgBIJsmKJsmMMomOC5ooCZwySZ4lgeAAeoEiAGWCbABAbgBAw~CCIQBBgBIMYtKMYtMKMvON0BaMcucKIveKwCsAEBuAED~CCkQBhgBIMYtKMYtMOUzOJ8GQPgvSPgvUPgvWJ4zYKoyaJ4zcOQzeIVYgAHZVYgB2VWwAQG4AQM~CCcQBRgBILUwKLUwMPQwOD9otzBw8zB4oWiAAfVliAH-sAKwAQG4AQM~CBsQDSDdNTiKAg~CCoQChgBIOY1KOY1MNQ3OO8BaOY1cPk2eNr-A4ABrvwDiAHd0AywAQG4AQM~CCIQBBgBIOc1KOc1MLo2OFNo5zVwuTZ4rAKwAQG4AQM~CB8QBRgBIOc1KOc1MJU2OC5o6TVwlDZ4tg2AAYoLiAHgHbABAbgBAw~CCEQBhgBIOg1KOg1ML02OFU~CCgQChgBIPk3KPk3MKU4OC1o-TdwoTh40cABgAGlvgGIAf_-A7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:37 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame F7F0 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lp3uh9ka&chm=1&c=4076639824696142&ctx=2&qqid=CK_d4sedzYIDFX0DVQgdmIMBpA&met.4=fb.17w~lb.40a~cmrload.4pe~ol.5g1~idt.fc~dt.-fe&met.3=492.17x_1~374.4vg~440.5fp~440.5fy~443.5fy~438.5fy~441.5g0~438.5g0~439.5g0~438.5g0~113.6bq_3~112.6bp_3&met.1=1.lp3uh38l~6.c~7.c~8.c~9.c~10.c~12.f~13.2b~14.2c~15.nd~16.4k4~17.4k4~18.4k4~19.5fc~20.5fe~21.5g1&met.7=CBsQCBgBKAwwVDiRN2gPcFN4iReAAd0UiAGSMLABAbgBAw~CBsQCiCvDDgz~CCgQBRgBILAMKLAMMIENOFFoswxwgA14lAOAAWiIAZYCsAEBuAED~CBwQChgBILEMKLEMMKsNOHtosQxwiw14qfgBgAH99QGIAYXHBbABAbgBAw~CBsQBiC5DDhL~CBsQBiC5DDhK~CBwQBhgBILkMKLkMMJENOFhoxgxwkQ141gKAASqIASqwAQG4AQM~CBwQBhgBILkMKLkMMJENOFhoxgxwkA14rAKwAQG4AQM~CB4QChgBILoMKLoMMIANOEZoxwxw_gx4gAyAAdQJiAGBFbABAbgBAw~CBwQChgBILoMKLoMMPAMODdoxwxw6wx4iUWAAd1CiAHwoQGwAQG4AQM~CBsQBhgBILoMKLoMMPcMODw~CBEQChgBILoMKLoMMP4MOERoxwxw-wx4rjSAAYIyiAGLvQGwAQG4AQM~CCoQChgBILoMKLoMMLYOOPsBaMcMcIsOeNr-A4ABrvwDiAHd0AywAQG4AQM~CBsQBiC7DDhR~CBsQDSC_GDj0Ag~CBsQDSDUGDibBQ~CBsQDSDnGDiIBQ~CBsQDSDoGDhR~CBwQARgBIIwbKIwbMOMbOFdojhtw4Rt4rAKwAQG4AQM~CBwQARgBIJQbKJQbMOQbOFBolRtw4ht4rAKwAQG4AQM~CCgQChgBILIbKLIbMLAcOH5ovhtwqBx40rkCgAGmtwKIAYPoBbABAbgBAw~CBsQDSCzHjjqAg~CCkQChgBIKwhKKwhMIYlONoDaIgkcIIleKq5AoAB_rYCiAGx9QawAQG4AQM~CBwQChgBIKwhKKwhMNEhOCZorSFw0CF4miOAAe4giAGAWLABAbgBAw~CAkQChgBILEhKLEhMOIhODFosSFw4SF4jl-AAeJciAH2-AGwAQG4AQM~CCcQChgBILIhKLIhMNshOClosiFw1iF4nW-AAfFsiAHpyQKwAQG4AQM~CBwQBRgBILMmKLMmMPImOD9owyZw8SZ4lgeAAeoEiAGWCbABAbgBAw~CCIQBBgBIKstKKstMIIvONcBaKQucP8ueKwCsAEBuAED~CCkQBhgBIKwtKKwtMMozOJ8GaPsycMMzeLppgAGOZ4gBjmewAQG4AQM~CCcQBRgBIL8wKL8wMO0xOK8BaMIwcOYxeKFogAH1ZYgB_rACsAEBuAED~CBsQDSCQNziJAw~CCoQChgBIJk3KJk3MNo4OMIBaJk3cKU4eNr-A4ABrvwDiAHd0AywAQG4AQM~CCIQBBgBIJo3KJo3MI04OHNomjdwhzh4rAKwAQG4AQM~CB8QBRgBIJo3KJo3MOY3OExonDdw5Td4tg2AAYoLiAHgHbABAbgBAw~CCEQBhgBIJs3KJs3MIw4OHI~CCgQChgBIKQ4KKQ4MOo4OEVoqThw6Dh40cABgAGlvgGIAf_-A7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:37 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6391 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6858108197445&version=m202309260101&ct=76&x=67&cor=5306489620349902000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame C9B3 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lp3uh9ml&chm=1&c=4076639824696142&ctx=2&qqid=CMmS4sedzYIDFZQUVQgdBcUICQ&met.4=fb.1j1~lb.3zt~cmrload.4nl~ol.5f4~idt.ck~dt.-i6&met.3=492.1j2~374.4tk~440.5et~440.5f0~443.5f0~438.5f0~441.5f3~438.5f3~439.5f3~438.5f3~113.6c2_6~112.6c1_7&met.1=1.lp3uh3aj~6.9~7.9~8.9~9.9~10.9~12.c~13.1c~14.1d~15.mc~16.4io~17.4io~18.4ip~19.5eh~20.5ej~21.5f4&met.7=CBsQCBgBKAkwMTjwNmgMcDB4iReAAd0UiAGSMLABAbgBAw~CBsQCiC_DziBAg~CCgQBRgBIMEPKMEPMPIROLECaMQPcPEReJ4EgAHyAYgBrAWwAQG4AQM~CBwQChgBIMEPKMEPMIoSOMkCaMIPcIgSeKn4AYAB_fUBiAGFxwWwAQG4AQM~CBsQBiDJDziaAg~CBsQBiDJDziGAg~CBwQBhgBIMoPKMoPMOsROKICaNUPcOcReNYCgAEqiAEqsAEBuAED~CBwQBhgBIMoPKMoPMOwROKMCaNUPcOYReKwCsAEBuAED~CB4QChgBIMoPKMoPMLsROPEBaNUPcLkReIAMgAHUCYgBgRWwAQG4AQM~CBwQChgBIMoPKMoPMLQROOoBaNUPcLMReIlFgAHdQogB8KEBsAEBuAED~CBsQBhgBIMoPKMoPMMUROPoB~CBEQChgBIMsPKMsPMLYROOsBaNUPcLQReK40gAGCMogBi70BsAEBuAED~CCoQChgBIMsPKMsPMJsSONACaNUPcPgReNr-A4ABrvwDiAHd0AywAQG4AQM~CBsQBiDLDzilAg~CBwQARgBIMkbKMkbMJkcOFBoyhtwmBx4rAKwAQG4AQM~CBwQARgBIMobKMobMKQcOFpoyxtwoxx4rAKwAQG4AQM~CCgQChgBINQbKNQbMMkcOHVo1RtwxBx44LgCgAG0tgKIAY_nBbABAbgBAw~CBsQDSDcGzgx~CBsQDSDpGziJBA~CBsQDSD3Gzj8Aw~CBsQDSD4Gzhc~CCkQChgBIL0hKL0hML8kOIIDaMIjcLYkeKq5AoAB_rYCiAGx9QawAQG4AQM~CBwQChgBIL0hKL0hMIYiOEhoviFwgSJ4miOAAe4giAGAWLABAbgBAw~CAkQChgBIMMhKMMhMJ0iOFtowyFwnCJ4jl-AAeJciAH2-AGwAQG4AQM~CCcQChgBIMQhKMQhMJoiOFZoxCFwmCJ4nW-AAfFsiAHpyQKwAQG4AQM~CBsQDSDyITilAg~CBwQBRgBIIQmKIQmMLsmODdoiyZwtiZ4lgeAAeoEiAGWCbABAbgBAw~CCIQBBgBIOosKOosMLIuOMkBUPMsWN0tYPgsaN4tcLIueKwCsAEBuAED~CCkQBhgBIOosKOosMI8zOKYGaLUycIUzeNZ0gAGqcogBqnKwAQG4AQM~CCcQBRgBIIcwKIcwMNExOMoBaJEwcLwxeKFogAH1ZYgB_rACsAEBuAED~CBsQDSDvNjjSAg~CCoQChgBIPY2KPY2MNs4OOUBaPc2cLI4eNr-A4ABrvwDiAHd0AywAQG4AQM~CCIQBBgBIPc2KPc2MMc3OFBo9zZwxzd4rAKwAQG4AQM~CB8QBRgBIPc2KPc2MLM3ODto-TZwsjd4tg2AAYoLiAHgHbABAbgBAw~CCEQBhgBIPg2KPg2MNQ3OFw~CCgQChgBIKQ4KKQ4MOI4OD5opThw3Th40cABgAGlvgGIAf_-A7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:37 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6480988eb614435d92f82804
c.bannerflow.net/a/ Frame F44B 		73 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/a/6480988eb614435d92f82804?did=5ced02fe0fd60d000186f5ac&deeplink=off&domain=https%3a%2f%2ffbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com%2f
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9b14e67d6abdf2b3978726bbced8dc6504afff35bc37a9c1f4663e717097403

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:37 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 18 Nov 2023 09:26:37 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, s-maxage=10
cf-ray
827f2c437c7d24c4-ZRH
request-context
appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
csi
csi.gstatic.com/ Frame DEB4 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lp3uh9ra&chm=1&c=4076639824696142&ctx=2&qqid=CJKJ4sedzYIDFQEr4AodgtIFsQ&met.4=fb.xf~lb.3yp~cmrload.4ti~ol.5kk~idt.g5~dt.-el&met.3=492.xg_2~374.521~440.5k9~440.5kh~443.5ki~438.5ki~441.5kk~438.5kk~439.5kk~438.5kk~113.6km_2~112.6km_3&met.1=1.lp3uh36p~6.b~7.b~8.b~9.b~10.b~12.f~13.1h~14.1i~15.oa~16.4sj~17.4sk~18.4sk~19.5k0~20.5k2~21.5kk&met.7=CBsQCBgBKAwwNzi0OGgPcDZ4iReAAd0UiAGSMLABAbgBAw~CBsQCiC3CTirAQ~CCgQBRgBILwJKLwJMLANOPUDQMEJSMEJUMEJWNYMYPMLaNYMcK4NeJQDgAFoiAGZArABAbgBAw~CBwQChgBILwJKLwJMNkKOJ0BaL0JcM0KeMGCAoABlYACiAHB3wWwAQG4AQM~CBsQBiDMCTh9~CBsQBiDMCTh7~CBwQBhgBIMwJKMwJMNEKOIUBaOwJcNAKeNYCgAEqiAEqsAEBuAED~CBwQBhgBIMwJKMwJMM4KOIIBaOwJcM0KeKwCsAEBuAED~CB4QChgBIMwJKMwJMLwKOHBo7AlwuQp4gAyAAdQJiAGBFbABAbgBAw~CBwQChgBINIJKNIJMLYKOGRo7Alwsgp4iUWAAd1CiAHwoQGwAQG4AQM~CBsQBhgBINIJKNIJMMYKOHQ~CBEQChgBINIJKNIJMLkKOGdo7Qlwtwp4rjSAAYIyiAGLvQGwAQG4AQM~CCoQChgBINIJKNIJMOsKOJkBaO0JcNQKeNr-A4ABrvwDiAHd0AywAQG4AQM~CBsQBiDTCTh-~CBsQDSClGDjWAw~CBsQDSDLGDj_BQ~CBsQDSD5GDjaBA~CBsQDSD5GDhl~CBwQARgBIJYaKJYaMIgbOHJolxpwhxt4rAKwAQG4AQM~CBwQARgBILMaKLMaMIkbOFZouRpwiBt4rAKwAQG4AQM~CCgQChgBIJ0bKJ0bMIscOG5onhtwgRx4pbkCgAH5tgKIAbLoBbABAbgBAw~CBsQDSDmHTidAw~CCkQChgBIIYmKIYmMMkmOENohyZwxiZ4qrkCgAH-tgKIAbH1BrABAbgBAw~CBwQChgBIIYmKIYmMNQmOE5ohyZw0yZ4miOAAe4giAGAWLABAbgBAw~CAkQChgBIJAmKJAmMNYmOEZokCZw1SZ4jl-AAeJciAH2-AGwAQG4AQM~CCcQChgBIJImKJImMNsmOElokyZw1yZ4nW-AAfFsiAHpyQKwAQG4AQM~CBwQBRgBIIwoKIwoMM4oOENojihwzih4lgeAAeoEiAGWCbABAbgBAw~CCkQBhgBILouKLouMJA0ONYFaMAzcI80eIVYgAHZVYgB2VWwAQG4AQM~CCIQBBgBILsuKLsuMMcvOIwBaOkucMMveKwCsAEBuAED~CCcQBRgBIOYxKOYxMOQyOH5o6zFw5DJ4oWiAAfVliAH-sAKwAQG4AQM~CBsQDSCzODi5Ag~CCoQChgBIL04KL04MOY5OKkBaMA4cL45eNr-A4ABrvwDiAHd0AywAQG4AQM~CCIQBBgBIL44KL44MOo5OKwBaMA4cOc5eKwCsAEBuAED~CB8QBRgBIL84KL84MOo4OCtowzhw6Th4tg2AAYoLiAHgHbABAbgBAw~CCEQBhgBIL84KL84MKw5OG0~CCgQChgBII87KI87MMA7ODFokDtwvDt40cABgAGlvgGIAf_-A7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:37 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A740 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6769459255102&version=m202309260101&ct=76&x=8&cor=11716939986703930000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AFD5 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstCUPMj_aOXi2KL7hqWdcSQdQlbumthtcW3hhU94R5XLc_uUa02eCM6h8CGozZ0N1FeXFcb1pRYguGa7XkCcO4tHRacy4QtCK57yyZykXM4_vUCORvF8A&sig=Cg0ArKJSzAOWHdI76stNEAE&id=lidar2&mcvt=1095&p=159,1140,759,1440&mtos=1095,1095,1095,1095,1095&tos=1095,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=663577002&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700299592567&rpt=3720&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6480988eb614435d92f82804
c.bannerflow.net/a/ Frame 408C 		73 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/a/6480988eb614435d92f82804?did=5ced02fe0fd60d000186f5ac&deeplink=off&domain=https%3a%2f%2ffbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com%2f
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f704d05dfe66a5578584fa0e057739e66bd0a9ad820f2efa7ccded63d459518

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:37 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sat, 18 Nov 2023 09:26:37 GMT
server
cloudflare
age
0
cf-polished
origSize=74482
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, s-maxage=10
cf-ray
827f2c43dd7324c4-ZRH
request-context
appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
csi
csi.gstatic.com/ Frame 6391 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lp3uh9u4&chm=1&c=4076639824696142&ctx=2&qqid=CJjt4sedzYIDFZuL3godRhMAGQ&met.4=fb.1lm~lb.47p~cmrload.4t0~ol.5hn~idt.c1~dt.-ip&met.3=492.1ln~374.514~440.5hc~440.5hj~443.5hk~438.5hk~441.5hm~438.5hm~439.5hm~438.5hm~113.6ih_2~112.6ih_2&met.1=1.lp3uh3bn~6.d~7.d~8.d~9.d~10.d~12.l~13.1j~14.1k~15.lo~16.4q2~17.4q2~18.4q2~19.5h4~20.5h5~21.5hn&met.7=CBsQCBgBKA0wODjLN2gUcDd4iReAAd0UiAGSMLABAbgBAw~CBsQCiCcEDiIAQ~CCgQBRgBIJ0QKJ0QMKAXOIMHaKAWcJ8XeNsDgAGvAYgB_wOwAQG4AQM~CBwQChgBIJ4QKJ4QMJMSOPUBaJ4QcIcSeKn4AYAB_fUBiAGFxwWwAQG4AQM~CBsQBiCmEDiYAQ~CBsQBiCnEDiCAQ~CBwQBhgBIKgQKKgQMMYROJ8BaKgQcMUReNYCgAEqiAEqsAEBuAED~CBwQBhgBIKkQKKkQMMUROJwBaKoQcL8ReKwCsAEBuAED~CB4QChgBIKkQKKkQMJQROGtorBBwkxF4gAyAAdQJiAGBFbABAbgBAw~CBwQChgBIKkQKKkQMI8ROGZorBBwjhF4iUWAAd1CiAHwoQGwAQG4AQM~CBsQBhgBIKkQKKkQMJ4ROHU~CBEQChgBIKkQKKkQMJEROGhorRBwjxF4rjSAAYIyiAGLvQGwAQG4AQM~CCoQChgBIKkQKKkQMLcSOI4CaK0QcJgSeNr-A4ABrvwDiAHd0AywAQG4AQM~CBsQBiCqEDieAQ~CBwQARgBIMkgKMkgMKMhOFpozSBwoiF4rAKwAQG4AQM~CBwQARgBIMogKMogMKQhOFpozSBwpCF4rAKwAQG4AQM~CCgQChgBINMgKNMgMOAhOI0BaNQgcLoheMK5AoABlrcCiAGm6AWwAQG4AQM~CBsQDSCnIThR~CBsQDSCxITilAg~CBsQDSDBITipAg~CBsQDSDCIThm~CBsQDSDjJjiWAg~CCkQChgBIPsoKPsoMKUpOCpo_Chwoyl4qrkCgAH-tgKIAbH1BrABAbgBAw~CBwQChgBIPsoKPsoMKQpOClo_Chwoyl4miOAAe4giAGAWLABAbgBAw~CAkQChgBIIEpKIEpMLUpODRogSlwtCl4jl-AAeJciAH2-AGwAQG4AQM~CCcQChgBIIEpKIEpMLQpODJogilwsyl4nW-AAfFsiAHpyQKwAQG4AQM~CBwQBRgBINEqKNEqMIUrODRo2CpwhSt4lgeAAeoEiAGWCbABAbgBAw~CCcQBRgBIO0xKO0xMKkyODxo8DFwpjJ4oWiAAfVliAH-sAKwAQG4AQM~CCkQBhgBIPcxKPcxMMs0ONQCaKQ0cMo0eNZ0gAGqcogBqnKwAQG4AQM~CCIQBBgBIPgxKPgxMPMyOHto-TFw8jJ4rAKwAQG4AQM~CBsQDSDKNziyAg~CCoQChgBINE3KNE3MPs4OKoBaNI3cMo4eNr-A4ABrvwDiAHd0AywAQG4AQM~CCIQBBgBINI3KNI3MM04OHxo0zdwzTh4rAKwAQG4AQM~CB8QBRgBINI3KNI3MLQ4OGJo1jdwtDh4tg2AAYoLiAHgHbABAbgBAw~CCEQBhgBINM3KNM3MMg4OHY~CCgQChgBIKY6KKY6MOs6OEVopjpw6jp40cABgAGlvgGIAf_-A7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:37 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame A740 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lp3uh9vd&chm=1&c=4076639824696142&ctx=2&qqid=CJv_4cedzYIDFUa4ewodX44Gxw&met.4=fb.1fy~lb.3sk~cmrload.4b1~ol.568~idt.-7u~dt.-12k&met.3=492.1fz_1~374.4m8~440.55t~440.562~443.562~438.563~441.567~438.567~439.567~438.567~113.618_3~112.617_4&met.1=1.lp3uh3u6~6.k~7.k~8.k~9.k~10.k~12.18~13.35~14.36~15.13o~16.48r~17.48r~18.48s~19.55i~20.55k~21.568&met.7=CBsQCBgBKBQwcjiwNGgscHJ4iReAAd0UiAGSMLABAbgBAw~CBsQCiDRDjg3~CCgQBRgBINMOKNMOMIcSOLQDaIcRcIYSeLIEgAGGAogBxQSwAQG4AQM~CBwQChgBINMOKNMOMLYPOGNo1A5woQ94qfgBgAH99QGIAYXHBbABAbgBAw~CBsQBiDbDjg8~CBsQBiDcDjhc~CBwQBhgBIN0OKN0OMLYPOFlo3g5wtQ941gKAASqIASqwAQG4AQM~CBwQBhgBIN4OKN4OMLUPOFdo3g5wtA94rAKwAQG4AQM~CBsQBiDfDjiMBQ~CBsQBiDfDjg0~CB4QChgBIOAOKOAOMJMPODNo4Q5wkg94gAyAAdQJiAGBFbABAbgBAw~CBwQChgBIOEOKOEOMJIPODFo4Q5wkQ94iUWAAd1CiAHwoQGwAQG4AQM~CBsQBhgBIOEOKOEOMJYPODQ~CBEQChgBIOIOKOIOMJcPODVo4g5wlg94rjSAAYIyiAGLvQGwAQG4AQM~CCoQChgBIOMOKOMOMOwPOIkBaOMOcMgPeNr-A4ABrvwDiAHd0AywAQG4AQM~CBsQBiDjDjhU~CBwQARgBILIcKLIcMIodOFlotRxwiR14rAKwAQG4AQM~CBwQARgBILMcKLMcMIkdOFZotRxwiR14rAKwAQG4AQM~CCgQChgBILwcKLwcMKgdOGxoxBxwpR147bkCgAHBtwKIAf_nBbABAbgBAw~CBsQDSCBHjhR~CBsQDSDSHji-Ag~CBsQDSDnHjjvAg~CBsQDSDoHjhf~CCkQChgBIKkkKKkkMOckOD1orSRw0yR4qrkCgAH-tgKIAbH1BrABAbgBAw~CBwQChgBIKokKKokMNQkOCtorSRw1CR4miOAAe4giAGAWLABAbgBAw~CAkQChgBILAkKLAkMO8kOD9osiRw7SR4jl-AAeJciAH2-AGwAQG4AQM~CCcQChgBILEkKLEkMOokODlosyRw3iR4nW-AAfFsiAHpyQKwAQG4AQM~CBsQDSCFJTiRAg~CBsQBSCuJjiKCg~CBwQBRgBILEmKLEmMOcmODZotSZw5iZ4lgeAAeoEiAGWCbABAbgBAw~CCIQBBgBIJUrKJUrMIQsOG9olitw-it4rAKwAQG4AQM~CCkQBhgBIJUrKJUrMPYtOOECaMQtcPYteOt3gAG_dYgBv3WwAQG4AQM~CCcQBRgBIPUsKPUsML0tOEho-SxwvC14oWiAAfVliAH-sAKwAQG4AQM~CBsQDSCuNDioAg~CCoQChgBILY0KLY0MM41OJgBaLc0cK41eNr-A4ABrvwDiAHd0AywAQG4AQM~CCIQBBgBILc0KLc0MMY1OJABaLc0cMU1eKwCsAEBuAED~CB8QBRgBILc0KLc0MOM0OCxoujRw4jR4tg2AAYoLiAHgHbABAbgBAw~CCEQBhgBILc0KLc0MJc1OGA~CCgQChgBIO81KO81MKQ2ODVo8DVwoTZ40cABgAGlvgGIAf_-A7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:37 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
document.00000052D75D9F.js
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/4848256/6329866/ Frame FB58 		38 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/4848256/6329866/document.00000052D75D9F.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652d25f2843eb9eeda767251?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsu0SfDSRm9QKTl3QIJtXssZusSkWj6_H7O6sSlQWQV8Vb5sJzGthOimRkEyuooQf3oRdBZnuZBXldTvMR5jK59oCeam5wwJEaFmHbx5JCpMohvWlomzBfQa5t7fE3FOU-kZuk7qfT1NNQTGnNYSHcZgqbnqPJ5RZZx5AZus8M-HPKGTTfFA3Y47D019zps9sR8gOjTijTE0WWwJXHXd12K3FfXEzmSUwVc6e9Y1jUdPh_l5TzBoND2E5hnbkFpMJnCBMvcX6S5WJYPBF58oxlcb_V2DaEdRqmBD1AioF2lr25xBgedPEqYu7Cw1_iKV9wHiwSn9wo5XxlkHYy5Fa0Fjg6tuKtGJxC7MwGLfdF6mwohnpEs5LoscoZ4J36P4pW6IfSZ3BoOhBPFe9_bf3oOZVh8bYDBpD2YCC0KrsKoj5g20YAeEzvoNNEEm8NEXReuVIOAWJCbuZJjfRBTSgPQiG8FPRQK3mZQzdmnVrwKobYFdLkIYe7IjJfxzMoNGhGR2eDx9N7q5mZegsbm8-4kkyU7xLFVGst_Y_Wj2pH3lsuiNWPVzWfmzI2NED-1KZ-P_XoWID1xK1w7V-_6PHeLGAQgV544Gpe5RF045hH45Nmz1n_G0OCvR42aiXCpkp0viMIIUPSax7zSHPFvEZTAe1WH_VP0iIoWZHejNRiqHL4QNz4NNEvDDFRDmAMdCxTKBr6OxKEtWDgNHQnk7mrYuxFDc43G9CJBvFYhFc90CFlsq_C3iXChNg4gAQa_acohKq-M1ljGqvljoDoDGAsa-uSzukDxqeFIDKvHm02NwvnvCh1oGqPA4q-0EL_fGK2O4et-agbtA3l5aKqNuXKlfHuGi7CsPou4mS362wVDZGQp5Ac7vcrghhXUoq2ytkn0P79F0IqSQsI5qKKMAbk02I4Ru1MOkNuTbAOSgd9LHC6erWKvOJJ1pAxwFLKYLkKB8sfjz4QZjRd4piL9B0adloYNCz2anKIkUuMjqxC7u6VZ3_r542fcPY15iCesCXdQbRXkg4tFHicyRLASLrLsL17IByz_BabhAwNESXKv94IxUpMtiRt1fZrY1L1fi2sOs32Fr2iJoOmY3T7wZ5XsGznzqbru9dF-yuyZCj6ntIYICc9GUMhqawO1iFSYgyU_s6pu6w27HkZsQlD6orHD1gpMLQlIt6eWeTsmhYGMPtAwSiJUOhZdnWnY1NbCCGkR19tgPpyvp_dw6dwAgeFt1pAumW8bF7Nti2LI2Y811SGWa4w_SaPq71idOJF5km6E87FZvCYtXhg6px_KVVnS39CGN4azxYQFQkSsb45gM4JSf0VZ0_PaHdyLkgJ4Wvd2fiNHlGrQ0d4UaFEU133svSBTLmnA-gTHw9j-A5DJVCSZn66ED-LNgzcyZN6EWUVQTkpvocRRnOoSYF2v6FnB6CxPnVLDTMlq8XH3boFjsJDX4gAloKODxoXsg9gRuql0k-qQqjaoyp5U%26sai%3DAMfl-YS3SXYB1GeofkiCIGQZK0RL9XB4KirW_zCpFP8m4e-0QmgjDxJKq1f5SbBMgx_bkK6FAflBDRXoE9l-Q9g1CKDCukZh-W7tDeSPOHv_V9RP8RCs5Hvv-wxOPkh-VqTqn3dwKzS2HyXx9v9jsMfQ8YoFjTxQVehg-TMhAUlXfKHU5WQ7w5T2JwqHQ-vHTIarmBgyZEyEWbfRzVX_F2S1sx8Ac36Cn7ptLkKKtrOl-zBOaAnlTwnhOLykcuMLYVkNSfhaOfRjwrlNmzUnlkaIXytw1F-WeplF%26sig%3DCg0ArKJSzI5O3KpS2tm6EAE%26pr%3D67%3A0.119843%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fen-ch%252Fcampaigns%252Ftrading-gold%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285515_525707621
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6487030482a22af463d7ead397df639e9a4adee52a8671a6b2ca9416398875a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:37 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
BYfiGdZsX8pxWNXOL3FhNA==
age
883490
cf-polished
origSize=44318
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 09:34:28 GMT
server
cloudflare
etag
W/"0x8DBAF85A1DC8CFA"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d7e3e608-f01e-0014-12f8-119dbc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
827f2c448f0324c4-ZRH
animated-creative.b105a4e6577fb08357fd.js
c.bannerflow.net/scripts/ Frame FB58 		156 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/animated-creative.b105a4e6577fb08357fd.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652d25f2843eb9eeda767251?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsu0SfDSRm9QKTl3QIJtXssZusSkWj6_H7O6sSlQWQV8Vb5sJzGthOimRkEyuooQf3oRdBZnuZBXldTvMR5jK59oCeam5wwJEaFmHbx5JCpMohvWlomzBfQa5t7fE3FOU-kZuk7qfT1NNQTGnNYSHcZgqbnqPJ5RZZx5AZus8M-HPKGTTfFA3Y47D019zps9sR8gOjTijTE0WWwJXHXd12K3FfXEzmSUwVc6e9Y1jUdPh_l5TzBoND2E5hnbkFpMJnCBMvcX6S5WJYPBF58oxlcb_V2DaEdRqmBD1AioF2lr25xBgedPEqYu7Cw1_iKV9wHiwSn9wo5XxlkHYy5Fa0Fjg6tuKtGJxC7MwGLfdF6mwohnpEs5LoscoZ4J36P4pW6IfSZ3BoOhBPFe9_bf3oOZVh8bYDBpD2YCC0KrsKoj5g20YAeEzvoNNEEm8NEXReuVIOAWJCbuZJjfRBTSgPQiG8FPRQK3mZQzdmnVrwKobYFdLkIYe7IjJfxzMoNGhGR2eDx9N7q5mZegsbm8-4kkyU7xLFVGst_Y_Wj2pH3lsuiNWPVzWfmzI2NED-1KZ-P_XoWID1xK1w7V-_6PHeLGAQgV544Gpe5RF045hH45Nmz1n_G0OCvR42aiXCpkp0viMIIUPSax7zSHPFvEZTAe1WH_VP0iIoWZHejNRiqHL4QNz4NNEvDDFRDmAMdCxTKBr6OxKEtWDgNHQnk7mrYuxFDc43G9CJBvFYhFc90CFlsq_C3iXChNg4gAQa_acohKq-M1ljGqvljoDoDGAsa-uSzukDxqeFIDKvHm02NwvnvCh1oGqPA4q-0EL_fGK2O4et-agbtA3l5aKqNuXKlfHuGi7CsPou4mS362wVDZGQp5Ac7vcrghhXUoq2ytkn0P79F0IqSQsI5qKKMAbk02I4Ru1MOkNuTbAOSgd9LHC6erWKvOJJ1pAxwFLKYLkKB8sfjz4QZjRd4piL9B0adloYNCz2anKIkUuMjqxC7u6VZ3_r542fcPY15iCesCXdQbRXkg4tFHicyRLASLrLsL17IByz_BabhAwNESXKv94IxUpMtiRt1fZrY1L1fi2sOs32Fr2iJoOmY3T7wZ5XsGznzqbru9dF-yuyZCj6ntIYICc9GUMhqawO1iFSYgyU_s6pu6w27HkZsQlD6orHD1gpMLQlIt6eWeTsmhYGMPtAwSiJUOhZdnWnY1NbCCGkR19tgPpyvp_dw6dwAgeFt1pAumW8bF7Nti2LI2Y811SGWa4w_SaPq71idOJF5km6E87FZvCYtXhg6px_KVVnS39CGN4azxYQFQkSsb45gM4JSf0VZ0_PaHdyLkgJ4Wvd2fiNHlGrQ0d4UaFEU133svSBTLmnA-gTHw9j-A5DJVCSZn66ED-LNgzcyZN6EWUVQTkpvocRRnOoSYF2v6FnB6CxPnVLDTMlq8XH3boFjsJDX4gAloKODxoXsg9gRuql0k-qQqjaoyp5U%26sai%3DAMfl-YS3SXYB1GeofkiCIGQZK0RL9XB4KirW_zCpFP8m4e-0QmgjDxJKq1f5SbBMgx_bkK6FAflBDRXoE9l-Q9g1CKDCukZh-W7tDeSPOHv_V9RP8RCs5Hvv-wxOPkh-VqTqn3dwKzS2HyXx9v9jsMfQ8YoFjTxQVehg-TMhAUlXfKHU5WQ7w5T2JwqHQ-vHTIarmBgyZEyEWbfRzVX_F2S1sx8Ac36Cn7ptLkKKtrOl-zBOaAnlTwnhOLykcuMLYVkNSfhaOfRjwrlNmzUnlkaIXytw1F-WeplF%26sig%3DCg0ArKJSzI5O3KpS2tm6EAE%26pr%3D67%3A0.119843%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fen-ch%252Fcampaigns%252Ftrading-gold%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285515_525707621
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80c1a71b0825d5c2a91d238da77ede821f8df46b20974aa774f5bc03aefe6a45

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:37 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
lEV9j3pUvMgu01szZkbLog==
age
1486175
cf-polished
origSize=159577
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Thu, 31 Aug 2023 09:36:51 GMT
server
cloudflare
etag
W/"0x8DBAA05CE239A64"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6b739737-d01e-0013-167d-0cc92a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
827f2c448f0c24c4-ZRH
widget.e41a0c4132970d505cc8.js
c.bannerflow.net/scripts/ Frame F0B8 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/widget.e41a0c4132970d505cc8.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652d26b6843eb9eeda76728d?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssZ-UFH0pfFNAsY-ikl_lPYXIVNJ5iNo_hIkmS0m3Uc_7axWjw-RCv3WHVlq-i3P_gNDwFXWbpVtWf8rudvWSOBViCJeM48teykOwy-3XtI7PvBBZ5IMTgmOwSSZeKVqcReDW-a2mv5I3wuVf_pyRgXaYEkEH6ZR_2NwTicakh5lLz_o0HX98bzxJTWQI7H1GwfcXZjskG1teoExmySMWkY6jnbRowGQZPqrI8CbtF8RT0YItDtEkp989gbZYkHhFLzuuD7_OfQUEDJRIHmsSVmUBDwRr-K1pq-umLRWjg0TaMMtrID98UkxfoVjfYUNLJysgpkPbtsGckHsJaZsew4YrawbwLavZfQmKRhgifKBy4rFVNQFNY0s8hq9BhiiPR2HEDs2rJSvSAYtbjYU8WuDLKSDi6K_uhMCTW9EX2e4M5shG129ZJ-ljAL8d0Rp1kuwNr0mkt7JCo8SD44ZfeFZNm-BawJ6wRYpyOk0yPqxccWTX9pMK60fuCGAhl_ZWo4fY6miyLeQh4B6uxaTd_bR0ytLysCih6rupjr3sHAHIR6FdWAxXO8W6QrABdNE10LvgNybYH3okct7idVwNwK64LvSLfaFw55xEMhNzjqEjgGA61tvLdfQ-33to9ua4knN1U2w-sck_wrVdUiRDb4AoSO40hQqxn6Pv4htwDdVylPpVapUin6PZLAhRQW1mIgm3fC0_D0SVLcs6XBt3ZuCQ7PkqRymeT8go6kNlCWW7EhHAffIYKirpAzriNo77YGxqyjBXNWGlP9SdJsW9QqtTnkzxhzmAw3-Bl2hwexYoZaMK3UQ4EP0dJckzTyfBsQvOR5kZiOYSDu-Dwj54ovETLFAoKCfcWEtaikyNX0zR21E_toBe8UI3ptLM2aF3wiRSwb4ukfzgV_Z7BUrtxU2XbCJvKbIXFijxcKRmkwWYgwHYi6Fq4BEWlZzkwAR55btkyHb78NmM-idgVs2Yv53n0a7Uj_fTkysPsjrVcyv1SN5U2vQ8UeEsO0elqABuio57r8hdfS5DibLgA-PnqAVDgeibzHk6K06uCGzC2vEQ0_8_veg2ljkVw1pOLgvziKgfamTJsKgnKFH-Rl0JtLyDYbtKN0bihVr4Uavp0E-h8LhKQyqtJvZfdMQIiWgR160oEZ-7TA0NNhxBwq0dxk0iCLNWdFZjoKrMdKHSLnCg3guUR8gYR_osd7q2GifK1e3V-yMNAE55NLcsSnyhUxQx-y7BCh61qNwwyq6VeYDjd4ntFanZRzDFeOX_XdqrHE5yy9BMuJIHtKScm031zUzvbi_drx_YxRKkTn9r4UNhNP581aS8AeYJHJ8ypA4a_GlzWkEjzBra0L5NylCVJCswLSTKae0cCO43gqwGC6oFKJv_Msv9Q42ssPuDbRqeNu89aW6pZT4bAjxzvyGj-kYR-XPZDrJZz8gPtWM2eMBsZBkMYtQI7CtCWAX03NB5HUWdCQnp2WP9Ud6t5YKQzjqm9A%26sai%3DAMfl-YTu_t8jc2IDS7vxwEo_DSWKfAW_SInzO6mxxwp8U0aa0BPyLJQk4DqsQL2W9Q8tZalsHswBMphdL3fHiMcFbG9AnvUIvophjtPViWGUEg3g9FWgZnt12Z8KgVjZGZ-ayiRhMUzase-sBFmxa1BZ08DeUAYLiUplNbwVbpmV75FHCPpmkg4YB4AWxF_KVBhFpjMbPS4VAUepyPDgcx90quAfMxxqYeHXVM0Bg5VUS_Zes7fcyqwWjm82_Acg2buYblA_G4N0fBzrPJ1q3G4OuaOINAk-n049%26sig%3DCg0ArKJSzJUTEQDyRaaeEAE%26pr%3D67%3A0.119843%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fproducts%252Flisted-options%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285515_525707621
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be1d882665dbe8315c44ea23b1ef040acee463dbc2df107f77909afa4ec72142

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:37 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
nZPaCeepSHMZbbh+xShfnA==
age
884188
cf-polished
origSize=20123
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Tue, 07 Mar 2023 10:29:01 GMT
server
cloudflare
etag
W/"0x8DB1EF6C4FEC22F"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0e7989b5-101e-006e-29f6-1180fc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
827f2c448f1024c4-ZRH
document.0000001D561DE5.js
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/4059460/4979562/ Frame F0B8 		66 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/4059460/4979562/document.0000001D561DE5.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652d26b6843eb9eeda76728d?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssZ-UFH0pfFNAsY-ikl_lPYXIVNJ5iNo_hIkmS0m3Uc_7axWjw-RCv3WHVlq-i3P_gNDwFXWbpVtWf8rudvWSOBViCJeM48teykOwy-3XtI7PvBBZ5IMTgmOwSSZeKVqcReDW-a2mv5I3wuVf_pyRgXaYEkEH6ZR_2NwTicakh5lLz_o0HX98bzxJTWQI7H1GwfcXZjskG1teoExmySMWkY6jnbRowGQZPqrI8CbtF8RT0YItDtEkp989gbZYkHhFLzuuD7_OfQUEDJRIHmsSVmUBDwRr-K1pq-umLRWjg0TaMMtrID98UkxfoVjfYUNLJysgpkPbtsGckHsJaZsew4YrawbwLavZfQmKRhgifKBy4rFVNQFNY0s8hq9BhiiPR2HEDs2rJSvSAYtbjYU8WuDLKSDi6K_uhMCTW9EX2e4M5shG129ZJ-ljAL8d0Rp1kuwNr0mkt7JCo8SD44ZfeFZNm-BawJ6wRYpyOk0yPqxccWTX9pMK60fuCGAhl_ZWo4fY6miyLeQh4B6uxaTd_bR0ytLysCih6rupjr3sHAHIR6FdWAxXO8W6QrABdNE10LvgNybYH3okct7idVwNwK64LvSLfaFw55xEMhNzjqEjgGA61tvLdfQ-33to9ua4knN1U2w-sck_wrVdUiRDb4AoSO40hQqxn6Pv4htwDdVylPpVapUin6PZLAhRQW1mIgm3fC0_D0SVLcs6XBt3ZuCQ7PkqRymeT8go6kNlCWW7EhHAffIYKirpAzriNo77YGxqyjBXNWGlP9SdJsW9QqtTnkzxhzmAw3-Bl2hwexYoZaMK3UQ4EP0dJckzTyfBsQvOR5kZiOYSDu-Dwj54ovETLFAoKCfcWEtaikyNX0zR21E_toBe8UI3ptLM2aF3wiRSwb4ukfzgV_Z7BUrtxU2XbCJvKbIXFijxcKRmkwWYgwHYi6Fq4BEWlZzkwAR55btkyHb78NmM-idgVs2Yv53n0a7Uj_fTkysPsjrVcyv1SN5U2vQ8UeEsO0elqABuio57r8hdfS5DibLgA-PnqAVDgeibzHk6K06uCGzC2vEQ0_8_veg2ljkVw1pOLgvziKgfamTJsKgnKFH-Rl0JtLyDYbtKN0bihVr4Uavp0E-h8LhKQyqtJvZfdMQIiWgR160oEZ-7TA0NNhxBwq0dxk0iCLNWdFZjoKrMdKHSLnCg3guUR8gYR_osd7q2GifK1e3V-yMNAE55NLcsSnyhUxQx-y7BCh61qNwwyq6VeYDjd4ntFanZRzDFeOX_XdqrHE5yy9BMuJIHtKScm031zUzvbi_drx_YxRKkTn9r4UNhNP581aS8AeYJHJ8ypA4a_GlzWkEjzBra0L5NylCVJCswLSTKae0cCO43gqwGC6oFKJv_Msv9Q42ssPuDbRqeNu89aW6pZT4bAjxzvyGj-kYR-XPZDrJZz8gPtWM2eMBsZBkMYtQI7CtCWAX03NB5HUWdCQnp2WP9Ud6t5YKQzjqm9A%26sai%3DAMfl-YTu_t8jc2IDS7vxwEo_DSWKfAW_SInzO6mxxwp8U0aa0BPyLJQk4DqsQL2W9Q8tZalsHswBMphdL3fHiMcFbG9AnvUIvophjtPViWGUEg3g9FWgZnt12Z8KgVjZGZ-ayiRhMUzase-sBFmxa1BZ08DeUAYLiUplNbwVbpmV75FHCPpmkg4YB4AWxF_KVBhFpjMbPS4VAUepyPDgcx90quAfMxxqYeHXVM0Bg5VUS_Zes7fcyqwWjm82_Acg2buYblA_G4N0fBzrPJ1q3G4OuaOINAk-n049%26sig%3DCg0ArKJSzJUTEQDyRaaeEAE%26pr%3D67%3A0.119843%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fproducts%252Flisted-options%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285515_525707621
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12214c7152fa53989558a11655c0baa1d8e9661a7212f496cd69d634cc99384

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:37 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
WUuXTgZXirgVCy7OOCHFvw==
age
1480472
cf-polished
origSize=71564
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Sat, 11 Mar 2023 14:01:04 GMT
server
cloudflare
etag
W/"0x8DB22390DC65822"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8c3927a3-e01e-0018-788a-0c3241000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
827f2c448f1624c4-ZRH
animated-creative.0d17da23618f24b974cb.js
c.bannerflow.net/scripts/ Frame F0B8 		156 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/animated-creative.0d17da23618f24b974cb.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652d26b6843eb9eeda76728d?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssZ-UFH0pfFNAsY-ikl_lPYXIVNJ5iNo_hIkmS0m3Uc_7axWjw-RCv3WHVlq-i3P_gNDwFXWbpVtWf8rudvWSOBViCJeM48teykOwy-3XtI7PvBBZ5IMTgmOwSSZeKVqcReDW-a2mv5I3wuVf_pyRgXaYEkEH6ZR_2NwTicakh5lLz_o0HX98bzxJTWQI7H1GwfcXZjskG1teoExmySMWkY6jnbRowGQZPqrI8CbtF8RT0YItDtEkp989gbZYkHhFLzuuD7_OfQUEDJRIHmsSVmUBDwRr-K1pq-umLRWjg0TaMMtrID98UkxfoVjfYUNLJysgpkPbtsGckHsJaZsew4YrawbwLavZfQmKRhgifKBy4rFVNQFNY0s8hq9BhiiPR2HEDs2rJSvSAYtbjYU8WuDLKSDi6K_uhMCTW9EX2e4M5shG129ZJ-ljAL8d0Rp1kuwNr0mkt7JCo8SD44ZfeFZNm-BawJ6wRYpyOk0yPqxccWTX9pMK60fuCGAhl_ZWo4fY6miyLeQh4B6uxaTd_bR0ytLysCih6rupjr3sHAHIR6FdWAxXO8W6QrABdNE10LvgNybYH3okct7idVwNwK64LvSLfaFw55xEMhNzjqEjgGA61tvLdfQ-33to9ua4knN1U2w-sck_wrVdUiRDb4AoSO40hQqxn6Pv4htwDdVylPpVapUin6PZLAhRQW1mIgm3fC0_D0SVLcs6XBt3ZuCQ7PkqRymeT8go6kNlCWW7EhHAffIYKirpAzriNo77YGxqyjBXNWGlP9SdJsW9QqtTnkzxhzmAw3-Bl2hwexYoZaMK3UQ4EP0dJckzTyfBsQvOR5kZiOYSDu-Dwj54ovETLFAoKCfcWEtaikyNX0zR21E_toBe8UI3ptLM2aF3wiRSwb4ukfzgV_Z7BUrtxU2XbCJvKbIXFijxcKRmkwWYgwHYi6Fq4BEWlZzkwAR55btkyHb78NmM-idgVs2Yv53n0a7Uj_fTkysPsjrVcyv1SN5U2vQ8UeEsO0elqABuio57r8hdfS5DibLgA-PnqAVDgeibzHk6K06uCGzC2vEQ0_8_veg2ljkVw1pOLgvziKgfamTJsKgnKFH-Rl0JtLyDYbtKN0bihVr4Uavp0E-h8LhKQyqtJvZfdMQIiWgR160oEZ-7TA0NNhxBwq0dxk0iCLNWdFZjoKrMdKHSLnCg3guUR8gYR_osd7q2GifK1e3V-yMNAE55NLcsSnyhUxQx-y7BCh61qNwwyq6VeYDjd4ntFanZRzDFeOX_XdqrHE5yy9BMuJIHtKScm031zUzvbi_drx_YxRKkTn9r4UNhNP581aS8AeYJHJ8ypA4a_GlzWkEjzBra0L5NylCVJCswLSTKae0cCO43gqwGC6oFKJv_Msv9Q42ssPuDbRqeNu89aW6pZT4bAjxzvyGj-kYR-XPZDrJZz8gPtWM2eMBsZBkMYtQI7CtCWAX03NB5HUWdCQnp2WP9Ud6t5YKQzjqm9A%26sai%3DAMfl-YTu_t8jc2IDS7vxwEo_DSWKfAW_SInzO6mxxwp8U0aa0BPyLJQk4DqsQL2W9Q8tZalsHswBMphdL3fHiMcFbG9AnvUIvophjtPViWGUEg3g9FWgZnt12Z8KgVjZGZ-ayiRhMUzase-sBFmxa1BZ08DeUAYLiUplNbwVbpmV75FHCPpmkg4YB4AWxF_KVBhFpjMbPS4VAUepyPDgcx90quAfMxxqYeHXVM0Bg5VUS_Zes7fcyqwWjm82_Acg2buYblA_G4N0fBzrPJ1q3G4OuaOINAk-n049%26sig%3DCg0ArKJSzJUTEQDyRaaeEAE%26pr%3D67%3A0.119843%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fproducts%252Flisted-options%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285515_525707621
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb6cef3eb76ec26c8bb8cb59e1ccf16d2facd9a1c387978948ce98664d2ca71f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:37 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
Gq90Z8yQaZwoZjD0SNt4Ow==
age
1394753
cf-polished
origSize=159436
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Tue, 07 Mar 2023 10:29:01 GMT
server
cloudflare
etag
W/"0x8DB1EF6C4EBD802"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c17bac01-b01e-0015-3351-0dfa95000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
827f2c448f1b24c4-ZRH
widget.633504d8fe9ff0ef3d39.js
c.bannerflow.net/scripts/ Frame 017E 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/widget.633504d8fe9ff0ef3d39.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652d261c843eb9eeda767266?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssRxeFXxDyo3De2Pi3Vhm1Qr_UJfAiP7GKTCZB05kzdu20TXw4_maYS_a3u1hP3sibf-KCRMbnYmqK_HJ-mnUNV32v-dC8Yqwp1aSDG_p9ts6YwyImM3ArtWjcUP6agpBZrk8Q1g6Hgdt9wrVMog7PgNzBtglZb89sWxH1gZEUWXor_ADJziDm81pV59fzmbSp6PknHnWLtlOZsl6ykPxpdsF2bA5s1E6dlxzYBmzaLMF9L9cKge6FYgqT-6LDvpRtolmp4Cg0iuc7pePo5i-wj4zVfVCHPfJ9M95F8pr3rRMJc8bs6Hlb5JJtJrS8E2OPfzI77rklk1I52Xqt9DX1kl-tEDhOEjSN1unjP-FN7o6nw3gzmlqWSAlksMijJyRhau7FC59lAkY9UxBqXxHs9J2iiQfNe0YHxqjeC4enQMTa6XjMI_-CTI4EWg8z3CgttBd5dan7_k0JHKXXTOi30YuLdfGKcJ0gysyGkBc-G7VANGpeFuv0Ci5F9_DDlggQUVokz9ae-Q1jh-RHPJV7i-8NWRzEJNC9N5_bJQgxK0Z7jhZcGIIL0jEeMNp9Thz085Y8VeC_WtcjN849RH8emqViz5IrpV_AOEXSX6qMDW9DQCA3pYMnFmAP_W_xKqcozVErAknX3Nfe_2ktkmubvlVrkSOCM7uUX1nuOBTRFUheym_4IELoHSmH6CzmvlwcBU6EpQC1LB61igG0TaQzzJ2r1WKEj6idEZn5oEdBvlrWvAX-JW9UdqRifH2jx-3941WwVjiNLHvEC13zISyebbSO1Bf18FdiRBS-vzvomP2V98aDu4WzwSAWSP_fSjNPoyTm0hkPvGWH5Cq2Oq1cN7dfOSHzIOKXptNALyVvuSA0fiXdi0-ZRAA7CaOj_3JJyOv4tUPhHtLNPNKvnLD6TbjDrrWxRFryQRDxacDvfxssq_tYl25NBkpykU4HivIEBLhTZYIJSmKeZ98NipnSHYsMqcXeuFuGTrjwQcRBQuksZjHnHGroZRheTpMeyIMLqDzu26InhPw_Xhpz-AbONFhmRGxmdW04cNKG8db50Lb19DyOWm1wMj5BJ4AkX7A1YNBH5C3IBltuUceWffKiFadj2yMIC7Tykv8dFoF2TSGaOJd6X24bIya4ynv_djADoqIN2zU2ML5K0mrsadcjoh8iVO5kwKf76PLGRzkgFKik4hhE9AG6XvzovQhII4DkRnMPdb1g8vMv3s4oLsIBJHisNI72WVDR7syQ8n3eKXHHLUQIXHotYvMgPLvfmIcr5_0Bt23Hlg4g2k2iRAj5XBwHABNEVRXqlEVpR8YO7N9ul9-MGbuF3nEtjPKI6KcEI1QbBSbZnx97NOy-Nmn7zU-NBiMlQD2zqBAgXigfpzClUprr6CfOUbhtJCI1JVLN6KidrSS4XgfgT5-CjL9tZzeHO6Njk63MtxtCPISxMIHmHVa2rgp4KNj0G__uuLokDEgXJ1Z50RcFNdsV2iNGTzmO6%26sai%3DAMfl-YQaMX6XqXq8u_L9uNOvhNT4JyOl7SDxiVlHckkl5rFBaUntrYBV8x_UA81y_9815_6lK67U-lv8jHv2eSmsxjNkWQ73dppv5EHtwYFlJOVY09WWx6icNNFp9HYmLI7KjYDlublOkqX0LPbIGZKCQnAw9ygzSpxm0tPrcv3kKCPelmY5YiFCZa_q23tBJoMApi1_5kkx6esI33_k63s_-VdlptM3-NtyBBGHC6Hf1DxC8uy5Vjpe2FMCB9ioaZGCUBA1-5nXB5L-atPoLcGtoWOr_LO9Ov48%26sig%3DCg0ArKJSzDG4mMaS8ptpEAE%26pr%3D67%3A0.136704%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fproducts%252Fforex%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285515_525707621
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bdb773cc106f613774d2d67d669a1328d3a2eccee2ebae9d548b9dbe2b925ff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:37 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
eqdFTzIyNO+fdXWHJc3VrQ==
age
899463
cf-polished
origSize=20123
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Tue, 02 May 2023 11:16:08 GMT
server
cloudflare
etag
W/"0x8DB4AFEA0DEE8AB"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1672d5b0-101e-0033-13d3-118a78000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
827f2c44af4124c4-ZRH
document.0000001EBBF3FE.js
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/4385992/5718813/ Frame 017E 		114 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/4385992/5718813/document.0000001EBBF3FE.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652d261c843eb9eeda767266?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssRxeFXxDyo3De2Pi3Vhm1Qr_UJfAiP7GKTCZB05kzdu20TXw4_maYS_a3u1hP3sibf-KCRMbnYmqK_HJ-mnUNV32v-dC8Yqwp1aSDG_p9ts6YwyImM3ArtWjcUP6agpBZrk8Q1g6Hgdt9wrVMog7PgNzBtglZb89sWxH1gZEUWXor_ADJziDm81pV59fzmbSp6PknHnWLtlOZsl6ykPxpdsF2bA5s1E6dlxzYBmzaLMF9L9cKge6FYgqT-6LDvpRtolmp4Cg0iuc7pePo5i-wj4zVfVCHPfJ9M95F8pr3rRMJc8bs6Hlb5JJtJrS8E2OPfzI77rklk1I52Xqt9DX1kl-tEDhOEjSN1unjP-FN7o6nw3gzmlqWSAlksMijJyRhau7FC59lAkY9UxBqXxHs9J2iiQfNe0YHxqjeC4enQMTa6XjMI_-CTI4EWg8z3CgttBd5dan7_k0JHKXXTOi30YuLdfGKcJ0gysyGkBc-G7VANGpeFuv0Ci5F9_DDlggQUVokz9ae-Q1jh-RHPJV7i-8NWRzEJNC9N5_bJQgxK0Z7jhZcGIIL0jEeMNp9Thz085Y8VeC_WtcjN849RH8emqViz5IrpV_AOEXSX6qMDW9DQCA3pYMnFmAP_W_xKqcozVErAknX3Nfe_2ktkmubvlVrkSOCM7uUX1nuOBTRFUheym_4IELoHSmH6CzmvlwcBU6EpQC1LB61igG0TaQzzJ2r1WKEj6idEZn5oEdBvlrWvAX-JW9UdqRifH2jx-3941WwVjiNLHvEC13zISyebbSO1Bf18FdiRBS-vzvomP2V98aDu4WzwSAWSP_fSjNPoyTm0hkPvGWH5Cq2Oq1cN7dfOSHzIOKXptNALyVvuSA0fiXdi0-ZRAA7CaOj_3JJyOv4tUPhHtLNPNKvnLD6TbjDrrWxRFryQRDxacDvfxssq_tYl25NBkpykU4HivIEBLhTZYIJSmKeZ98NipnSHYsMqcXeuFuGTrjwQcRBQuksZjHnHGroZRheTpMeyIMLqDzu26InhPw_Xhpz-AbONFhmRGxmdW04cNKG8db50Lb19DyOWm1wMj5BJ4AkX7A1YNBH5C3IBltuUceWffKiFadj2yMIC7Tykv8dFoF2TSGaOJd6X24bIya4ynv_djADoqIN2zU2ML5K0mrsadcjoh8iVO5kwKf76PLGRzkgFKik4hhE9AG6XvzovQhII4DkRnMPdb1g8vMv3s4oLsIBJHisNI72WVDR7syQ8n3eKXHHLUQIXHotYvMgPLvfmIcr5_0Bt23Hlg4g2k2iRAj5XBwHABNEVRXqlEVpR8YO7N9ul9-MGbuF3nEtjPKI6KcEI1QbBSbZnx97NOy-Nmn7zU-NBiMlQD2zqBAgXigfpzClUprr6CfOUbhtJCI1JVLN6KidrSS4XgfgT5-CjL9tZzeHO6Njk63MtxtCPISxMIHmHVa2rgp4KNj0G__uuLokDEgXJ1Z50RcFNdsV2iNGTzmO6%26sai%3DAMfl-YQaMX6XqXq8u_L9uNOvhNT4JyOl7SDxiVlHckkl5rFBaUntrYBV8x_UA81y_9815_6lK67U-lv8jHv2eSmsxjNkWQ73dppv5EHtwYFlJOVY09WWx6icNNFp9HYmLI7KjYDlublOkqX0LPbIGZKCQnAw9ygzSpxm0tPrcv3kKCPelmY5YiFCZa_q23tBJoMApi1_5kkx6esI33_k63s_-VdlptM3-NtyBBGHC6Hf1DxC8uy5Vjpe2FMCB9ioaZGCUBA1-5nXB5L-atPoLcGtoWOr_LO9Ov48%26sig%3DCg0ArKJSzDG4mMaS8ptpEAE%26pr%3D67%3A0.136704%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fproducts%252Fforex%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285515_525707621
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
520d2e0c92f833cee907083d9adf998a97b6af5df0ee65b3ef4680896a3118d8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:37 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
/XXxeHEo0zbkFe2VumPiYg==
age
881261
cf-polished
origSize=120953
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Wed, 03 May 2023 15:42:10 GMT
server
cloudflare
etag
W/"0x8DB4BECF591DD12"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e3211dd8-301e-0069-21fd-11ec9f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
827f2c44af4a24c4-ZRH
animated-creative.3ffa494819a31ca28da5.js
c.bannerflow.net/scripts/ Frame 017E 		155 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/animated-creative.3ffa494819a31ca28da5.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652d261c843eb9eeda767266?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssRxeFXxDyo3De2Pi3Vhm1Qr_UJfAiP7GKTCZB05kzdu20TXw4_maYS_a3u1hP3sibf-KCRMbnYmqK_HJ-mnUNV32v-dC8Yqwp1aSDG_p9ts6YwyImM3ArtWjcUP6agpBZrk8Q1g6Hgdt9wrVMog7PgNzBtglZb89sWxH1gZEUWXor_ADJziDm81pV59fzmbSp6PknHnWLtlOZsl6ykPxpdsF2bA5s1E6dlxzYBmzaLMF9L9cKge6FYgqT-6LDvpRtolmp4Cg0iuc7pePo5i-wj4zVfVCHPfJ9M95F8pr3rRMJc8bs6Hlb5JJtJrS8E2OPfzI77rklk1I52Xqt9DX1kl-tEDhOEjSN1unjP-FN7o6nw3gzmlqWSAlksMijJyRhau7FC59lAkY9UxBqXxHs9J2iiQfNe0YHxqjeC4enQMTa6XjMI_-CTI4EWg8z3CgttBd5dan7_k0JHKXXTOi30YuLdfGKcJ0gysyGkBc-G7VANGpeFuv0Ci5F9_DDlggQUVokz9ae-Q1jh-RHPJV7i-8NWRzEJNC9N5_bJQgxK0Z7jhZcGIIL0jEeMNp9Thz085Y8VeC_WtcjN849RH8emqViz5IrpV_AOEXSX6qMDW9DQCA3pYMnFmAP_W_xKqcozVErAknX3Nfe_2ktkmubvlVrkSOCM7uUX1nuOBTRFUheym_4IELoHSmH6CzmvlwcBU6EpQC1LB61igG0TaQzzJ2r1WKEj6idEZn5oEdBvlrWvAX-JW9UdqRifH2jx-3941WwVjiNLHvEC13zISyebbSO1Bf18FdiRBS-vzvomP2V98aDu4WzwSAWSP_fSjNPoyTm0hkPvGWH5Cq2Oq1cN7dfOSHzIOKXptNALyVvuSA0fiXdi0-ZRAA7CaOj_3JJyOv4tUPhHtLNPNKvnLD6TbjDrrWxRFryQRDxacDvfxssq_tYl25NBkpykU4HivIEBLhTZYIJSmKeZ98NipnSHYsMqcXeuFuGTrjwQcRBQuksZjHnHGroZRheTpMeyIMLqDzu26InhPw_Xhpz-AbONFhmRGxmdW04cNKG8db50Lb19DyOWm1wMj5BJ4AkX7A1YNBH5C3IBltuUceWffKiFadj2yMIC7Tykv8dFoF2TSGaOJd6X24bIya4ynv_djADoqIN2zU2ML5K0mrsadcjoh8iVO5kwKf76PLGRzkgFKik4hhE9AG6XvzovQhII4DkRnMPdb1g8vMv3s4oLsIBJHisNI72WVDR7syQ8n3eKXHHLUQIXHotYvMgPLvfmIcr5_0Bt23Hlg4g2k2iRAj5XBwHABNEVRXqlEVpR8YO7N9ul9-MGbuF3nEtjPKI6KcEI1QbBSbZnx97NOy-Nmn7zU-NBiMlQD2zqBAgXigfpzClUprr6CfOUbhtJCI1JVLN6KidrSS4XgfgT5-CjL9tZzeHO6Njk63MtxtCPISxMIHmHVa2rgp4KNj0G__uuLokDEgXJ1Z50RcFNdsV2iNGTzmO6%26sai%3DAMfl-YQaMX6XqXq8u_L9uNOvhNT4JyOl7SDxiVlHckkl5rFBaUntrYBV8x_UA81y_9815_6lK67U-lv8jHv2eSmsxjNkWQ73dppv5EHtwYFlJOVY09WWx6icNNFp9HYmLI7KjYDlublOkqX0LPbIGZKCQnAw9ygzSpxm0tPrcv3kKCPelmY5YiFCZa_q23tBJoMApi1_5kkx6esI33_k63s_-VdlptM3-NtyBBGHC6Hf1DxC8uy5Vjpe2FMCB9ioaZGCUBA1-5nXB5L-atPoLcGtoWOr_LO9Ov48%26sig%3DCg0ArKJSzDG4mMaS8ptpEAE%26pr%3D67%3A0.136704%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fproducts%252Fforex%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285515_525707621
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87fd954d30a35512f1f8a39e7dd1217259283769d03253d48205017cf9322102

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:37 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
0ruIYiQNk0ocoFT2HqlV+Q==
age
1488154
cf-polished
origSize=159230
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Tue, 02 May 2023 11:16:08 GMT
server
cloudflare
etag
W/"0x8DB4AFEA0BF0757"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
02d84ab9-d01e-005e-0778-0c06c6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
827f2c44af4c24c4-ZRH
widget.633504d8fe9ff0ef3d39.js
c.bannerflow.net/scripts/ Frame 5DA7 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/widget.633504d8fe9ff0ef3d39.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652d261c843eb9eeda767266?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvsAZbv5UQ7YhbVeQdUUm2-2fc1FlSCeyw2rMsLF8aSj8h6ncA-zrll9f4DNN1DGziLuihtcs9E4WAKEhc3xvkrrhe3wJUtTMkCfHA9j5hU_UKBJRGHfI9hM6YX-XFbmyX_Ft2TqUrE-pQp27WaKVO3A-FZS-fLk951manRYxSIxyZUvb-ctpJXbae-nXqWo5r2fSybXcaPMzOI3_HrnrtoD68Z0ejnCAttSQeMod6Sz0Cm48hfUJeM4fa4aTwk_bFqop4T3PfFi-XNxMThWLiesq3vNXDvh2DNlp55_EE6hkdTHasOG7HC02iyNq8W19glbgBnNKYPEmgfWo7t796VdN31oSSCGw7L1altBP9zjWOzLNNqvZ-CQOnhuIxvQbmWUv5wRmbxh0naPmBWcB1u94XB9EaoYFbaAIputPPJ52RIHIDXoZz8u43ftq-rMChiZFBlOeVkccGAy0gQ4xHWNh_b_dgLGu3b0jdMhJi9A1tb46cziT7Hy_b5rXgLZvKOp7HdqJho8P3wHx2bP0VQ55lEkfmyA5Qo8Uy5g5eUoxdaemkvmsvZlzySVMtCUmm7PEtVzTBiUwOC_5Q3tJFw8OsAXqs_kkKCmPoIKg6QcG_T6qLMCtv7V2fxieBZUM00IwOUhXtn_H6Xhc_uy0yWGAyA4vxLqhUvTQgny6OnKjswfVxvED9HVnaBOztztqk0LwhFZi7hO_OjUonY4sDkDlBj45Um839CyFXTx06vF9owgJ4OPsEL3YdHAydalHBU5mDeDRvhVaLwY7FMJmhkLVGuRYaGr0YjelH5rmFiAby_ATVnMaIfeywcN6XBDfeaU8GOusBBQUJgguuzMyYG8dNxjfk1aXTx_viOJLN1kLZ_2urd1TvMQ9qRROdn8aujrhNLUXgIF9wqPggZRAWmxVCPKU2O3dIRZez5QW6yfVv3kCS0FS_SHdf-DvIxzcgFk72J6XLhF8TaaECyDMzTtj_hX3myEmPrqO4uyio6pDq65wfORHc3qcct0c1oOR66LcLC14qRdIiXYwLDfI0mnDhTm9Fub8_b4drbY8LxIeZikjhr_6tjw80i9IaI6bLLw0VkHj87QRPIHOt89dF7wmbS-G5wuKqeJC8ilCI5Rf__rG5MIOl8y7kcw7QaWiFX60yrDOJi9C9HCdSMFaHkssMcgA51qayzqB0ZxOeSXKk8KYAnKxMoM5TxM3cd2ighNnpldr4DOw4O8WDepOzOCP_mqV72s1r6eUCM4G8OZV_L7S-GfAp8AIdkcu8MlFmtaRRVZ1ScI82BKwAFYo7F4lwlLLxpLbt2mK-xV35cbsHKtoTWQKjweFfdWF85lfABz6nlLHl5GcRKR3Dw7x0jfwE6K2Hjohk-Eio3msn5Jv8kcTIt4ClGafwV3oJeFKSc1lh6_8M6i_RiuH1hhED5SCVU-Ell8q4gSg0-OtW5EXCuo0sTAuc20ZNECxGbmSkHsgSpu7QVUEFsBOaAmzptM0eWpg%26sai%3DAMfl-YRbhFBE322qcLLjTxF1KtyTySLA4Wl_sVAZ-30bCuo9Fk1LuBPaCPaHNvoglavRBb6TCuLGz9mHTrHohlTpNgX6DWuUGj1gKK9rbvc_Dot2tZB2miUFUDEWOY_wrcxZ6Qny0wr-AHwnhUWutiWE2qb2ngr4Mc1uYSGVVLAQKG7QLg0dtqrCmtXlH3bWgW5Y6bN8ntUpjzh2k-vfnFiZ7hcb-1qij-FYSg7IH-SVhNNV54HAOFtpY-_i88by1D-g357Y6tyoC7V3f-oPGC03NTapah-UBXVq%26sig%3DCg0ArKJSzGQY69rlVFb1EAE%26pr%3D67%3A0.136704%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fproducts%252Fforex%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285515_525707621
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bdb773cc106f613774d2d67d669a1328d3a2eccee2ebae9d548b9dbe2b925ff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:37 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
eqdFTzIyNO+fdXWHJc3VrQ==
age
899463
cf-polished
origSize=20123
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Tue, 02 May 2023 11:16:08 GMT
server
cloudflare
etag
W/"0x8DB4AFEA0DEE8AB"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1672d5b0-101e-0033-13d3-118a78000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
827f2c44af4f24c4-ZRH
document.0000001EBBF3FE.js
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/4385992/5718813/ Frame 5DA7 		114 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/4385992/5718813/document.0000001EBBF3FE.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652d261c843eb9eeda767266?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvsAZbv5UQ7YhbVeQdUUm2-2fc1FlSCeyw2rMsLF8aSj8h6ncA-zrll9f4DNN1DGziLuihtcs9E4WAKEhc3xvkrrhe3wJUtTMkCfHA9j5hU_UKBJRGHfI9hM6YX-XFbmyX_Ft2TqUrE-pQp27WaKVO3A-FZS-fLk951manRYxSIxyZUvb-ctpJXbae-nXqWo5r2fSybXcaPMzOI3_HrnrtoD68Z0ejnCAttSQeMod6Sz0Cm48hfUJeM4fa4aTwk_bFqop4T3PfFi-XNxMThWLiesq3vNXDvh2DNlp55_EE6hkdTHasOG7HC02iyNq8W19glbgBnNKYPEmgfWo7t796VdN31oSSCGw7L1altBP9zjWOzLNNqvZ-CQOnhuIxvQbmWUv5wRmbxh0naPmBWcB1u94XB9EaoYFbaAIputPPJ52RIHIDXoZz8u43ftq-rMChiZFBlOeVkccGAy0gQ4xHWNh_b_dgLGu3b0jdMhJi9A1tb46cziT7Hy_b5rXgLZvKOp7HdqJho8P3wHx2bP0VQ55lEkfmyA5Qo8Uy5g5eUoxdaemkvmsvZlzySVMtCUmm7PEtVzTBiUwOC_5Q3tJFw8OsAXqs_kkKCmPoIKg6QcG_T6qLMCtv7V2fxieBZUM00IwOUhXtn_H6Xhc_uy0yWGAyA4vxLqhUvTQgny6OnKjswfVxvED9HVnaBOztztqk0LwhFZi7hO_OjUonY4sDkDlBj45Um839CyFXTx06vF9owgJ4OPsEL3YdHAydalHBU5mDeDRvhVaLwY7FMJmhkLVGuRYaGr0YjelH5rmFiAby_ATVnMaIfeywcN6XBDfeaU8GOusBBQUJgguuzMyYG8dNxjfk1aXTx_viOJLN1kLZ_2urd1TvMQ9qRROdn8aujrhNLUXgIF9wqPggZRAWmxVCPKU2O3dIRZez5QW6yfVv3kCS0FS_SHdf-DvIxzcgFk72J6XLhF8TaaECyDMzTtj_hX3myEmPrqO4uyio6pDq65wfORHc3qcct0c1oOR66LcLC14qRdIiXYwLDfI0mnDhTm9Fub8_b4drbY8LxIeZikjhr_6tjw80i9IaI6bLLw0VkHj87QRPIHOt89dF7wmbS-G5wuKqeJC8ilCI5Rf__rG5MIOl8y7kcw7QaWiFX60yrDOJi9C9HCdSMFaHkssMcgA51qayzqB0ZxOeSXKk8KYAnKxMoM5TxM3cd2ighNnpldr4DOw4O8WDepOzOCP_mqV72s1r6eUCM4G8OZV_L7S-GfAp8AIdkcu8MlFmtaRRVZ1ScI82BKwAFYo7F4lwlLLxpLbt2mK-xV35cbsHKtoTWQKjweFfdWF85lfABz6nlLHl5GcRKR3Dw7x0jfwE6K2Hjohk-Eio3msn5Jv8kcTIt4ClGafwV3oJeFKSc1lh6_8M6i_RiuH1hhED5SCVU-Ell8q4gSg0-OtW5EXCuo0sTAuc20ZNECxGbmSkHsgSpu7QVUEFsBOaAmzptM0eWpg%26sai%3DAMfl-YRbhFBE322qcLLjTxF1KtyTySLA4Wl_sVAZ-30bCuo9Fk1LuBPaCPaHNvoglavRBb6TCuLGz9mHTrHohlTpNgX6DWuUGj1gKK9rbvc_Dot2tZB2miUFUDEWOY_wrcxZ6Qny0wr-AHwnhUWutiWE2qb2ngr4Mc1uYSGVVLAQKG7QLg0dtqrCmtXlH3bWgW5Y6bN8ntUpjzh2k-vfnFiZ7hcb-1qij-FYSg7IH-SVhNNV54HAOFtpY-_i88by1D-g357Y6tyoC7V3f-oPGC03NTapah-UBXVq%26sig%3DCg0ArKJSzGQY69rlVFb1EAE%26pr%3D67%3A0.136704%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fproducts%252Fforex%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285515_525707621
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
520d2e0c92f833cee907083d9adf998a97b6af5df0ee65b3ef4680896a3118d8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:37 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
/XXxeHEo0zbkFe2VumPiYg==
age
881261
cf-polished
origSize=120953
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Wed, 03 May 2023 15:42:10 GMT
server
cloudflare
etag
W/"0x8DB4BECF591DD12"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e3211dd8-301e-0069-21fd-11ec9f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
827f2c44af5224c4-ZRH
animated-creative.3ffa494819a31ca28da5.js
c.bannerflow.net/scripts/ Frame 5DA7 		155 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/animated-creative.3ffa494819a31ca28da5.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652d261c843eb9eeda767266?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvsAZbv5UQ7YhbVeQdUUm2-2fc1FlSCeyw2rMsLF8aSj8h6ncA-zrll9f4DNN1DGziLuihtcs9E4WAKEhc3xvkrrhe3wJUtTMkCfHA9j5hU_UKBJRGHfI9hM6YX-XFbmyX_Ft2TqUrE-pQp27WaKVO3A-FZS-fLk951manRYxSIxyZUvb-ctpJXbae-nXqWo5r2fSybXcaPMzOI3_HrnrtoD68Z0ejnCAttSQeMod6Sz0Cm48hfUJeM4fa4aTwk_bFqop4T3PfFi-XNxMThWLiesq3vNXDvh2DNlp55_EE6hkdTHasOG7HC02iyNq8W19glbgBnNKYPEmgfWo7t796VdN31oSSCGw7L1altBP9zjWOzLNNqvZ-CQOnhuIxvQbmWUv5wRmbxh0naPmBWcB1u94XB9EaoYFbaAIputPPJ52RIHIDXoZz8u43ftq-rMChiZFBlOeVkccGAy0gQ4xHWNh_b_dgLGu3b0jdMhJi9A1tb46cziT7Hy_b5rXgLZvKOp7HdqJho8P3wHx2bP0VQ55lEkfmyA5Qo8Uy5g5eUoxdaemkvmsvZlzySVMtCUmm7PEtVzTBiUwOC_5Q3tJFw8OsAXqs_kkKCmPoIKg6QcG_T6qLMCtv7V2fxieBZUM00IwOUhXtn_H6Xhc_uy0yWGAyA4vxLqhUvTQgny6OnKjswfVxvED9HVnaBOztztqk0LwhFZi7hO_OjUonY4sDkDlBj45Um839CyFXTx06vF9owgJ4OPsEL3YdHAydalHBU5mDeDRvhVaLwY7FMJmhkLVGuRYaGr0YjelH5rmFiAby_ATVnMaIfeywcN6XBDfeaU8GOusBBQUJgguuzMyYG8dNxjfk1aXTx_viOJLN1kLZ_2urd1TvMQ9qRROdn8aujrhNLUXgIF9wqPggZRAWmxVCPKU2O3dIRZez5QW6yfVv3kCS0FS_SHdf-DvIxzcgFk72J6XLhF8TaaECyDMzTtj_hX3myEmPrqO4uyio6pDq65wfORHc3qcct0c1oOR66LcLC14qRdIiXYwLDfI0mnDhTm9Fub8_b4drbY8LxIeZikjhr_6tjw80i9IaI6bLLw0VkHj87QRPIHOt89dF7wmbS-G5wuKqeJC8ilCI5Rf__rG5MIOl8y7kcw7QaWiFX60yrDOJi9C9HCdSMFaHkssMcgA51qayzqB0ZxOeSXKk8KYAnKxMoM5TxM3cd2ighNnpldr4DOw4O8WDepOzOCP_mqV72s1r6eUCM4G8OZV_L7S-GfAp8AIdkcu8MlFmtaRRVZ1ScI82BKwAFYo7F4lwlLLxpLbt2mK-xV35cbsHKtoTWQKjweFfdWF85lfABz6nlLHl5GcRKR3Dw7x0jfwE6K2Hjohk-Eio3msn5Jv8kcTIt4ClGafwV3oJeFKSc1lh6_8M6i_RiuH1hhED5SCVU-Ell8q4gSg0-OtW5EXCuo0sTAuc20ZNECxGbmSkHsgSpu7QVUEFsBOaAmzptM0eWpg%26sai%3DAMfl-YRbhFBE322qcLLjTxF1KtyTySLA4Wl_sVAZ-30bCuo9Fk1LuBPaCPaHNvoglavRBb6TCuLGz9mHTrHohlTpNgX6DWuUGj1gKK9rbvc_Dot2tZB2miUFUDEWOY_wrcxZ6Qny0wr-AHwnhUWutiWE2qb2ngr4Mc1uYSGVVLAQKG7QLg0dtqrCmtXlH3bWgW5Y6bN8ntUpjzh2k-vfnFiZ7hcb-1qij-FYSg7IH-SVhNNV54HAOFtpY-_i88by1D-g357Y6tyoC7V3f-oPGC03NTapah-UBXVq%26sig%3DCg0ArKJSzGQY69rlVFb1EAE%26pr%3D67%3A0.136704%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fproducts%252Fforex%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285515_525707621
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87fd954d30a35512f1f8a39e7dd1217259283769d03253d48205017cf9322102

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:37 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
0ruIYiQNk0ocoFT2HqlV+Q==
age
1488154
cf-polished
origSize=159230
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Tue, 02 May 2023 11:16:08 GMT
server
cloudflare
etag
W/"0x8DB4AFEA0BF0757"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
02d84ab9-d01e-005e-0778-0c06c6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
827f2c44af5624c4-ZRH
widget.e41a0c4132970d505cc8.js
c.bannerflow.net/scripts/ Frame 20F0 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/widget.e41a0c4132970d505cc8.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652d26b6843eb9eeda76728d?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuPfAsaWFTKZqJYAQYNqd8Du6f8XchFRyoyIeSPD5DqN4F3tfRQQeqQ0_HwDYWkzRWmvVLt4s-JX28UW1RQBKddJ0nZAd6xL2fZQkZv36BSZa7kiv1eU2Y1lCW5KJ3yy-DTQQ2u8gt6YuzG9sTOHbnwh3Mtus2-NrW3CsGxFCB2-ScO7B0_eeuVQvBWp6gDQ9JDv_6wRV0dM0J2wsRCrpBPjXGSw26PzpMD2CD9_SATRaLcez-9r2V4j910LCH6dKAGVyKwa6XCsrDp0Wdgmc6T9UITd4ofD8JyKMAg79epBhfP67DoirFa1xzalR6fKCHuHt7Tgs_k3H6NZqD2bRlSPqSTXAtNCnReCBSkNHGtiSoIBW5IoR8hmXuJ7Z6J41sDU_xiU475VfmOpqZWVGMkMieYMjYcAdj1aviU7p3F-aMJADNw9yzGnwDFgyzcCzRHDIENe2lqJylRfAzcyCf-f3Tb5Z2dZLVeh0eiwUl3oxmKLVRi_5vW1fr7YowVztcq5j-G0SWBc-LAny3Xsp_mMoaMEhJ6P66uHCtmklKsbv-bsirZ8WVysiPBFPYUf023ZYgWhxi6V0FHzinp7C-c9i2pR6AU5jw8xYyA9GdkBLdsg0Acq8WPbpAt7akVNi1sTtjlGbwrV5ejCWPtIdqgUutr-GJrfISU8_DVnZBYjVWtWOfqMHX3sd8N5kEref0ASzEBeDCvurX-rsrVMn6xdLBwkRmTazIsBkZMkTVLAhds275WiA9vTTlLS3_rDYjZX7ePh8wIoVqWckHevXLy5clBg_adl-8Iy5xqIKWRJHxTaOCbM56WjpKUG16h9DIiELmtCAvpwgkkOUW4CpJ7d2jWgZ1oC7R7-NJ104hIO1MmXV-uWuIOqS5Y1uyUduADDBLKKcrc6V2UzI5JPec33ib6nhpldqglwY5PI2jgfjLMZfzUrQj1E9pCcBohL09yTk8mDdYxdxdsNJfSDAGViqPGGO_YlWPOFgcGsZNalqyxl1uqeRDkRCcD8tskLdWYlf9iOMzdZ_An0DXhM6X1LuLBWsZGcpJrmcRfD7SdSUclZcHpv7doBkx4ziuZ1NgUlreaQPe-WnYi2QYKkSlWVfBald4xtN1ZIGPFNSc4Z6R1yJT1VBAJkV20b8meAjL3ciL2cqrNwXgNh8ry3Okr-4rvRcK_lFUGYHzqwvA6DuAfqA2qDe8VLnMwbNtzSxw_K88wx71FyDZkwbszo69xUwnCP6g1YcnFU-wOAEbec-AEa6mXzSlnhyr65sTh6xRGTDK1BpocLLif2CSlY4VOlO-qyrGGnjrxoQdgancBxB14Az8biMRifAviq79IrEUigrCbff8EPUXYRUjuWO3q67v1ktAuKkp717yNMUEtRrusX9wMcCs-OdRlM25EHQcLp23h_fETGE7jsNy8b0DZj33DVVKzTOr7DcDxbiSH78ZUodr_QA81w81Qao9Cu1pnnxcFGbDwrV1quWVGyWXQmVz7Qw%26sai%3DAMfl-YS0HQC0tIMZB6Z-xdS2_YWdFcpdKfSRM7BBEc_yooU6B81rxHJanlRmlnBHm7VPvwbmohzceerVVMQTc1Uyw2YE1q_Fw90FagDg5oFsBHKt-VJeHFn-v7g15aiaWVFcgLDpARNFOqkgLX0n1JbsDseR9MoHAXt7xUrPQqhOfzzgXx1auky4F7MYincEOm3iUjpzD76_Vi3HPZ9weVqyXeTyWfTnDcAUPfBCBFJDmyaZkhzOjL_1GgeZENTbrsk9t5Pv2p5429Hiux4bKl61fzPuQ9WkBQz1%26sig%3DCg0ArKJSzF4xJJ5wL9QWEAE%26pr%3D67%3A0.119843%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fproducts%252Flisted-options%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285515_525707621
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be1d882665dbe8315c44ea23b1ef040acee463dbc2df107f77909afa4ec72142

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:37 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
nZPaCeepSHMZbbh+xShfnA==
age
884188
cf-polished
origSize=20123
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Tue, 07 Mar 2023 10:29:01 GMT
server
cloudflare
etag
W/"0x8DB1EF6C4FEC22F"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0e7989b5-101e-006e-29f6-1180fc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
827f2c44bf6324c4-ZRH
document.0000001D561DE5.js
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/4059460/4979562/ Frame 20F0 		66 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/4059460/4979562/document.0000001D561DE5.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652d26b6843eb9eeda76728d?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuPfAsaWFTKZqJYAQYNqd8Du6f8XchFRyoyIeSPD5DqN4F3tfRQQeqQ0_HwDYWkzRWmvVLt4s-JX28UW1RQBKddJ0nZAd6xL2fZQkZv36BSZa7kiv1eU2Y1lCW5KJ3yy-DTQQ2u8gt6YuzG9sTOHbnwh3Mtus2-NrW3CsGxFCB2-ScO7B0_eeuVQvBWp6gDQ9JDv_6wRV0dM0J2wsRCrpBPjXGSw26PzpMD2CD9_SATRaLcez-9r2V4j910LCH6dKAGVyKwa6XCsrDp0Wdgmc6T9UITd4ofD8JyKMAg79epBhfP67DoirFa1xzalR6fKCHuHt7Tgs_k3H6NZqD2bRlSPqSTXAtNCnReCBSkNHGtiSoIBW5IoR8hmXuJ7Z6J41sDU_xiU475VfmOpqZWVGMkMieYMjYcAdj1aviU7p3F-aMJADNw9yzGnwDFgyzcCzRHDIENe2lqJylRfAzcyCf-f3Tb5Z2dZLVeh0eiwUl3oxmKLVRi_5vW1fr7YowVztcq5j-G0SWBc-LAny3Xsp_mMoaMEhJ6P66uHCtmklKsbv-bsirZ8WVysiPBFPYUf023ZYgWhxi6V0FHzinp7C-c9i2pR6AU5jw8xYyA9GdkBLdsg0Acq8WPbpAt7akVNi1sTtjlGbwrV5ejCWPtIdqgUutr-GJrfISU8_DVnZBYjVWtWOfqMHX3sd8N5kEref0ASzEBeDCvurX-rsrVMn6xdLBwkRmTazIsBkZMkTVLAhds275WiA9vTTlLS3_rDYjZX7ePh8wIoVqWckHevXLy5clBg_adl-8Iy5xqIKWRJHxTaOCbM56WjpKUG16h9DIiELmtCAvpwgkkOUW4CpJ7d2jWgZ1oC7R7-NJ104hIO1MmXV-uWuIOqS5Y1uyUduADDBLKKcrc6V2UzI5JPec33ib6nhpldqglwY5PI2jgfjLMZfzUrQj1E9pCcBohL09yTk8mDdYxdxdsNJfSDAGViqPGGO_YlWPOFgcGsZNalqyxl1uqeRDkRCcD8tskLdWYlf9iOMzdZ_An0DXhM6X1LuLBWsZGcpJrmcRfD7SdSUclZcHpv7doBkx4ziuZ1NgUlreaQPe-WnYi2QYKkSlWVfBald4xtN1ZIGPFNSc4Z6R1yJT1VBAJkV20b8meAjL3ciL2cqrNwXgNh8ry3Okr-4rvRcK_lFUGYHzqwvA6DuAfqA2qDe8VLnMwbNtzSxw_K88wx71FyDZkwbszo69xUwnCP6g1YcnFU-wOAEbec-AEa6mXzSlnhyr65sTh6xRGTDK1BpocLLif2CSlY4VOlO-qyrGGnjrxoQdgancBxB14Az8biMRifAviq79IrEUigrCbff8EPUXYRUjuWO3q67v1ktAuKkp717yNMUEtRrusX9wMcCs-OdRlM25EHQcLp23h_fETGE7jsNy8b0DZj33DVVKzTOr7DcDxbiSH78ZUodr_QA81w81Qao9Cu1pnnxcFGbDwrV1quWVGyWXQmVz7Qw%26sai%3DAMfl-YS0HQC0tIMZB6Z-xdS2_YWdFcpdKfSRM7BBEc_yooU6B81rxHJanlRmlnBHm7VPvwbmohzceerVVMQTc1Uyw2YE1q_Fw90FagDg5oFsBHKt-VJeHFn-v7g15aiaWVFcgLDpARNFOqkgLX0n1JbsDseR9MoHAXt7xUrPQqhOfzzgXx1auky4F7MYincEOm3iUjpzD76_Vi3HPZ9weVqyXeTyWfTnDcAUPfBCBFJDmyaZkhzOjL_1GgeZENTbrsk9t5Pv2p5429Hiux4bKl61fzPuQ9WkBQz1%26sig%3DCg0ArKJSzF4xJJ5wL9QWEAE%26pr%3D67%3A0.119843%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fproducts%252Flisted-options%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285515_525707621
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12214c7152fa53989558a11655c0baa1d8e9661a7212f496cd69d634cc99384

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:37 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
WUuXTgZXirgVCy7OOCHFvw==
age
1480472
cf-polished
origSize=71564
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Sat, 11 Mar 2023 14:01:04 GMT
server
cloudflare
etag
W/"0x8DB22390DC65822"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8c3927a3-e01e-0018-788a-0c3241000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
827f2c44bf6424c4-ZRH
animated-creative.0d17da23618f24b974cb.js
c.bannerflow.net/scripts/ Frame 20F0 		156 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/animated-creative.0d17da23618f24b974cb.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652d26b6843eb9eeda76728d?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuPfAsaWFTKZqJYAQYNqd8Du6f8XchFRyoyIeSPD5DqN4F3tfRQQeqQ0_HwDYWkzRWmvVLt4s-JX28UW1RQBKddJ0nZAd6xL2fZQkZv36BSZa7kiv1eU2Y1lCW5KJ3yy-DTQQ2u8gt6YuzG9sTOHbnwh3Mtus2-NrW3CsGxFCB2-ScO7B0_eeuVQvBWp6gDQ9JDv_6wRV0dM0J2wsRCrpBPjXGSw26PzpMD2CD9_SATRaLcez-9r2V4j910LCH6dKAGVyKwa6XCsrDp0Wdgmc6T9UITd4ofD8JyKMAg79epBhfP67DoirFa1xzalR6fKCHuHt7Tgs_k3H6NZqD2bRlSPqSTXAtNCnReCBSkNHGtiSoIBW5IoR8hmXuJ7Z6J41sDU_xiU475VfmOpqZWVGMkMieYMjYcAdj1aviU7p3F-aMJADNw9yzGnwDFgyzcCzRHDIENe2lqJylRfAzcyCf-f3Tb5Z2dZLVeh0eiwUl3oxmKLVRi_5vW1fr7YowVztcq5j-G0SWBc-LAny3Xsp_mMoaMEhJ6P66uHCtmklKsbv-bsirZ8WVysiPBFPYUf023ZYgWhxi6V0FHzinp7C-c9i2pR6AU5jw8xYyA9GdkBLdsg0Acq8WPbpAt7akVNi1sTtjlGbwrV5ejCWPtIdqgUutr-GJrfISU8_DVnZBYjVWtWOfqMHX3sd8N5kEref0ASzEBeDCvurX-rsrVMn6xdLBwkRmTazIsBkZMkTVLAhds275WiA9vTTlLS3_rDYjZX7ePh8wIoVqWckHevXLy5clBg_adl-8Iy5xqIKWRJHxTaOCbM56WjpKUG16h9DIiELmtCAvpwgkkOUW4CpJ7d2jWgZ1oC7R7-NJ104hIO1MmXV-uWuIOqS5Y1uyUduADDBLKKcrc6V2UzI5JPec33ib6nhpldqglwY5PI2jgfjLMZfzUrQj1E9pCcBohL09yTk8mDdYxdxdsNJfSDAGViqPGGO_YlWPOFgcGsZNalqyxl1uqeRDkRCcD8tskLdWYlf9iOMzdZ_An0DXhM6X1LuLBWsZGcpJrmcRfD7SdSUclZcHpv7doBkx4ziuZ1NgUlreaQPe-WnYi2QYKkSlWVfBald4xtN1ZIGPFNSc4Z6R1yJT1VBAJkV20b8meAjL3ciL2cqrNwXgNh8ry3Okr-4rvRcK_lFUGYHzqwvA6DuAfqA2qDe8VLnMwbNtzSxw_K88wx71FyDZkwbszo69xUwnCP6g1YcnFU-wOAEbec-AEa6mXzSlnhyr65sTh6xRGTDK1BpocLLif2CSlY4VOlO-qyrGGnjrxoQdgancBxB14Az8biMRifAviq79IrEUigrCbff8EPUXYRUjuWO3q67v1ktAuKkp717yNMUEtRrusX9wMcCs-OdRlM25EHQcLp23h_fETGE7jsNy8b0DZj33DVVKzTOr7DcDxbiSH78ZUodr_QA81w81Qao9Cu1pnnxcFGbDwrV1quWVGyWXQmVz7Qw%26sai%3DAMfl-YS0HQC0tIMZB6Z-xdS2_YWdFcpdKfSRM7BBEc_yooU6B81rxHJanlRmlnBHm7VPvwbmohzceerVVMQTc1Uyw2YE1q_Fw90FagDg5oFsBHKt-VJeHFn-v7g15aiaWVFcgLDpARNFOqkgLX0n1JbsDseR9MoHAXt7xUrPQqhOfzzgXx1auky4F7MYincEOm3iUjpzD76_Vi3HPZ9weVqyXeTyWfTnDcAUPfBCBFJDmyaZkhzOjL_1GgeZENTbrsk9t5Pv2p5429Hiux4bKl61fzPuQ9WkBQz1%26sig%3DCg0ArKJSzF4xJJ5wL9QWEAE%26pr%3D67%3A0.119843%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fproducts%252Flisted-options%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285515_525707621
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb6cef3eb76ec26c8bb8cb59e1ccf16d2facd9a1c387978948ce98664d2ca71f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:37 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
Gq90Z8yQaZwoZjD0SNt4Ow==
age
1394753
cf-polished
origSize=159436
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Tue, 07 Mar 2023 10:29:01 GMT
server
cloudflare
etag
W/"0x8DB1EF6C4EBD802"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c17bac01-b01e-0015-3351-0dfa95000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
827f2c44bf6724c4-ZRH
document.000000F900ACB0.js
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/5332292/7224342/ Frame F02C 		28 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/5332292/7224342/document.000000F900ACB0.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/65264552843eb9eeda76293a?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsstOsOMcO6K1CsOSo7oxLBgm7BOlbOLmq_HTdXjkgKvZAo7gXnjpcl6OZisao8yAQ1cwI2Z03xEexMgUCj_wUaeDsq4ZBnmRLczjnLuP1roOSVNvdWHYJlRBIkVoQlTy4mNK0PIrnC9QZJFAERNmFoyByuI0dyl36tKCEAlBsYIX325Mq_DjVytl3s8NlwLjtVTcTeDZ2hcTP6aJof7jU4Ei4_ZYp9Bjcg9Z6iPRX4XGiaCqOCc6w9EeRQnxeLNrjMgorlzlxadD2Dy6qWOl3UZzgfL0mwqyBQVHqnEtWMVzg2a19lr83j8KGbCBbQKrHFwzbxbX5Ko_8r6d5Eoew45j-t-3ma_SO0a5rWIcj4cfROF0OPnRGgWWKz-tXvtvMBUZI9mmFCN0UbyXpLBJ1ol33eySD-GiVTNl-vkVUap8VgYZU_yLKTkJHTmJgQ9r5xGaYATuXrsExZS8sUFsMnLLn8FZ6K1qXd-bNXE8x0VwPKK_lr1SgEQkQHz-9dbo-sZpt1NWrPumBhNP1AAfYfTmfIcFa6LK9TMk8stEguiBy2dhoWkdg5rNR19dEmm86IzcbY-RmMbB8B8rdRhIlgqDFjzFL3j-PNk7a6IAa1_bCqoC5ai9YRaEYvWvrfo2KnHq0Zv6x_ZexTeCM8VDU5MGBHJ4PZSOHGXAAuUOBPS2sMpWDbmQDqkeLsXFpmWAjK7j64J5g3ena8j6tXEuySarpgFiT9Hr036UqFaXE35m6B8BAqcWMyfvkyXD2cfZc5jZh_7FcUoWZykbA2bJy1ehvX3eSc6Ie-psV2OC5BuBx5suzdnOs1xEk-j5PTieRf1zoQUVjr8piFtfckyA-LZxn16C3e_bVt6vX1-w3bRmpaWHuT4a0xjJdjA2I7uUu2ZGxWvGCFMQBXBEFQFzbZ_QB9UNmhfJbN4UWjbN9UfV1R3NyMwvBbjiJON3YE5nVUZdz-KSoxT2ZMotqwpgVV4QkltmWzm1k39UUGB4Oyei5zMRniRM4dlQiQ1eiEo7SVN1fkFQH5RiuDaDqTPSE26ZhOzuGQgjm06KtuoOCKQCYbSzQse5ZFbWBbm9PClH1NS-DXhvX6EZdHTj3nOTtCohJNuUwTjl00WLiAXkDa373zsCXNJ1JIxTED2_pJRujOTSiQYJzh8NAwu8Kx83QlXTpt_qF6JyDtFlnax1LjghQx2Vkg2h7JLpApXiInE_8lQaALZ2iUTaakdmbPkR5OUY8ZfoCO1DjpjWMGoIAQ4fYX1oJkGciFcID9jxkASVOTCq1_w0QfelYYbn2-iXREjTTTRvtLlTQtMgHNnbB7oN9aDIJ-9AtMGNtwq1OALg9Tbyi_z5xAjqqNZsTk4qVeE5IUjgCrjJI8c7O8ju3NheeKLkSJ1uljFuCiVxMBtxamaAkZVzw1mOFGRXSK634_0jkyq6WD9rNHQUNo5sxLMtg1fieDnI8XcCWn5NgxpNpTjwO4XigbOrjNqg8loeAo%26sai%3DAMfl-YQdx_Z9ckfxvm269VUjbsgnfPP4ALmwMjTXww4GnB_KC_ulMN9Wb4gPKeSaqCKDKvMHaid9Ooxhx20GZ3hijuYeDTfS_XKu-_HGmBTTEk065dSLmhwOncmQaB8LZaseZEArPQTcjmhuxklwaLAX6VR8z5oI2H5cwK0gC_DhsRX7U8bgepJdHspuHKERVvcm0AxJONUbWiIWGtl5dIWDWVKpo50yTRaNXUqcygdaOskVDcyzJetQkzhHkPvqckPVQmrLm8Jx_1a-ELArz88BMLQ9NLO7ER_V%26sig%3DCg0ArKJSzEMlzCHiunrPEAE%26pr%3D8%3A489F9114CF8ACACE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fen-ch%252Fproducts%252Fcfds%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014735043_20642292212_524464410%2523platforms
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba649491cb85513b1174a8900ea9b065eff06af7ccfa6ea0aca182ced503ad7d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:37 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
XxwZVMynIt4p6ovHXyklrQ==
age
1417298
cf-polished
origSize=31969
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 11:27:33 GMT
server
cloudflare
etag
W/"0x8DBAF956DF815AC"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
47fd0218-401e-0001-061d-0db2fa000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
827f2c45082124c4-ZRH
animated-creative.b105a4e6577fb08357fd.js
c.bannerflow.net/scripts/ Frame F02C 		156 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/animated-creative.b105a4e6577fb08357fd.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/65264552843eb9eeda76293a?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsstOsOMcO6K1CsOSo7oxLBgm7BOlbOLmq_HTdXjkgKvZAo7gXnjpcl6OZisao8yAQ1cwI2Z03xEexMgUCj_wUaeDsq4ZBnmRLczjnLuP1roOSVNvdWHYJlRBIkVoQlTy4mNK0PIrnC9QZJFAERNmFoyByuI0dyl36tKCEAlBsYIX325Mq_DjVytl3s8NlwLjtVTcTeDZ2hcTP6aJof7jU4Ei4_ZYp9Bjcg9Z6iPRX4XGiaCqOCc6w9EeRQnxeLNrjMgorlzlxadD2Dy6qWOl3UZzgfL0mwqyBQVHqnEtWMVzg2a19lr83j8KGbCBbQKrHFwzbxbX5Ko_8r6d5Eoew45j-t-3ma_SO0a5rWIcj4cfROF0OPnRGgWWKz-tXvtvMBUZI9mmFCN0UbyXpLBJ1ol33eySD-GiVTNl-vkVUap8VgYZU_yLKTkJHTmJgQ9r5xGaYATuXrsExZS8sUFsMnLLn8FZ6K1qXd-bNXE8x0VwPKK_lr1SgEQkQHz-9dbo-sZpt1NWrPumBhNP1AAfYfTmfIcFa6LK9TMk8stEguiBy2dhoWkdg5rNR19dEmm86IzcbY-RmMbB8B8rdRhIlgqDFjzFL3j-PNk7a6IAa1_bCqoC5ai9YRaEYvWvrfo2KnHq0Zv6x_ZexTeCM8VDU5MGBHJ4PZSOHGXAAuUOBPS2sMpWDbmQDqkeLsXFpmWAjK7j64J5g3ena8j6tXEuySarpgFiT9Hr036UqFaXE35m6B8BAqcWMyfvkyXD2cfZc5jZh_7FcUoWZykbA2bJy1ehvX3eSc6Ie-psV2OC5BuBx5suzdnOs1xEk-j5PTieRf1zoQUVjr8piFtfckyA-LZxn16C3e_bVt6vX1-w3bRmpaWHuT4a0xjJdjA2I7uUu2ZGxWvGCFMQBXBEFQFzbZ_QB9UNmhfJbN4UWjbN9UfV1R3NyMwvBbjiJON3YE5nVUZdz-KSoxT2ZMotqwpgVV4QkltmWzm1k39UUGB4Oyei5zMRniRM4dlQiQ1eiEo7SVN1fkFQH5RiuDaDqTPSE26ZhOzuGQgjm06KtuoOCKQCYbSzQse5ZFbWBbm9PClH1NS-DXhvX6EZdHTj3nOTtCohJNuUwTjl00WLiAXkDa373zsCXNJ1JIxTED2_pJRujOTSiQYJzh8NAwu8Kx83QlXTpt_qF6JyDtFlnax1LjghQx2Vkg2h7JLpApXiInE_8lQaALZ2iUTaakdmbPkR5OUY8ZfoCO1DjpjWMGoIAQ4fYX1oJkGciFcID9jxkASVOTCq1_w0QfelYYbn2-iXREjTTTRvtLlTQtMgHNnbB7oN9aDIJ-9AtMGNtwq1OALg9Tbyi_z5xAjqqNZsTk4qVeE5IUjgCrjJI8c7O8ju3NheeKLkSJ1uljFuCiVxMBtxamaAkZVzw1mOFGRXSK634_0jkyq6WD9rNHQUNo5sxLMtg1fieDnI8XcCWn5NgxpNpTjwO4XigbOrjNqg8loeAo%26sai%3DAMfl-YQdx_Z9ckfxvm269VUjbsgnfPP4ALmwMjTXww4GnB_KC_ulMN9Wb4gPKeSaqCKDKvMHaid9Ooxhx20GZ3hijuYeDTfS_XKu-_HGmBTTEk065dSLmhwOncmQaB8LZaseZEArPQTcjmhuxklwaLAX6VR8z5oI2H5cwK0gC_DhsRX7U8bgepJdHspuHKERVvcm0AxJONUbWiIWGtl5dIWDWVKpo50yTRaNXUqcygdaOskVDcyzJetQkzhHkPvqckPVQmrLm8Jx_1a-ELArz88BMLQ9NLO7ER_V%26sig%3DCg0ArKJSzEMlzCHiunrPEAE%26pr%3D8%3A489F9114CF8ACACE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fen-ch%252Fproducts%252Fcfds%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014735043_20642292212_524464410%2523platforms
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80c1a71b0825d5c2a91d238da77ede821f8df46b20974aa774f5bc03aefe6a45

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:37 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
lEV9j3pUvMgu01szZkbLog==
age
1486175
cf-polished
origSize=159577
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Thu, 31 Aug 2023 09:36:51 GMT
server
cloudflare
etag
W/"0x8DBAA05CE239A64"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6b739737-d01e-0013-167d-0cc92a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
827f2c45082524c4-ZRH
truncated
/ Frame 6CDB 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 6CDB 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 6CDB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:15:26 GMT
x-content-type-options
nosniff
age
151871
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 23 Nov 2023 15:15:26 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6CDB 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff_I4mAAAAAGHfEhhVXeU12QZE9z2mPvtEr2BI&co=aHR0cHM6Ly9mb2xrZC5jb206NDQz&hl=de-CH&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=normal&cb=ad3usnoadv8t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:26:56 GMT
x-content-type-options
nosniff
age
122381
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Nov 2024 23:26:56 GMT
65255d77843eb9eeda7622f0
c.bannerflow.net/a/ Frame 0461 		70 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/a/65255d77843eb9eeda7622f0?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvL57_Beye50btDr0uxhLnmg0A6h6mqCwqtO_7UUdRkoXG7jzGiqtA_fihEKtlRjLjXBP_sqx7J-I7Iwru9dXlGyuREXfZAKQTCUKqyVeMu-zQSXmX6d0V343KiUaXFIucAggkhIgeLX3TmQ7ynGMdOXC9fLJjjCkzy5IJNggcQ24C8WYm6Pofpau36MnGLfkGNrfs023lYdOQJqJS7Z8mda1j7RkdVxdYErX_i5ogHxS4wsY0TLan8BhVYapcjIJmWUZMOQ-Dmgvy8zZN-6QI2W97boQhf_cMronbt8Dce34FRng535LqGPabWXfbjPPG2njRbU8Qq1xoQzdiECTOG_g_4dCUrsZRjZUwZaRxarauwNYPN5OTkxytPOozRKI6ARIt9tU5ELwhvzVZvvhTw4CKoWtVcBLqqSxStILxgkM-_TBTK_oacsTquxU0dpekfQXbmB-J0zUEUGsFUOmZLqA4-8xX2izRFsvHH5MTlSBLJYj9jTaD4UJB704pk6C5YGk7fhB8L0r58DHH783Qgi8V_Qa4RY2mWH7ofwtFRIW8wqEEP7k19kH8TsWxVOXp2qq5xmEot1xf0h_NV4_BnH9CCY6Duqwe7d1QgelpIeUIxtM8orh2h8TtceIc79WIBl8R69qiKKMWwfTxua4wdL7QBoSAz_86TVGSSQU6zcT6OkEIIgeBjLAeJ_qNExq21mcwb-Z05T9VXqnVnZ4Z3UYWi3XB_W4Ede8BuRbry_z3LLZKLnk_nxmfL0001n4JOmOIyegtl6DVtJaTZbdEu8R9whU_EIb9kfqTbH-w8NV0Lvmo0Ymb2dIJVexBXFNTv70ZQGfP7v5BgmKIwSRVDBTSXIdcc7PpkspzojnxHYtxb6VF_QwqT7iVS_sMjhLju_PMxcWLm15ufoqHX21lcPWXJMOlX0oO2vZga_1-sb9fM2E1s0tMi5lVb2spldLPXC48OfCPUvXUpzD7dDbJUQt3JCBk8KInTcEysoviquHpA3523gTlm5PHdkbtakCJltki80xZ7AhqsRmUvP3G0GXa3HsTObChjknmU3xgWpmrwYOsKSveaaSEMQX4kIAjrTod7rh03TubhYZbVy-oH0aUcCDvMXZiE5cE7hO1_3axWxrTgp1MRHSSOj6H8Mt77WDMtp_HrNHexyBWlHt4ZajumtFNTq52LQvLsGAyNxsall4mWYipSzY_lOcUJFOYmvtaeRl3O9o6DVd0-E3f0ujQmiiWAWXr9nIr06gE-HCDkSxL3wQ2l82bsn3YSCGww-0k5F39odaYHwbfeyVfVhgLpbzs8KuI4Yw94I_1Xk5yhzFZRrbKXCXPrZpMISNI417n5htnJv0wAq3LESMxxoxPuJKF8CBuC2IPt9kzMxYZr0UGfVHRpMQiNxJcgEfX0h3oG_gUqy35c5GvejavR130pFMshHhra0ikKuvmtYCOFxPtdvazQCvgibZhXM9lKQ4QHSC_UYON1SvKKrpM8fQ%26sai%3DAMfl-YR4URjTGZnAEnd0sgkcJljPe_KU4y35AACKdLKLJdKsJyM0mFRqnr2lvhO_mCtQEfUi02foyeWHs5YGJO2_yAjSd3hXbxAIt-B_b2nnYL7NsdUKF4bXzgAKvIFTn6kLZjI_ysItZl2StmIuPEtF3lya3WJgp7KYa9Etgn4-B0limmLaSHDTM-a_gL2BMKwvMuusaSk79nSllNXN85Yt0BXFTJnRxpHIQiwF06QwD_H-QL9YGfaXAIHQcVRNG2T4yfYYBV5nsX3LPafVV_rYXbo5df5GLBIo%26sig%3DCg0ArKJSzD6qVA7nYnPQEAE%26pr%3D8%3A414555A0233F1638%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fen-ch%252Fproducts%252Flisted-options%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014735043_20642292212_524464410
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/878616523147575296/CH-EN_Options_Core_Messaging-1-Global-300x600-638325444140859338-7a0e12a8-cfa6-4117-9cfc-18a44ed9c9bc.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33d5b396bdd7a6afc2e6376da1b5f586e259279936eedb812544d06af90e63ad

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:37 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 18 Nov 2023 09:26:37 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, s-maxage=10
cf-ray
827f2c45d9c724c4-ZRH
request-context
appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
webworker.js
www.google.com/recaptcha/api2/ Frame 6CDB 		105 B
212 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de-CH&v=-QbJqHfGOUB8nuVRLvzFLVed
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff_I4mAAAAAGHfEhhVXeU12QZE9z2mPvtEr2BI&co=aHR0cHM6Ly9mb2xrZC5jb206NDQz&hl=de-CH&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=normal&cb=ad3usnoadv8t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
GSE /
Resource Hash
f6b9d81e54a20796a7441b1eed0741d5f9c4c338761556981da51f5c02a4f191
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff_I4mAAAAAGHfEhhVXeU12QZE9z2mPvtEr2BI&co=aHR0cHM6Ly9mb2xrZC5jb206NDQz&hl=de-CH&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=normal&cb=ad3usnoadv8t
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 09:26:37 GMT
document.000000A0634324.js
c.bannerflow.net/accounts/soft2bet/63e10827ee6588a96cb203e2/published/5041997/7395980/ Frame F44B 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/accounts/soft2bet/63e10827ee6588a96cb203e2/published/5041997/7395980/document.000000A0634324.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6480988eb614435d92f82804?did=5ced02fe0fd60d000186f5ac&deeplink=off&domain=https%3a%2f%2ffbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84880c4ea9a3a1bba298d8ffeb4f8475ec6d06b934786e1125fc943ba71865d0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:37 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
nu8OnADbhffsY7FyHo7DNA==
age
899475
cf-polished
origSize=11137
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Thu, 14 Sep 2023 10:13:16 GMT
server
cloudflare
etag
W/"0x8DBB50B36553C1D"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
44117c54-d01e-005e-4ed3-113e33000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
827f2c462a6224c4-ZRH
animated-creative.b105a4e6577fb08357fd.js
c.bannerflow.net/scripts/ Frame F44B 		156 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/animated-creative.b105a4e6577fb08357fd.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6480988eb614435d92f82804?did=5ced02fe0fd60d000186f5ac&deeplink=off&domain=https%3a%2f%2ffbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80c1a71b0825d5c2a91d238da77ede821f8df46b20974aa774f5bc03aefe6a45

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:37 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
lEV9j3pUvMgu01szZkbLog==
age
1486175
cf-polished
origSize=159577
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Thu, 31 Aug 2023 09:36:51 GMT
server
cloudflare
etag
W/"0x8DBAA05CE239A64"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6b739737-d01e-0013-167d-0cc92a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
827f2c462a6624c4-ZRH
document.000000A0634324.js
c.bannerflow.net/accounts/soft2bet/63e10827ee6588a96cb203e2/published/5041997/7395980/ Frame 408C 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/accounts/soft2bet/63e10827ee6588a96cb203e2/published/5041997/7395980/document.000000A0634324.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6480988eb614435d92f82804?did=5ced02fe0fd60d000186f5ac&deeplink=off&domain=https%3a%2f%2ffbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84880c4ea9a3a1bba298d8ffeb4f8475ec6d06b934786e1125fc943ba71865d0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:37 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
nu8OnADbhffsY7FyHo7DNA==
age
899475
cf-polished
origSize=11137
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Thu, 14 Sep 2023 10:13:16 GMT
server
cloudflare
etag
W/"0x8DBB50B36553C1D"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
44117c54-d01e-005e-4ed3-113e33000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
827f2c468b1224c4-ZRH
animated-creative.b105a4e6577fb08357fd.js
c.bannerflow.net/scripts/ Frame 408C 		156 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/animated-creative.b105a4e6577fb08357fd.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6480988eb614435d92f82804?did=5ced02fe0fd60d000186f5ac&deeplink=off&domain=https%3a%2f%2ffbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80c1a71b0825d5c2a91d238da77ede821f8df46b20974aa774f5bc03aefe6a45

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:37 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
lEV9j3pUvMgu01szZkbLog==
age
1486175
cf-polished
origSize=159577
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Thu, 31 Aug 2023 09:36:51 GMT
server
cloudflare
etag
W/"0x8DBAA05CE239A64"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6b739737-d01e-0013-167d-0cc92a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
827f2c468b1624c4-ZRH
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame C48E 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
25679e64b105c0acb0da7fe3cf9f7988027e9511a28c536f5ea322ac08e642dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 08:29:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
3422
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24357
x-xss-protection
0
server
cafe
etag
17020722232796629264
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 09:29:35 GMT
mmt.gif
imps.monu.delivery/ 		37 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=e634ceb0-a884-47c5-9981-592178c50d0d&a=p.l&u=5d65a9fa-c3bc-4e73-b569-1a8af1e68dc7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 06:53:14 GMT
age
527603
x-guploader-uploadid
ABPtcPpY7imjaJdnkVO6i_GPmBn6c-3SbFw2xaTZmP6AKmYYtgiU0vX7WBCsegBLkONR-PrN1G9PaH6m7PoEZgyzttlU3A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Mon, 11 Nov 2024 06:53:14 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=49ED4D72F2DA4A3AB9BAFA22E8ED8B4A&RedC=c.clarity.ms&MXFR=173A68C7873C670F3D7D7B0A833C6913
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=49ED4D72F2DA4A3AB9BAFA22E8ED8B4A&MUID=36669896F0C06FFE1AB98B5BF1CB6E21
42 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=49ED4D72F2DA4A3AB9BAFA22E8ED8B4A&MUID=36669896F0C06FFE1AB98B5BF1CB6E21
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:38 GMT
last-modified
Wed, 30 Aug 2023 19:01:41 GMT
server
Microsoft-IIS/10.0
etag
"8d59566974dbd91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:38 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1F3D296156A247E28A7D157E8566A76C Ref B: GVA30EDGE0114 Ref C: 2023-11-18T09:26:38Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=49ED4D72F2DA4A3AB9BAFA22E8ED8B4A&MUID=36669896F0C06FFE1AB98B5BF1CB6E21
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
36511258467f9290c3b117b3a57a491310f6de44add47faad5f84188583e948f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12390
x-xss-protection
0
csi
csi.gstatic.com/ Frame AFD5 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lp3uha6m&chm=1&c=4076639824696142&ctx=2&qqid=CKf-msmdzYIDFX0DVQgdmIMBpA&met.4=fb.lb~lb.26k~cmrload.2vl~ol.3c6~idt.-61~dt.-10r&met.3=492.lb~374.30u~440.3bp~440.3c1~443.3c2~438.3c2~441.3c5~438.3c6~439.3c6~438.3c6~113.40o_3~112.40n_3&met.1=1.lp3uh65z~6.a~7.a~8.a~9.a~10.a~12.d~13.1h~14.1j~15.81~16.2vg~17.2vg~18.2vh~19.3b9~20.3bc~21.3c6~22.2bf~23.2bf&met.7=CBsQCBgBKAowNzjmIWgOcDV4iReAAd0UiAGSMLABAbgBAw~CBsQCiCBBjhM~CCgQBRgBIIMGKIMGMIIHOH9oiQZw9QZ4lASAAegBiAGTBLABAbgBAw~CBwQChgBIIMGKIMGMPoGOHdohAZw8gZ4qfgBgAH99QGIAYXHBbABAbgBAw~CBsQBiCKBjhn~CBsQBiCKBjhl~CBwQBhgBIIoGKIoGMIEHOHdojQZw9QZ41gKAASqIASqwAQG4AQM~CBwQBhgBIIsGKIsGMIIHOHdojgZwgQd4rAKwAQG4AQM~CBsQBiCLBjhE~CBsQBiCLBjhF~CB4QChgBIIsGKIsGMOwGOGFojgZw6wZ4gAyAAdQJiAGBFbABAbgBAw~CBwQChgBIIsGKIsGMNEGOEVojgZw0AZ4iUWAAd1CiAHwoQGwAQG4AQM~CBsQBhgBIIsGKIsGMO0GOGI~CBEQChgBIIwGKIwGMOsGOF9ojgZw0QZ4rjSAAYIyiAGLvQGwAQG4AQM~CCoQChgBIIwGKIwGMNcHOMwBaI4GcKwHeNr-A4ABrvwDiAHd0AywAQG4AQM~CBsQBiCMBjho~CBsQDSDjDzgy~CBsQDSDyDziSAg~CBsQDSCIEDiYAg~CBsQDSCJEDhW~CBwQARgBIIcRKIcRMO0ROGdohxFw7BF4rAKwAQG4AQM~CBwQARgBIIoRKIoRMO8ROGVoihFw7hF4rAKwAQG4AQM~CCgQChgBILERKLERMKESOHFosxFwkBJ4uLcCgAGMtQKIAb_mBbABAbgBAw~CBsQDSDmEjjjAg~CBsQDSDnEjh9~CBsQDSDoEjivAQ~CBsQDSDeEziuAg~CCkQChgBINYUKNYUMIcVODJo1xRwhhV4qrkCgAH-tgKIAbH1BrABAbgBAw~CBwQChgBINYUKNYUMIkVODNo1xRwiRV4miOAAe4giAGAWLABAbgBAw~CAkQChgBINwUKNwUMJ8VOENo5hRwnxV4jl-AAeJciAH2-AGwAQG4AQM~CCcQChgBIN0UKN0UMKEVOENo5hRwnhV4nW-AAfFsiAHpyQKwAQG4AQM~CBsQBSCDFjj3CA~CBwQBRgBIIkWKIkWMLsWODJoixZwuxZ4lgeAAeoEiAGWCbABAbgBAw~CBsQDSCzGDjgAg~CBsQDSCjHTiTAg~CBsQDSClHThV~CCcQBRgBIKkdKKkdMO0dOERoqx1w7B14oWiAAfVliAH-sAKwAQG4AQM~CCIQBBgBILQdKLQdMKAeOGtotR1wnx54rAKwAQG4AQM~CCkQBhgBILUdKLUdMPkdOERotR1w-B149NYBgAHI1AGIAcjUAbABAbgBAw~CBsQDSCBITiMAg~CBsQDSDkITiUAg~CCoQChgBIPAhKPAhMJEjOKEBaPEhcN8ieNr-A4ABrvwDiAHd0AywAQG4AQM~CCIQBBgBIPIhKPIhML8iOE1o8yFwvSJ4rAKwAQG4AQM~CB8QBRgBIPQhKPQhMJ8iOCto9iFwniJ4tg2AAYoLiAHgHbABAbgBAw~CCEQBhgBIPUhKPUhMMoiOFU~CCgQChgBIPAjKPAjMJ4kOC1o8SNwmiR40cABgAGlvgGIAf_-A7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:37 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame AFD5 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=2~lp3uha9g&chm=1&c=4076639824696142&ctx=2&qqid=CKf-msmdzYIDFX0DVQgdmIMBpA&met.6=6.1_Cg8YtwIgUyoICAQSBBABMAEKDxiXAyBKKggIBBIEEAEwAQoPGPEDIEgqCAgEEgQQATABChAY9gQglgEqCAgBEgQQATABCgwYkgYgkAEqBAgIEgAKDxiuByBYKggIBBIEEAEwAQoPGJIKIEAqCAgEEgQQATABCg8Y3AsgQyoICAQSBBABMAEKDxilDCBEKggIBBIEEAEwAQoLGJYOIEQqBAgIEgAKCxjDESA3KgQICBIACg8YkhQgTCoICAESBBABMAEKCxiVFiBrKgQIBRIACgsYphsgfCoECAUSAA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:37 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=folkd.com&doc=complete&pg_h=9050&pg_w=1600&pg_hs=9050&c=10&aa_c=0&av_h=141&av_w=685.200&av_a=76968&s=121.969&all_s=121.969&b=151.188&all_b=151.188&d=0.156&all_d=0.156&ard=0.053&all_ard=0.053&dt=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AFD5 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5114258070921&version=m202309260101&ct=76&x=8&cor=14718532397188905000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1CC5 		0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BsnQ_SINYZZKTEISk9u8PvOywkAoAAAAAOAHgBAI&bg=!hYalhsnNAAZxrfrxUa07ADQBe5WfOIdmc9ZJrE7ktaiphanMWmX6UK8UWHOUFQmJ4BhhmR5pDl4x6_sb3bZbdc6birsjAgAABS5SAAAABWgBB5kDBlh3-BliBqcZMdAbGpuU85joTNqxvdO55ORCQEzYoYHvfIeapa8pNKMvRsMiO8QouHFz8e1B7AlpCj-kb6bOPV6boj6pd5H4lFLneNRTcxam0gIfEtQGq1r7wv9pX-0-SoEUzbp8m5dF5tITyKZ7cTe41zUc6_OvflOEeG7lLlhOkQe_OjrC-yx3u9RNLVFpTnUf4OW1IDtl-i7uyInjkkZRQQeVa4ZhUYD9H8IGzQLzKIIIJNQbdViS7O4fNZ95wroin09fUP2tlUaT60WtN9T4mHa9chA47q9UzkvlZkW4ay2FsueSBDES90sSkq3Kp4P0eG_nkQ_4TtmGrXSVmvCm43evly5icrEkawNCS9mnCSpYB6WsJ1JCXtTGsoagbk5sowzBHcivuOI8jTPYeNZ1t1SIERKMVd9b_2c5V379r_Daro58wyYFCPHktqgAD39pnRiJ_zoVsaOh3TXvXh6n70-D7_WdfbTXBxF4MFEOK9bRr0EqfIkaMFVrg67suxJlk_2O3hQFnhFZenEqYXQKokfVhXhpBntsqaE8WiPd_UqhjNJMGF4d-fRGK0MUwBiLtq6iFTJoEwhb4nojaYcFQDVvwefDUJuilo3klVPKCZUc3QX_XXiCdUff2LHPEp2Cq95sUtd_3uMVYlVCgVH2Y-JweLREplgQcqVc-zeb-n7TAB7Q040aUVZWfJcwP8KbhItRNPuDH8P4M4GeV5sPlkD8apWK4dLLpbCDLzIybAJc6LtZV6rEKMmDatgcvA5jobiJzhiMod-YQyKD1yOvU--FmXiETcVNkr_F-o97tPVotcfjXGtKTs9LKBHY7PSdACiMluAiDiUpm7esuqvUXwgKriY004Oe39v5GcVj3qtCVDbh7Ov5WS1p3foKqnVbZDO8SWJVz-wCYFW9i1a0rfhSRkLeJT0lhS0uifc-ysn2SPiPowpMfwEb099qc1kBh9GQmqPY7cGkJ23YMiym_RAttVZwkF1qUAp8L14X71a5-SGGTlDP60xmZVpLh3Gf-7Jv5A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 18 Nov 2023 09:26:38 GMT
widget.e41a0c4132970d505cc8.js
c.bannerflow.net/scripts/ Frame 0461 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/widget.e41a0c4132970d505cc8.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/65255d77843eb9eeda7622f0?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvL57_Beye50btDr0uxhLnmg0A6h6mqCwqtO_7UUdRkoXG7jzGiqtA_fihEKtlRjLjXBP_sqx7J-I7Iwru9dXlGyuREXfZAKQTCUKqyVeMu-zQSXmX6d0V343KiUaXFIucAggkhIgeLX3TmQ7ynGMdOXC9fLJjjCkzy5IJNggcQ24C8WYm6Pofpau36MnGLfkGNrfs023lYdOQJqJS7Z8mda1j7RkdVxdYErX_i5ogHxS4wsY0TLan8BhVYapcjIJmWUZMOQ-Dmgvy8zZN-6QI2W97boQhf_cMronbt8Dce34FRng535LqGPabWXfbjPPG2njRbU8Qq1xoQzdiECTOG_g_4dCUrsZRjZUwZaRxarauwNYPN5OTkxytPOozRKI6ARIt9tU5ELwhvzVZvvhTw4CKoWtVcBLqqSxStILxgkM-_TBTK_oacsTquxU0dpekfQXbmB-J0zUEUGsFUOmZLqA4-8xX2izRFsvHH5MTlSBLJYj9jTaD4UJB704pk6C5YGk7fhB8L0r58DHH783Qgi8V_Qa4RY2mWH7ofwtFRIW8wqEEP7k19kH8TsWxVOXp2qq5xmEot1xf0h_NV4_BnH9CCY6Duqwe7d1QgelpIeUIxtM8orh2h8TtceIc79WIBl8R69qiKKMWwfTxua4wdL7QBoSAz_86TVGSSQU6zcT6OkEIIgeBjLAeJ_qNExq21mcwb-Z05T9VXqnVnZ4Z3UYWi3XB_W4Ede8BuRbry_z3LLZKLnk_nxmfL0001n4JOmOIyegtl6DVtJaTZbdEu8R9whU_EIb9kfqTbH-w8NV0Lvmo0Ymb2dIJVexBXFNTv70ZQGfP7v5BgmKIwSRVDBTSXIdcc7PpkspzojnxHYtxb6VF_QwqT7iVS_sMjhLju_PMxcWLm15ufoqHX21lcPWXJMOlX0oO2vZga_1-sb9fM2E1s0tMi5lVb2spldLPXC48OfCPUvXUpzD7dDbJUQt3JCBk8KInTcEysoviquHpA3523gTlm5PHdkbtakCJltki80xZ7AhqsRmUvP3G0GXa3HsTObChjknmU3xgWpmrwYOsKSveaaSEMQX4kIAjrTod7rh03TubhYZbVy-oH0aUcCDvMXZiE5cE7hO1_3axWxrTgp1MRHSSOj6H8Mt77WDMtp_HrNHexyBWlHt4ZajumtFNTq52LQvLsGAyNxsall4mWYipSzY_lOcUJFOYmvtaeRl3O9o6DVd0-E3f0ujQmiiWAWXr9nIr06gE-HCDkSxL3wQ2l82bsn3YSCGww-0k5F39odaYHwbfeyVfVhgLpbzs8KuI4Yw94I_1Xk5yhzFZRrbKXCXPrZpMISNI417n5htnJv0wAq3LESMxxoxPuJKF8CBuC2IPt9kzMxYZr0UGfVHRpMQiNxJcgEfX0h3oG_gUqy35c5GvejavR130pFMshHhra0ikKuvmtYCOFxPtdvazQCvgibZhXM9lKQ4QHSC_UYON1SvKKrpM8fQ%26sai%3DAMfl-YR4URjTGZnAEnd0sgkcJljPe_KU4y35AACKdLKLJdKsJyM0mFRqnr2lvhO_mCtQEfUi02foyeWHs5YGJO2_yAjSd3hXbxAIt-B_b2nnYL7NsdUKF4bXzgAKvIFTn6kLZjI_ysItZl2StmIuPEtF3lya3WJgp7KYa9Etgn4-B0limmLaSHDTM-a_gL2BMKwvMuusaSk79nSllNXN85Yt0BXFTJnRxpHIQiwF06QwD_H-QL9YGfaXAIHQcVRNG2T4yfYYBV5nsX3LPafVV_rYXbo5df5GLBIo%26sig%3DCg0ArKJSzD6qVA7nYnPQEAE%26pr%3D8%3A414555A0233F1638%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fen-ch%252Fproducts%252Flisted-options%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014735043_20642292212_524464410
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be1d882665dbe8315c44ea23b1ef040acee463dbc2df107f77909afa4ec72142

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:38 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
nZPaCeepSHMZbbh+xShfnA==
age
884189
cf-polished
origSize=20123
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Tue, 07 Mar 2023 10:29:01 GMT
server
cloudflare
etag
W/"0x8DB1EF6C4FEC22F"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0e7989b5-101e-006e-29f6-1180fc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
827f2c49fa5d24c4-ZRH
document.00000075F7E019.js
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/3953338/4964318/ Frame 0461 		69 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/3953338/4964318/document.00000075F7E019.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/65255d77843eb9eeda7622f0?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvL57_Beye50btDr0uxhLnmg0A6h6mqCwqtO_7UUdRkoXG7jzGiqtA_fihEKtlRjLjXBP_sqx7J-I7Iwru9dXlGyuREXfZAKQTCUKqyVeMu-zQSXmX6d0V343KiUaXFIucAggkhIgeLX3TmQ7ynGMdOXC9fLJjjCkzy5IJNggcQ24C8WYm6Pofpau36MnGLfkGNrfs023lYdOQJqJS7Z8mda1j7RkdVxdYErX_i5ogHxS4wsY0TLan8BhVYapcjIJmWUZMOQ-Dmgvy8zZN-6QI2W97boQhf_cMronbt8Dce34FRng535LqGPabWXfbjPPG2njRbU8Qq1xoQzdiECTOG_g_4dCUrsZRjZUwZaRxarauwNYPN5OTkxytPOozRKI6ARIt9tU5ELwhvzVZvvhTw4CKoWtVcBLqqSxStILxgkM-_TBTK_oacsTquxU0dpekfQXbmB-J0zUEUGsFUOmZLqA4-8xX2izRFsvHH5MTlSBLJYj9jTaD4UJB704pk6C5YGk7fhB8L0r58DHH783Qgi8V_Qa4RY2mWH7ofwtFRIW8wqEEP7k19kH8TsWxVOXp2qq5xmEot1xf0h_NV4_BnH9CCY6Duqwe7d1QgelpIeUIxtM8orh2h8TtceIc79WIBl8R69qiKKMWwfTxua4wdL7QBoSAz_86TVGSSQU6zcT6OkEIIgeBjLAeJ_qNExq21mcwb-Z05T9VXqnVnZ4Z3UYWi3XB_W4Ede8BuRbry_z3LLZKLnk_nxmfL0001n4JOmOIyegtl6DVtJaTZbdEu8R9whU_EIb9kfqTbH-w8NV0Lvmo0Ymb2dIJVexBXFNTv70ZQGfP7v5BgmKIwSRVDBTSXIdcc7PpkspzojnxHYtxb6VF_QwqT7iVS_sMjhLju_PMxcWLm15ufoqHX21lcPWXJMOlX0oO2vZga_1-sb9fM2E1s0tMi5lVb2spldLPXC48OfCPUvXUpzD7dDbJUQt3JCBk8KInTcEysoviquHpA3523gTlm5PHdkbtakCJltki80xZ7AhqsRmUvP3G0GXa3HsTObChjknmU3xgWpmrwYOsKSveaaSEMQX4kIAjrTod7rh03TubhYZbVy-oH0aUcCDvMXZiE5cE7hO1_3axWxrTgp1MRHSSOj6H8Mt77WDMtp_HrNHexyBWlHt4ZajumtFNTq52LQvLsGAyNxsall4mWYipSzY_lOcUJFOYmvtaeRl3O9o6DVd0-E3f0ujQmiiWAWXr9nIr06gE-HCDkSxL3wQ2l82bsn3YSCGww-0k5F39odaYHwbfeyVfVhgLpbzs8KuI4Yw94I_1Xk5yhzFZRrbKXCXPrZpMISNI417n5htnJv0wAq3LESMxxoxPuJKF8CBuC2IPt9kzMxYZr0UGfVHRpMQiNxJcgEfX0h3oG_gUqy35c5GvejavR130pFMshHhra0ikKuvmtYCOFxPtdvazQCvgibZhXM9lKQ4QHSC_UYON1SvKKrpM8fQ%26sai%3DAMfl-YR4URjTGZnAEnd0sgkcJljPe_KU4y35AACKdLKLJdKsJyM0mFRqnr2lvhO_mCtQEfUi02foyeWHs5YGJO2_yAjSd3hXbxAIt-B_b2nnYL7NsdUKF4bXzgAKvIFTn6kLZjI_ysItZl2StmIuPEtF3lya3WJgp7KYa9Etgn4-B0limmLaSHDTM-a_gL2BMKwvMuusaSk79nSllNXN85Yt0BXFTJnRxpHIQiwF06QwD_H-QL9YGfaXAIHQcVRNG2T4yfYYBV5nsX3LPafVV_rYXbo5df5GLBIo%26sig%3DCg0ArKJSzD6qVA7nYnPQEAE%26pr%3D8%3A414555A0233F1638%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fen-ch%252Fproducts%252Flisted-options%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014735043_20642292212_524464410
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc47a405898fe824aca19264cd21ffffd9238bf9b9c1de712f35758025c826f0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:38 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
EvflrRLti6h1A+hfADz+mA==
age
1456878
cf-polished
origSize=75616
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Sat, 11 Mar 2023 08:52:03 GMT
server
cloudflare
etag
W/"0x8DB220DE2DABE7C"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b44bc594-b01e-0093-2ec1-0c362c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
827f2c49fa5f24c4-ZRH
animated-creative.0d17da23618f24b974cb.js
c.bannerflow.net/scripts/ Frame 0461 		156 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/animated-creative.0d17da23618f24b974cb.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/65255d77843eb9eeda7622f0?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvL57_Beye50btDr0uxhLnmg0A6h6mqCwqtO_7UUdRkoXG7jzGiqtA_fihEKtlRjLjXBP_sqx7J-I7Iwru9dXlGyuREXfZAKQTCUKqyVeMu-zQSXmX6d0V343KiUaXFIucAggkhIgeLX3TmQ7ynGMdOXC9fLJjjCkzy5IJNggcQ24C8WYm6Pofpau36MnGLfkGNrfs023lYdOQJqJS7Z8mda1j7RkdVxdYErX_i5ogHxS4wsY0TLan8BhVYapcjIJmWUZMOQ-Dmgvy8zZN-6QI2W97boQhf_cMronbt8Dce34FRng535LqGPabWXfbjPPG2njRbU8Qq1xoQzdiECTOG_g_4dCUrsZRjZUwZaRxarauwNYPN5OTkxytPOozRKI6ARIt9tU5ELwhvzVZvvhTw4CKoWtVcBLqqSxStILxgkM-_TBTK_oacsTquxU0dpekfQXbmB-J0zUEUGsFUOmZLqA4-8xX2izRFsvHH5MTlSBLJYj9jTaD4UJB704pk6C5YGk7fhB8L0r58DHH783Qgi8V_Qa4RY2mWH7ofwtFRIW8wqEEP7k19kH8TsWxVOXp2qq5xmEot1xf0h_NV4_BnH9CCY6Duqwe7d1QgelpIeUIxtM8orh2h8TtceIc79WIBl8R69qiKKMWwfTxua4wdL7QBoSAz_86TVGSSQU6zcT6OkEIIgeBjLAeJ_qNExq21mcwb-Z05T9VXqnVnZ4Z3UYWi3XB_W4Ede8BuRbry_z3LLZKLnk_nxmfL0001n4JOmOIyegtl6DVtJaTZbdEu8R9whU_EIb9kfqTbH-w8NV0Lvmo0Ymb2dIJVexBXFNTv70ZQGfP7v5BgmKIwSRVDBTSXIdcc7PpkspzojnxHYtxb6VF_QwqT7iVS_sMjhLju_PMxcWLm15ufoqHX21lcPWXJMOlX0oO2vZga_1-sb9fM2E1s0tMi5lVb2spldLPXC48OfCPUvXUpzD7dDbJUQt3JCBk8KInTcEysoviquHpA3523gTlm5PHdkbtakCJltki80xZ7AhqsRmUvP3G0GXa3HsTObChjknmU3xgWpmrwYOsKSveaaSEMQX4kIAjrTod7rh03TubhYZbVy-oH0aUcCDvMXZiE5cE7hO1_3axWxrTgp1MRHSSOj6H8Mt77WDMtp_HrNHexyBWlHt4ZajumtFNTq52LQvLsGAyNxsall4mWYipSzY_lOcUJFOYmvtaeRl3O9o6DVd0-E3f0ujQmiiWAWXr9nIr06gE-HCDkSxL3wQ2l82bsn3YSCGww-0k5F39odaYHwbfeyVfVhgLpbzs8KuI4Yw94I_1Xk5yhzFZRrbKXCXPrZpMISNI417n5htnJv0wAq3LESMxxoxPuJKF8CBuC2IPt9kzMxYZr0UGfVHRpMQiNxJcgEfX0h3oG_gUqy35c5GvejavR130pFMshHhra0ikKuvmtYCOFxPtdvazQCvgibZhXM9lKQ4QHSC_UYON1SvKKrpM8fQ%26sai%3DAMfl-YR4URjTGZnAEnd0sgkcJljPe_KU4y35AACKdLKLJdKsJyM0mFRqnr2lvhO_mCtQEfUi02foyeWHs5YGJO2_yAjSd3hXbxAIt-B_b2nnYL7NsdUKF4bXzgAKvIFTn6kLZjI_ysItZl2StmIuPEtF3lya3WJgp7KYa9Etgn4-B0limmLaSHDTM-a_gL2BMKwvMuusaSk79nSllNXN85Yt0BXFTJnRxpHIQiwF06QwD_H-QL9YGfaXAIHQcVRNG2T4yfYYBV5nsX3LPafVV_rYXbo5df5GLBIo%26sig%3DCg0ArKJSzD6qVA7nYnPQEAE%26pr%3D8%3A414555A0233F1638%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fen-ch%252Fproducts%252Flisted-options%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014735043_20642292212_524464410
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb6cef3eb76ec26c8bb8cb59e1ccf16d2facd9a1c387978948ce98664d2ca71f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:38 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
Gq90Z8yQaZwoZjD0SNt4Ow==
age
1394754
cf-polished
origSize=159436
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Tue, 07 Mar 2023 10:29:01 GMT
server
cloudflare
etag
W/"0x8DB1EF6C4EBD802"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c17bac01-b01e-0015-3351-0dfa95000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
827f2c49fa6324c4-ZRH
truncated
/ Frame FB58 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
538c0772-f28f-4a0b-97dc-fbd24e1b526f
https://s0.2mdn.net/ Frame 5EA8 		668 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://s0.2mdn.net/538c0772-f28f-4a0b-97dc-fbd24e1b526f
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.b105a4e6577fb08357fd.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
668
Content-Type
/
kinesis.us-east-1.amazonaws.com/ Frame AFD5 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
602755e28bc168e7f5a6929830e2520444884bd89b45876954e6cd1168608e5d

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=e18c964637e657130a3c552fb9262d77248d931154df69840284fc110e710068
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
30f2b968e4bc3e047f22aa640aeb35c89d3384dce8dae914640f04e8709a916b
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092638Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:38 GMT
x-amzn-RequestId
ff028875-9e75-22c5-a2d0-0dfb8ba3cdce
Content-Length
133
x-amz-id-2
0ViDHv1tTldh0wf4zD/H1rsRQ3w9bHzCZ59t/hfS+DKt6xnRzGMS6G473IZal5g0Hu9mSgOKD5xvNG3+CQaQjiBE3h5QwtgO
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:38 GMT
x-amzn-RequestId
d0523e57-66a3-68c3-8d80-bbd9737587c8
truncated
/ Frame 5DA7 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
ec737c6a-25e6-497a-9ded-1c43e15642eb
https://s0.2mdn.net/ Frame 4269 		668 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://s0.2mdn.net/ec737c6a-25e6-497a-9ded-1c43e15642eb
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.3ffa494819a31ca28da5.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
668
Content-Type
truncated
/ Frame 017E 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
d9fabcc9-497e-4a1e-ab01-51c3e643d516
https://s0.2mdn.net/ Frame 4FCB 		668 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://s0.2mdn.net/d9fabcc9-497e-4a1e-ab01-51c3e643d516
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.3ffa494819a31ca28da5.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
668
Content-Type
gen_204
pagead2.googlesyndication.com/pagead/ Frame DA2A 		0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bv_t0SINYZb-lNu72x_APp-mUgAoAAAAAOAHgBAI&bg=!tbaltvnNAAZxrfrxUa07ADQBe5WfOGOnUVwLdTgHXkNovQWt8Hjiq3Y3wlqua5w3MIO0-LQ_gtVMHVqC7GQNtnb1xPX5AgAABfJSAAAABGgBBwoAOXBNfpvzh92Q1UuiHfFhlg0798dcL0ZMfBjfj7bfssEmshSZAu1pu4bwlU10J91DO20CbsomsubYG5kC9O0CoG5Znj71yXqREQmhV39D_sLUbr6tvm4yTNi5aSjBU7C0wv7my3j00smXAiZ-O-HXw2mLu4Zw2-GXZ9o5sagX319lOOztJsN2QixjcaUapO2oUKoxH03aWdWXXWQDDZthwB0dtCrESVWGUckMlZ0CfO86WNsmjoIJcz6vUFBJP_T5I2Ix14sPEL1YVz3zFGk0j0OGRIOEQ-KiuDff8tCvvXV4sR_T60tawA8wgrQdQ5mdpvLPuwPEm57iOnpIURw97XJs-IH2Dpc5YsdqW8gOKS8KwCjFet-44dBS24c1bn3RLUukPSA5eprnLSkCeuaMvbBHNc3tK-SWsyXeGZzDI27kQ58NfYwdFc59h3OHq4vXghbLQM6NwT_sZyQIvILMMB4vxAgApYWW16kGf80E3yD9r5zP3rOFmYk5t_XHr1DPlxr18qo3suJ1RwPI00dRYYp77dZR8fOOkUPnfBsNdFZHUud6zJt29necbml8kPz6DJX9WDM3JVt0_pTUYF2NYtTHvCcXz4AqTrDYg7AknJzHKogSTr53YngbtD6FL3bgJk5fo5UrdFaq0GJc_RbAA2xfz1f0huEf3L5_5l3-tLo371H4zBxUz_E93zwqLSJAM4Tycg107uVq52ZZGl4nc8aGWs1DEW2r2rSCa-l5xvye27Dy084qkgFrBXdRRneV0d99zeTBxtXc0ORxs7EsLzmuTdM5QsZp3_7erCH86bXYvYLn9m-UiXQxXhr9B-pQMZxyMbUmRP29VUthZx0LDjnAivgHy17PltPGGt_mJG10sSfQTTu9Teh93fFKYAlsuE6T6I_ZJwVjZbuU8yxSVmKdYna8NAUqzpR1VDt19igPLPCu9IXcEJfYE7YXau1vFDtNIScggPYvRtnMN85R5wVs4hLfqtlTiTW5PV6VGzBGCptgFtf2NDR-I9lH3F4oPzNxyMF8g4e-AtYLcUUFyEb49UGyuZf0SLeiegoAKhOW85tQ49uFaKxp7NpX5nAGQQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame C48E 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lp3uhamn&chm=1&c=4076639824696142&ctx=2&qqid=CIiQ4sedzYIDFY024AodHZ8FKw&met.4=fb.1a4~lb.5b7~cmrload.5qp~ol.6ci~idt.-5n~dt.-10d&met.3=374.4b3~113.6tr_2~112.6tr_2&met.1=1.lp3uh3sw~6.j~7.j~8.j~9.j~10.j~12.m~13.28~14.28~15.ch~16.5j7~17.5j7~18.5j7~19.6ci~20.6ci~21.6ci&met.7=CBsQCBgBKBMwUDiiQGgWcFB4iReAAd0UiAGSMLABAbgBAw~CCgQBRgBIIINKIINMLYSOLMFaLQRcLUSeJ4EgAHyAYgBgAWwAQG4AQM~CBwQChgBIIMNKIMNMPwNOHlohA1w7w14qfgBgAH99QGIAYXHBbABAbgBAw~CBwQBhgBIIoNKIoNMOANOFZoiw1w3w141gKAASqIASqwAQG4AQM~CBwQBhgBIIoNKIoNMN8NOFVojA1w3g14rAKwAQG4AQM~CB4QChgBIIsNKIsNMLsNODBojA1wug14gAyAAdQJiAGBFbABAbgBAw~CBwQChgBIIsNKIsNMLkNOC9ojQ1wtw14iUWAAd1CiAHwoQGwAQG4AQM~CBsQBhgBIIsNKIsNMMANODU~CCoQChgBIIsNKIsNMJgOOI0BaI0NcO0NeNr-A4ABrvwDiAHd0AywAQG4AQM~CBsQBiCLDThK~CBwQARgBINEZKNEZMLUaOGRo0hlwtBp4rAKwAQG4AQM~CBwQARgBINMZKNMZMLUaOGJo1BlwtBp4rAKwAQG4AQM~CCgQChgBIOEZKOEZMOoaOIkBaOkZcOgaeNpvgAGubYgB_aEBsAEBuAED~CCcQChgBIIAiKIAiMLQiODRogCJwsyJ4nW-AAfFsiAHpyQKwAQG4AQM~CBsQBhgBIIAiKIAiMMwjOMwBUIgiWPYiYI4iaPYicMIjeKwCsAEBuAED~CBsQCiCsJTinAQ~CCcQBRgBIMoqKMoqML8rOHVo1Spwvit4oWiAAfVliAH-sAKwAQG4AQM~CBsQCiCcKzi_BA~CBsQBSCvNDj5CA~CBsQBSCxNDiVCA~CBsQBSC8NDjlCw~CBsQBiDDNDjSAQ~CBwQBRgBIOE1KOE1MKQ2OEJo8DVwozZ4lgeAAeoEiAGWCbABAbgBAw~CCgQChgBIP9AKP9AMLZBODdo_0BwsUF40cABgAGlvgGIAf_-A7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:38 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 20F0 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
be2980ce-4959-43dd-8d2a-9d85ab138665
https://s0.2mdn.net/ Frame 456F 		668 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://s0.2mdn.net/be2980ce-4959-43dd-8d2a-9d85ab138665
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.0d17da23618f24b974cb.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
668
Content-Type
gen_204
pagead2.googlesyndication.com/pagead/ Frame 05D4 		0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bft3rSINYZZLcE5m99u8P1oqZ0A0AAAAAOAHgBAI&bg=!mpmlmdbNAAZxrfrxUa07ADQBe5WfOHeRGvkOX7WcVpwfmrvnRn5gyD_bGjtE-VMf4m1CY8YhcrKDq5P4Lo86Nn-x7aqLAgAABcxSAAAABmgBB5kDAn1q0JoI4fA9dYv1Dt8TP9b7qmzJAjdjKIujfnrimPHoMd9fhDyUimQ9jiOHTX9Nj1WNlavic921zAzWhtqoDjqiXgo4g5XOurznc7eZnEhgBrmPL4vkCB_Lxeyx7lRlZ9D99Oezvx54ypShHlNE5MgGxhg8m3gqSpZcijWmZoJyD2kfhN_Vq617lLYmg2OxE-rSndGQTFSxVJcUWyaADIw72INw__E50MIqAstGQf55fdIz0BW9i824CvZA9zc7zk5qDwlBfrXvObjZuN1E29RpN6E7nHoEwdOnRkRUwcHBFAveZO_2XTk0BR6j4efPrOxbH9BlWOJDVdj7U_icAMghekdHy-vY92YXfXcp_AW6xDn_qPzXhJO7pLA1YyonoToG3jbEt50FOv7Fc4vHbIxS4vflhzGFMEB4QvjfSTIcHmFtdejZ1nUHerft6YU8G5V1gYXOAvC8NDulGPzYTTQNAQ19gJv6ZYFsyz9GABd57pSoFKODGFvttGjUTNVxCtNYHzBg5Q6WigI4UtPlpxAY8ejU8CmDr_IX5VkfVA1AgmFvq9x19JgK9VSh2ojyxji-UQm-XLgzbadhKZu291gJGdhw8vriYGUV0aB6tgWQTnMlfbnA8T9LgAR-fMrlXduIPcqazTe4dXVD2zX3rxhjalTtKHBOoaiJglsnXEygqrXA0eJfoliMGUlYWN7L01eTviKHdqD9bf31yuwrrAdId3Y3-ixY3MT0_U1mnyb-9BXFqNVs54rXVtPW10UphdHu6Srexhsyr8O-nDKtGYcsGfJLMe79WL7dd2L2VtgaveRvHkj-uIeNHSwXToBMA2a5alUjYYqz-uZi60pfKM7ZyZhftAI9-6mFGMrGO85xU1k71Co8d04rODFyfWjuFqoGx7WiByx6QGBgLjmcWjISvgojpOx99XV6jWJKOVfTkDJrcpnQBMifFHNhRalp7AoTbLkhSknT8z-uIgmHX2TQJGmG6f3wJhTmmo1g_hMznX1FucKe05KPyb-zDpJJaYxR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4397 		0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bd0EjSINYZeCDGc6F9u8P_5WRmAcAAAAAOAHgBAI&bg=!8fKl8r3NAAZxrfrxUa07ADQBe5WfOL-84vxvcUn73SkhNeLE5XSbgc4gbei2ZsDEaun2Orefk4SAPslnLxr5Nx5l9fWBAgAABcRSAAAABWgBB5kC-8XVuTLKGcNYkWGTvFzQx7EAGGol_qMSGeQ2sH8yOWl7KoZjORD3qVecu3NV5UltJWo6lZaOVjzLlPi5E1AuwIkNWssBmcZqW-V_z9iata8LdNGmVpZH5e4dqJ-33Is4r0lfOLtxSZ0xPqF3fZIpvVFoLgdHR_M4CshIinuBASb-UDeEcIk9pSJ-LEiiDkdU3boFJRV-nRS5nNO4tyCKnYxLXexSk0wQqAbmp6LoBAbq9_vKsuLUmbQG5b8EsjZ9u5tSV0t3RjGqcEmRu2OhdmtLToZw_ic_Jvw9mIUsQVk0U2nt-0V1iYG61gqZ8YiTq-LXo5bYdOiiybNLQH-DVW3Sup7G8K3-EgTb5K8rKOKtK4VUEaGKPfSX5RUpB4NnoHTSC4TSAmfQAUtplEYg6BH2q-e1ZfIaCrZgwHxC2HILCdwFu7WhV4gCRzMEYUfcSwXCojgsEH9zYv-9RUhj8sBD6_GULHAB9dAYZvJTtEp5AsEuODYFmSuir8jsqUXNhRbg6YRX8jd1o8aoDlW-sAianCRwIOOdlh6Fi7PgzAlEDGDhNOEOYBe5Pkw6K2zWlJVmvh-MrALatChbieNFXnENgxpQSl-MNejz82C9rSuAvisOMWLcnzzPR_5QRLJjDIOH2DqojP6c0a_FurbnLGNfRZHg458gFGhehsBCG7GvOq4mV1VhB5U9QWDJOp9TUAYEgjktbSE1q7CPv-qbLkChOxjZBLE3JrCsvTGbjr6pZ4m_1EPKZo5q80sze6t4V11EDE6RiZDN4tImtthn8UEqnL0w99ydoILJsi444IeIufDjhk96EHJh1NVHPuW8c5os7KxwecuRMKMT5lIe2-7y0aD5pMrB-sDUrwNxJ2wAVrqu7CtX4tITIQ1XearmhK0s7yO2DSYwhTbNI1OikKqd3zkXsmiPKGXZO_TC9I1BgC5o1koARnVRljYkXtO-uMQvKx2xSZvZeRBwRkR9Vt684m72WvxpD-6TKxXspgfxU2HnaiktiwpMGoU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame F0B8 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
1a71cb57-d036-48f2-9b53-f1df80473e63
https://s0.2mdn.net/ Frame 6D81 		668 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://s0.2mdn.net/1a71cb57-d036-48f2-9b53-f1df80473e63
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.0d17da23618f24b974cb.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
668
Content-Type
truncated
/ Frame F02C 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
a2b52c81-bf12-49b5-87a1-55bc9f7af3b6
https://s0.2mdn.net/ Frame 5A78 		668 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://s0.2mdn.net/a2b52c81-bf12-49b5-87a1-55bc9f7af3b6
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.b105a4e6577fb08357fd.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
668
Content-Type
gen_204
pagead2.googlesyndication.com/pagead/ Frame E400 		0
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bj2fiSINYZeyiDY-_9u8P1KmLyAcAAAAAOAHgBAI&bg=!-Pul-7TNAAZxrfrxUa07ADQBe5WfOC3skJFO1B8X-DynikXqVzqb7926ROvvK4hdYh0iVrXpClRshNjkTwY288gMsZWfAgAABVtSAAAABWgBB5kC_f56HGClmnTXQTMhsjf77duJGUI1Ygrm0Fh4tScqsx-TW7JmDeZOq0kM3IfNhXynVGxufnPI5EwsOVAJsCZF5niiUclneUnH4ccSDAbGVWeZW4t09gzwP_37vDHz81Tqsv7DuhyHyBZj_PkPzuVJiOH-4-uGcdMrJLxu8pbUFvnX_c2h1kRh9JtEiuIpFFCvDcKZ7dQF8QvicGcGSxIan7ugUv4MMulWv2Fn1XMnlMYSA73PceOLG_Jo7YiyJaJsSMdVMXxfAJj9IBwNc3EhIdF0EVjgzn91hte1caMcD29eEt5LIVSOjZAxVKVwPGbvVs7G6umRB3bH_Ye7CpY_Zos67jcjXbGOt6KtZvZc-cjJsnDicry5EhE-ojh7hWUpyTMQeokaT7CTCNjXkpWgppxz9cMnTBJ7miRFOds5ak50Wmg9850TdkGQhQGie4BdmtZ7MAOaK7Bu_SehpcygiiM1vyMGFdx8YulZrAmfd8TtCzErI6AMF_13ver4QisOQHPGTLTu7-sfJih-dbP5HyRFN0RmQwxXL6I-k6P_-rouN_kWPt4L4gu-hLivWWLkF6TeVh86xBxNLPxkNqkeWdDbcnhNza7LPgCPVMgZ_hX2lFhRLn6fB6P8-y94aNWjxwAaTS3bKEOa_j7xkY8118lNhw4F6nBjCiMBy0itJZOySpSm7K6iCVOkkxS7V2eGKj7B4u3gr2-pb2OxQkNIi4goqA5SMEdMeBGMktotkW3IU0ydzB9ZreZpnrEi0CKRMsEO1I2PpXwyn0WLk33jn17W9HmuYKqkc52j8pBVOrXHSyaE8hjTTfC7fj2KZgBBpNTtXVa_EjFTZVLDbdAedJHg5iBj4oijJxmBHIB6TSr1hAKU-a4mb-nO7fZ12XuwwaQ5bY8FD6gTbF9LA_QMy-JrEzJ8X-fF81cIlNdnrx6tyaHTlBGV-XfGTkihdQB6NwvtAYB08NLlKHiy-4_D1Ec8h2UFSDIqjO-wti3D3UktlFPR6kFTDWVXRoATBQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
font
c.bannerflow.net/fs/api/v2/ Frame FB58 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F80e96a5f-eddf-4121-a75c-0206e164272c.woff&t=%20%2a%2C-.02ABCDEFGHIMPSTVabcdefghiklmnoprstuvwz%C3%B6%C3%BC%CC%88
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4861987547447820288/CH_DE_Price_Gold-1-ENCH-728x90-638330544809535212-9013d0e8-9e15-487f-a049-f6d6eac29397.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f927ce89e494920f20f9c0d4c8929e2ac47fdc14cc07e6a070b68ea8403fb2d

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Nov 2023 07:15:04 GMT
server
cloudflare
age
871895
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=80e96a5f-eddf-4121-a75c-0206e164272c-subset.woff
cf-ray
827f2c4dec7d0204-ZRH
expires
Thu, 07 Nov 2024 07:15:04 GMT
font
c.bannerflow.net/fs/api/v2/ Frame 5DA7 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F80e96a5f-eddf-4121-a75c-0206e164272c.woff&t=%20.ADEIMPVabcdefghiklmnorstuw%C3%B6%C3%BC
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18180890864186818560/CH-DE_FX_Productrange-2-DECH-728x90-638330545160052832-df08ecc5-0d94-4367-9809-0dfd7fcec4ca.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e764af89635e0f26e1f0c02115a879bac9a0cbdc83dad944b84b34ce4e842842

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
HIT
last-modified
Thu, 02 Nov 2023 01:19:52 GMT
server
cloudflare
age
1411607
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=80e96a5f-eddf-4121-a75c-0206e164272c-subset.woff
cf-ray
827f2c4dfc8f0204-ZRH
expires
Fri, 01 Nov 2024 01:19:52 GMT
font
c.bannerflow.net/fs/api/v2/ Frame 017E 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F80e96a5f-eddf-4121-a75c-0206e164272c.woff&t=%20.ADEIMPVabcdefghiklmnorstuw%C3%B6%C3%BC
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18180890864186818560/CH-DE_FX_Productrange-2-DECH-728x90-638330545160052832-df08ecc5-0d94-4367-9809-0dfd7fcec4ca.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e764af89635e0f26e1f0c02115a879bac9a0cbdc83dad944b84b34ce4e842842

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
HIT
last-modified
Thu, 02 Nov 2023 01:19:52 GMT
server
cloudflare
age
1411607
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=80e96a5f-eddf-4121-a75c-0206e164272c-subset.woff
cf-ray
827f2c4dec7f0204-ZRH
expires
Fri, 01 Nov 2024 01:19:52 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A49F 		0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B05aUSYNYZbOvDs6F9u8P_5WRmAcAAAAAOAHgBAI&bg=!goGlgc7NAAZxrfrxUa07ADQBe5WfOGtaFs4kTyKJ4G64NLZ-4hvfjhHpzcWTAkglCSNQgPpnwl7GA7_4PozoQMJgxRToAgAABZVSAAAAA2gBBwoAJBllFm6EzL-a5hUrlZtAP-b2a0SRIPI1i8eXK0VzHgTP-4OAkJkC-T2_cjNWYJUlF8ta5hXleQg0bxlvqcROwaJPkbnQrwwlQFoaohl5xdQYj8vcEL_PodssiXH_yPwpu2f3ST19pCLJeVhvUre6iEAOrohHXt1JqpugNUpxrE70IUUHKOJEcim_GRdHWc1JUzpk3iljzSypweogLJCdJvt9mX7H-MlE46jtyu9KmYcdk0llUxs4a8X-97kZRWs9BFrmHsCd2TZCQJrjBqPYbJJANA-4NkKfB3YgkP7s5jqp5cs_AMeNughyL-GbQ5AwLirm1M9MDFhHK8D8fp2z34NG4rbT6fxZNzImhTcwCTJ3tJ58kk2sfIh10TrOcKQ9mQadmR_uIrTDobYiKuj1sEe91wgNnbaW14Vt-famydtTfTBHt5oqDOYELpRYiYTmIZCnKOjINGtu466X2RbVcOJmoXKa4_bx1kABpySi-2vJvaSc0LzO8UEPvYn6MALn2Z-zCzizCFuhN12YRhUS7JBlx5B7FrVDdFu5j-cp6Dm7M2VGVAl8EeSooSxeYbFJjfMepVUtdtgsEhrgZgpW0NJtC17UuQbmbdbt8nj0oxmwOJtOQaKxqon4nJD60TQiJxlPlca4y61hlaJjlVcwufsR-E0Zmh6rggn7g-7Lro2PC7P2U9n5AYX45myH-ndAHeE6a-ys9FfY3OdV9O8N_PPLoDqDwjjKnt80RjzCeYteqJ1yJ-tK7pcWBytTnxeKQxdfQTJVligSAt6bxYH1uK1ZfTUinEaILeEhLB9Dfz1tu_UhZUKVO7sGqlKo9Dtk8k8yRP5_ZMtXZvHGb5OarGaG6IehNgOGijOOsYuvH6L-jLtLcnYkcbk_B4pTsV2s-Xq9RBrVvnh8uWXoygv066WDjIXFuyAimO3n82-R6wEitlN_Lkztggs2s0eZ2IhLfoDIZLvdRoVLTgxKoXWXIHz-FNyv9V70wESZXxI7MjDUAUw7e0EAbfnmm4iuvUo2GHc5Ev1PQLkDbKSyo_PxBkT6mppMl4RZW1J5m-AHUMog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame F44B 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
b6137fc8-12d7-4db3-97ab-4d47eadd977f
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/ Frame 7980 		668 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/b6137fc8-12d7-4db3-97ab-4d47eadd977f
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.b105a4e6577fb08357fd.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
668
Content-Type
font
c.bannerflow.net/fs/api/v2/ Frame 20F0 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F80e96a5f-eddf-4121-a75c-0206e164272c.woff&t=%20.ADEIMPSVabcdefghiklmnoprstuw%C3%B6%C3%BC
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12403473053583933440/CH-DE_Options_Product_Range-1-DECH-728x90-638330546660072439-8f797ce9-0fac-42dc-a7b3-b732475546d3.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9eb978002bae2394b1dc55bd5d7c008fe063b54a2fef9d464fc2ab09c87c02c

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Nov 2023 02:15:53 GMT
server
cloudflare
age
889846
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=80e96a5f-eddf-4121-a75c-0206e164272c-subset.woff
cf-ray
827f2c4dfc850204-ZRH
expires
Thu, 07 Nov 2024 02:15:53 GMT
font
c.bannerflow.net/fs/api/v2/ Frame F0B8 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F80e96a5f-eddf-4121-a75c-0206e164272c.woff&t=%20.ADEIMPSVabcdefghiklmnoprstuw%C3%B6%C3%BC
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12403473053583933440/CH-DE_Options_Product_Range-1-DECH-728x90-638330546660072439-8f797ce9-0fac-42dc-a7b3-b732475546d3.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9eb978002bae2394b1dc55bd5d7c008fe063b54a2fef9d464fc2ab09c87c02c

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Nov 2023 02:15:53 GMT
server
cloudflare
age
889846
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=80e96a5f-eddf-4121-a75c-0206e164272c-subset.woff
cf-ray
827f2c4dfc890204-ZRH
expires
Thu, 07 Nov 2024 02:15:53 GMT
bframe
www.google.com/recaptcha/api2/ Frame 26C7 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de-CH&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6Lff_I4mAAAAAGHfEhhVXeU12QZE9z2mPvtEr2BI
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de_ch.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
GSE /
Resource Hash
0655eb765e4ca1907a3a264e8623001bac8a3bac2db2f464cac829cf82724df4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-45OhkyGr6BziUnSF7p1Fww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-45OhkyGr6BziUnSF7p1Fww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 09:26:38 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame B2FC 		0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BeaveSYNYZbHSBY_B9u8P4tuWoAEAAAAAOAHgBAI&bg=!d3SldDvNAAZxrfrxUa07ADQBe5WfOJmFiCqXA3hj3co1rnFCofcrB8UJpqDnj_zO1MdFCpJooqSUma_Q3QGzgD9SgkFPAgAABjJSAAAABGgBBwoAGt7QGORky_HQsYDv1snyFrmkAywKuN_we_r8mQMFUcZZy9xIKiusiJCT50QlXH02JOAIeBZAJ10cZynlDhpS-Pj-n8wbgMmqHHgIxzYZ2EfAR-maqt9A8gd-IqWZ42AjxTRvwOJmaqRHD4lCeJZGpazX9CdcEGO8Iq0Mno23QfupO62Hc84k7RN_1P5CMf7MM8CbmtMi4Yvy_mCk5I3gEOk9zgj0-o0LCzfiFsgPJmsycb-qdiTqtINe7xDyzaT1g6hkLqpOwGcVYJW1c-FwdKbTYcf1gNNgdNc3c4G67eodKCtXd10_pfaIxAXMMQRQnxZupgWPJmzlt3BEUOdW-UZp4RH1A4rb-bh4o_jXI1Jm_iQ7ncXdRDSSxMCYHbHb5w2W1LvCdEkXJLel3qN7neUyEipZ7WN72C49-cu8sd8WvLMyWgz-TCqdBEzHgnxUlMRM752ptjtttbu9vnvgKNvXx1JZDslpOpwQiSgCwBT75y1VrmUpRmNyHktcAL6tE3PyUj_Jqu7fSbGaWn0QU_96xDBU-wkmGvoGcwcGvo8gmdeEk6LfKyyOBVKK-RLaX3OmiAtXZnNp4XEpvMQw_Xj3iC6ShHYL9WCiV1G5tVpqP--bE2N1zAL4ITdSIcjN-GdL_AKEO17M8uUG3N3KV4dBflcW37M43zO-b2WQRrIU9PmUzCSIphba8kdJEtmuDAzl038ojq8rr_6DNze-MEmwsr-jVeRRjPzs8ErrguBafGJjVwxlhX48zDPOQH3mnExxORlWrLWoWtMiUBiwqbxqIyzwfH-93nFWaEyk2-NFVVKWtavFdEN_GDL_V4qyu7nyiHppQdd-nXZ0q2aADqb8iZZ5GltHb25S9Vp6KQdqvnLqRM_27IeTlsMDKovfrZaBRtknZGkUeRev3ea5BL7E-3u4clyxjpvrFOetPjnQxKudpDQa-XFOIIRySry8Yjc0FsjnbGnr110DLcqYgn62Buj0YPoe9K_he9Vqd6no2PHz8gWrsfbAeAACS-Xvk3Np4rhHneinxFJn5MORVMl-8ZBHNtanBjB3corWlewZAXY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
font
c.bannerflow.net/fs/api/v2/ Frame F02C 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F80e96a5f-eddf-4121-a75c-0206e164272c.woff&t=%0A%20.057DLPRSTUabcdefghiklmnoprstuvxy
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17177723152520708096/CH-EN_CFD_Price-1-Singapore-728x90-638326037557461764-6116462f-2685-4f3a-a48c-89017f79f1b9.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef7b7161ce4bc7a075f56c2508f955ab0f5a8d3df483c4adede3465b74f4d8e7

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Nov 2023 12:45:18 GMT
server
cloudflare
age
1456881
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=80e96a5f-eddf-4121-a75c-0206e164272c-subset.woff
cf-ray
827f2c4dfc8a0204-ZRH
expires
Thu, 31 Oct 2024 12:45:18 GMT
truncated
/ Frame 408C 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
7046f908-de65-4872-8fc8-2c26315ccfd4
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/ Frame BB5A 		668 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/7046f908-de65-4872-8fc8-2c26315ccfd4
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.b105a4e6577fb08357fd.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
668
Content-Type
activeview
pagead2.googlesyndication.com/pcs/ Frame AFD5 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv4I5ZDor8UfoOeUotunqYu_MHb7B5gWHpKpTTRS_n7S7bqMKA0DqhEmSxCKQE68bjDV_EK-rgHW8XYFI-iXgehK0SJI6sFSz9I_FNTd9A9PuQbRPP-TLKaFM7W&sig=Cg0ArKJSzH3ZV36-c15_EAE&id=lidar2&mcvt=1133&p=0,0,600,300&mtos=1133,1133,1133,1133,1133&tos=1133,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700299592567&rpt=5100&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9F1B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
4414
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 08:13:04 GMT
expires
Sun, 17 Nov 2024 08:13:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5FFD 		829 B
792 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
GSE /
Resource Hash
5dd2933630b679eccd953acfabd5bf163c48bcf173680c3962315af19a3802f1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VPjkjVhSpue-qSomsrrXUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-VPjkjVhSpue-qSomsrrXUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 09:26:38 GMT
expires
Sat, 18 Nov 2023 09:26:38 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame C48E 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9619042708276&version=m202309260101&ct=77&x=1&cor=1507710450055740000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 26C7 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de-CH&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6Lff_I4mAAAAAGHfEhhVXeU12QZE9z2mPvtEr2BI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 00:50:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30993
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 17 Nov 2024 00:50:05 GMT
recaptcha__de_ch.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 26C7 		468 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de_ch.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de-CH&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6Lff_I4mAAAAAGHfEhhVXeU12QZE9z2mPvtEr2BI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
14f58d534c595bf9b24e8f67fbfba7a9213884866ed47888cc10ec5525b41777
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 07:57:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
350961
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192023
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Nov 2024 07:57:17 GMT
font
c.bannerflow.net/fs/api/v2/ Frame F44B 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e55163690c3a51d28cd4986%2Ffec4b1c4-7cd9-4321-ad22-80365d190a23.woff&t=%20%2B.18Baegilnoprstuvw%7C
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d35be51918e9d559881a704e6bcf60f95f14f5fbfb826b2be9216e754d23b832

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Nov 2023 00:16:52 GMT
server
cloudflare
age
896987
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=fec4b1c4-7cd9-4321-ad22-80365d190a23-subset.woff
cf-ray
827f2c4dfc8c0204-ZRH
expires
Thu, 07 Nov 2024 00:16:52 GMT
font
c.bannerflow.net/fs/api/v2/ Frame 408C 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e55163690c3a51d28cd4986%2Ffec4b1c4-7cd9-4321-ad22-80365d190a23.woff&t=%20%2B.18Baegilnoprstuvw%7C
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d35be51918e9d559881a704e6bcf60f95f14f5fbfb826b2be9216e754d23b832

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Nov 2023 00:16:52 GMT
server
cloudflare
age
896987
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=fec4b1c4-7cd9-4321-ad22-80365d190a23-subset.woff
cf-ray
827f2c4dfc8d0204-ZRH
expires
Thu, 07 Nov 2024 00:16:52 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7E2E 		0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BHVdJSoNYZdX2Meq89u8Pm7uFuAIAAAAAOAHgBAI&bg=!0dKl0p3NAAZxrfrxUa07ADQBe5WfOAprOOWRi87QlQr4x-e0-tvgxuAWcNp8CAE5hdiXIvZg87qpyQG4JL2G_2P12FciAgAABNVSAAAAA2gBB5kC-A95RhipuneSPeCih7R9kTy5_gi7t3uFUM9yNiPdIFzJ9y2z7jekxC2cltW5L5V_Zd0t4Z5zRn15dxoSsn8UElVJfTcGg7ZwuTlBqRHI_y5C9IlJRGTFhReCTdlw2XBTbGRqb0NFmu-iH9q8SZSeTvaiWScQo_82oSRPO6eMiDNaBSyX6yCKA6NYn5pVzqm_N2h0Pv41_Nm7ZgTYV6kUW_K5BnUvwTI5D14pniIMbqSEXWvB3h4LtSk7xnBIUzUrJTNkoxgzQfwKmN3SIGNB5iEaSq-674FH7nNdJ1d9MD0BC17lMA9CGgN9b1r8qUoZ5IHF8d5DCHfBtjvcbcyuuGJ4pDBT42U67JMbdhKcUCA-5ZDPuVyjqBg8hagcuKr-3y1w2zhArqjM78rY-HpV2l97cJ9fKpy0r65jp__wiMm9NECp2-SIq09-vE_fO1Rl8GAxV5S7tDZTmdajBM2QlBU40WoehNdTaqZpDqqxP5cGZ3KL3nH88_YaFqPHEGHCf1LESILdHsZT-dL-od0mYbAg-UqIUA2r1kOECUQB1eGvpOWJ9cj4N5sIZ1MeU_mz6z-svzngQQF_v3Jrb4V4p7hjCL6sE4MPawgiXJXjZrrL49Fgd3Oaz2zDwqwo4sDRPImsiO2SOW52j-JLRNYWbzh6P-YVGAyOcyjs7RtCeRdLV5ZFjZyXOr2ckU_UaJDcsn2TfclE1D595wZge3XnOd0GsWiO8ilwXcYrErK4kShq7lI-RT_5DS0RUxXY-IrEzLMmbWcVkR0nQi15KEaSj7AYLLaN41eqjxpBzUg3I9MeSUuz-lqj1r9atYZKwLdqa7YyzaHBoF6FuylI1EJ9IFZqTPd5sxqDNOWdAg0IDAPseBypSJVGbyGd55K-YWuZ0F_7x9-H27VfBoGz4xHlGsL7I3kz8ZYCEpW8lobBqrgIB739q6m_j2mIedhxgH60JjE_Y3U1phSG1rseseZc5MaCUCNH6GVWMymBWZEbTScXebUWmRqoaOE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 0461 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
1e783f53-b502-4586-9ae1-007c7c9f4817
https://s0.2mdn.net/ Frame 57EA 		668 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://s0.2mdn.net/1e783f53-b502-4586-9ae1-007c7c9f4817
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.0d17da23618f24b974cb.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
668
Content-Type
csi
csi.gstatic.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=2~lp3uh73k&c=4076639824696142&e=31079673%2C31079657%2C31061691%2C31061692&ctx=1&met.3=416.7p0~416.7ur~416.7wj~416.7xg~413.87u_1~416.87y~416.881~416.88k~413.8dw~413.8ep~413.8fk~416.8hs~413.8j3~413.8j8~413.8jl~413.8os~415.8xd~416.8ye~417.91h~415.925~415.93a~415.94b~417.94y~415.95x~417.971~419.977~417.97d~415.97y~415.996~417.99b~415.9f2~417.9fk~413.9g2~417.9hk~419.9hq~417.9kd~415.9wt~417.a46~415.ak2~113.aql_6&met.9=6_28.8xd~6_4.925~6_66.93a~6_15.94b~6_10.95x~6_45.97y~6_55.996~6_6.9f2~6_79.9wt~6_21.ak2&met.1=1.lp3ugyct~6.a7~7.a7~8.a7~9.a7~10.a7~12.a9~13.mm~14.mt~15.mp~16.1jn~17.1jn~18.1js~19.bw5~20.bw5~21.bw8~22.23w~23.23w
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:39 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5FFD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=4076639824696142&rc=null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
font
c.bannerflow.net/fs/api/v2/ Frame 0461 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F80e96a5f-eddf-4121-a75c-0206e164272c.woff&t=%0A%20.LOTUabcdefghiklmnoprstuvwxy
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/878616523147575296/CH-EN_Options_Core_Messaging-1-Global-300x600-638325444140859338-7a0e12a8-cfa6-4117-9cfc-18a44ed9c9bc.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d124bd043766509cef9f2a01ea70c2aba566ff4774dc18ef519ce4223e705ee3

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
HIT
last-modified
Thu, 02 Nov 2023 05:30:02 GMT
server
cloudflare
age
1396597
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=80e96a5f-eddf-4121-a75c-0206e164272c-subset.woff
cf-ray
827f2c4dfc8e0204-ZRH
expires
Fri, 01 Nov 2024 05:30:02 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 9F1B 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:09:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
58621
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Nov 2024 17:09:38 GMT
font
c.bannerflow.net/fs/api/v2/ Frame FB58 		3 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F0f63eea9-bff4-46f1-b0c4-c0bc6ce3911c.woff&t=%20Kefnort%C3%B6%CC%88
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4861987547447820288/CH_DE_Price_Gold-1-ENCH-728x90-638330544809535212-9013d0e8-9e15-487f-a049-f6d6eac29397.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ccbc19aee4d008d9c3c70a74c2f51937bd927db8e572db4a406b4368180a7d2

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
HIT
last-modified
Thu, 02 Nov 2023 02:56:09 GMT
server
cloudflare
age
1405830
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=0f63eea9-bff4-46f1-b0c4-c0bc6ce3911c-subset.woff
cf-ray
827f2c4e4d3b0204-ZRH
expires
Fri, 01 Nov 2024 02:56:09 GMT
font
c.bannerflow.net/fs/api/v2/ Frame 017E 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F0f63eea9-bff4-46f1-b0c4-c0bc6ce3911c.woff&t=%20CFMOSXadeilnoprstwy
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18180890864186818560/CH-DE_FX_Productrange-2-DECH-728x90-638330545160052832-df08ecc5-0d94-4367-9809-0dfd7fcec4ca.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c257238860257a413e21387c206c3f9875c8d5cb02323cc076d57825a5a1aeed

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
HIT
last-modified
Tue, 31 Oct 2023 06:18:04 GMT
server
cloudflare
age
1566515
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=0f63eea9-bff4-46f1-b0c4-c0bc6ce3911c-subset.woff
cf-ray
827f2c4e4d3d0204-ZRH
expires
Wed, 30 Oct 2024 06:18:04 GMT
font
c.bannerflow.net/fs/api/v2/ Frame F0B8 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F0f63eea9-bff4-46f1-b0c4-c0bc6ce3911c.woff&t=%20AIPRTWadefghiklmnoprstuz%C3%A4%C3%B6
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12403473053583933440/CH-DE_Options_Product_Range-1-DECH-728x90-638330546660072439-8f797ce9-0fac-42dc-a7b3-b732475546d3.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96cfca84d103bace221aa5de8286adf52d69cb0a81e61efde4e6322bc4e860e6

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
HIT
last-modified
Thu, 02 Nov 2023 02:00:30 GMT
server
cloudflare
age
1409169
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=0f63eea9-bff4-46f1-b0c4-c0bc6ce3911c-subset.woff
cf-ray
827f2c4e4d420204-ZRH
expires
Fri, 01 Nov 2024 02:00:30 GMT
font
c.bannerflow.net/fs/api/v2/ Frame F44B 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e55163690c3a51d28cd4986%2F0e4550a5-b612-44e0-a5e0-84c7ccfbd43f.woff&t=%20EIJLNPSTZ
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b19b4686e33b355a3ae3b97fff7d7f349e922ee1f28816899f69b9d55578ba89

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
HIT
last-modified
Thu, 02 Nov 2023 03:28:09 GMT
server
cloudflare
age
1403910
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=0e4550a5-b612-44e0-a5e0-84c7ccfbd43f-subset.woff
cf-ray
827f2c4e4d430204-ZRH
expires
Fri, 01 Nov 2024 03:28:09 GMT
font
c.bannerflow.net/fs/api/v2/ Frame 20F0 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F0f63eea9-bff4-46f1-b0c4-c0bc6ce3911c.woff&t=%20AIPRTWadefghiklmnoprstuz%C3%A4%C3%B6
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12403473053583933440/CH-DE_Options_Product_Range-1-DECH-728x90-638330546660072439-8f797ce9-0fac-42dc-a7b3-b732475546d3.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96cfca84d103bace221aa5de8286adf52d69cb0a81e61efde4e6322bc4e860e6

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
HIT
last-modified
Thu, 02 Nov 2023 02:00:30 GMT
server
cloudflare
age
1409169
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=0f63eea9-bff4-46f1-b0c4-c0bc6ce3911c-subset.woff
cf-ray
827f2c4e4d470204-ZRH
expires
Fri, 01 Nov 2024 02:00:30 GMT
font
c.bannerflow.net/fs/api/v2/ Frame 408C 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e55163690c3a51d28cd4986%2F0e4550a5-b612-44e0-a5e0-84c7ccfbd43f.woff&t=%20EIJLNPSTZ
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b19b4686e33b355a3ae3b97fff7d7f349e922ee1f28816899f69b9d55578ba89

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
HIT
last-modified
Thu, 02 Nov 2023 03:28:09 GMT
server
cloudflare
age
1403910
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=0e4550a5-b612-44e0-a5e0-84c7ccfbd43f-subset.woff
cf-ray
827f2c4e4d480204-ZRH
expires
Fri, 01 Nov 2024 03:28:09 GMT
font
c.bannerflow.net/fs/api/v2/ Frame 0461 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F0f63eea9-bff4-46f1-b0c4-c0bc6ce3911c.woff&t=%0A%20.OTUadefgiknoprstuwy
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/878616523147575296/CH-EN_Options_Core_Messaging-1-Global-300x600-638325444140859338-7a0e12a8-cfa6-4117-9cfc-18a44ed9c9bc.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06d4ed528b2668b4a7b7cf6504168965a4865f5a1194944d1aa421a25023a771

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Nov 2023 07:17:19 GMT
server
cloudflare
age
871760
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=0f63eea9-bff4-46f1-b0c4-c0bc6ce3911c-subset.woff
cf-ray
827f2c4e4d490204-ZRH
expires
Thu, 07 Nov 2024 07:17:19 GMT
font
c.bannerflow.net/fs/api/v2/ Frame 5DA7 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F0f63eea9-bff4-46f1-b0c4-c0bc6ce3911c.woff&t=%20CFMOSXadeilnoprstwy
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18180890864186818560/CH-DE_FX_Productrange-2-DECH-728x90-638330545160052832-df08ecc5-0d94-4367-9809-0dfd7fcec4ca.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c257238860257a413e21387c206c3f9875c8d5cb02323cc076d57825a5a1aeed

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
HIT
last-modified
Tue, 31 Oct 2023 06:18:04 GMT
server
cloudflare
age
1566515
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=0f63eea9-bff4-46f1-b0c4-c0bc6ce3911c-subset.woff
cf-ray
827f2c4e4d4a0204-ZRH
expires
Wed, 30 Oct 2024 06:18:04 GMT
font
c.bannerflow.net/fs/api/v2/ Frame F02C 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F0f63eea9-bff4-46f1-b0c4-c0bc6ce3911c.woff&t=%20Oacenoptu
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17177723152520708096/CH-EN_CFD_Price-1-Singapore-728x90-638326037557461764-6116462f-2685-4f3a-a48c-89017f79f1b9.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b04f31bb1731eaf9401a6633c37f2f33959383fc0e08bfbae6476a693ac82e8

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Nov 2023 04:29:35 GMT
server
cloudflare
age
881824
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=0f63eea9-bff4-46f1-b0c4-c0bc6ce3911c-subset.woff
cf-ray
827f2c4e6d630204-ZRH
expires
Thu, 07 Nov 2024 04:29:35 GMT
021777fe-341b-416a-97a2-eb2576dc6474.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame F5AF 		205 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/021777fe-341b-416a-97a2-eb2576dc6474.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb10b5a2cb6055872cb8130282367a591dd1dc5ed296d69398582d6034870a95

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:39 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
zS+vYkrSP7hxgCQn7kIbEQ==
age
1764
x-ms-lease-status
unlocked
last-modified
Tue, 13 Dec 2022 10:04:50 GMT
server
cloudflare
etag
W/"0x8DADCF178F32AE4"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
a05c3fa4-201e-0038-1576-0c49e6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
827f2c4ecd9224c4-ZRH
optimize
c.bannerflow.net/io/api/image/ Frame F5AF 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsaxo-bank%2F5a0d3b1088665f7354f5da6c%2Fimages%2F99c15807-5466-444a-9da3-29e78c43d238.png&w=320&h=419&q=99&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c7446a8d736c678fbe101311e91becfd7087ee25c7ff33137cddbf625e4d93d

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
HIT
last-modified
Sat, 18 Nov 2023 08:16:56 GMT
api-supported-versions
2.0
server
cloudflare
age
4183
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
827f2c4ecd9424c4-ZRH
content-length
41820
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
9385cbed-00ad-4793-94f1-014c2e89e9b8.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame F5AF 		217 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/9385cbed-00ad-4793-94f1-014c2e89e9b8.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58550bfbd57abaa8f64bf8a14889e10a3726eaea36bf0c08a9f613fc29916c17

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:39 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
jWK2YKDGtOC5ylmcMWhtkw==
age
1765
x-ms-lease-status
unlocked
last-modified
Thu, 22 Sep 2022 09:21:09 GMT
server
cloudflare
etag
W/"0x8DA9C7BC8F9699C"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
0e798492-101e-006e-6cf6-1180fc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
827f2c4ecd9624c4-ZRH
56b6779b-5131-4891-a2ff-8ab4f55dc4c4.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame F5AF 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/56b6779b-5131-4891-a2ff-8ab4f55dc4c4.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8e197368871cd4061fa33bf5b1aef8a02b73575144963e6e930d35b7186190d

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:39 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
4OwxmLD3WpKVbCNL8a+B+w==
age
2283
x-ms-lease-status
unlocked
last-modified
Tue, 13 Dec 2022 10:19:31 GMT
server
cloudflare
etag
W/"0x8DADCF38623156A"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
05bf2122-d01e-0013-40d8-11f1df000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
827f2c4ecd9724c4-ZRH
80fc0aab-e7e6-4d72-b960-441a4375ea21.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame F5AF 		193 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/80fc0aab-e7e6-4d72-b960-441a4375ea21.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
096b029c8f65acc4691e0f6c4c6d1d3a049e3dab8754d2c2444a1e9612c8ff6b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:39 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
3+uFcu57O0ahuU2l4f2hSA==
age
3078
x-ms-lease-status
unlocked
last-modified
Wed, 14 Dec 2022 08:29:47 GMT
server
cloudflare
etag
W/"0x8DADDAD5C1FCC00"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
f9ad98e9-d01e-0003-2b63-0d0c42000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
827f2c4ecd9b24c4-ZRH
5f0cc027-74c7-49d1-9005-00c789919828.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame F5AF 		158 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/5f0cc027-74c7-49d1-9005-00c789919828.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09d37d5154f46e118abb3adead8557c6094198e959b823fdd29aa224aa90ab87

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:39 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
dnEdZ6svKhXcW8lZfJOunQ==
age
3078
x-ms-lease-status
unlocked
last-modified
Wed, 14 Dec 2022 08:22:57 GMT
server
cloudflare
etag
W/"0x8DADDAC67FF25A8"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
a4d916a2-701e-0057-5d90-0c4315000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
827f2c4ecd9e24c4-ZRH
c2f6d710-3a0d-40d3-a375-4220db4191bd.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame F5AF 		151 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/c2f6d710-3a0d-40d3-a375-4220db4191bd.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42f3bf00b98db3a1546c6738ebebcc11ce41bffa2e1f24c022c2f9392938d597

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:39 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
w+egTtB742SWTpq1qkS5Mw==
age
1765
x-ms-lease-status
unlocked
last-modified
Tue, 13 Dec 2022 11:43:57 GMT
server
cloudflare
etag
W/"0x8DADCFF51C6E2BD"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
e7dc9cd2-701e-0025-1590-0c445a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
827f2c4eddc824c4-ZRH
9385cbed-00ad-4793-94f1-014c2e89e9b8.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame BB69 		217 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/9385cbed-00ad-4793-94f1-014c2e89e9b8.svg
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.0d17da23618f24b974cb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58550bfbd57abaa8f64bf8a14889e10a3726eaea36bf0c08a9f613fc29916c17

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:39 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
jWK2YKDGtOC5ylmcMWhtkw==
age
1765
x-ms-lease-status
unlocked
last-modified
Thu, 22 Sep 2022 09:21:09 GMT
server
cloudflare
etag
W/"0x8DA9C7BC8F9699C"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
0e798492-101e-006e-6cf6-1180fc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
827f2c4eddcb24c4-ZRH
c2f6d710-3a0d-40d3-a375-4220db4191bd.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame BB69 		151 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/c2f6d710-3a0d-40d3-a375-4220db4191bd.svg
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.0d17da23618f24b974cb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42f3bf00b98db3a1546c6738ebebcc11ce41bffa2e1f24c022c2f9392938d597

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:39 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
w+egTtB742SWTpq1qkS5Mw==
age
1765
x-ms-lease-status
unlocked
last-modified
Tue, 13 Dec 2022 11:43:57 GMT
server
cloudflare
etag
W/"0x8DADCFF51C6E2BD"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
e7dc9cd2-701e-0025-1590-0c445a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
827f2c4eddd424c4-ZRH
064f98af-9ba7-4244-940f-43207ce3a2fb.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame BB69 		272 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/064f98af-9ba7-4244-940f-43207ce3a2fb.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e93769d2227f72b6ff0536b3f5ecfe10874f386201eade7c6753fb2ad5cd1041

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:39 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
C50rliIMDPE8SiFZGvsxQQ==
age
1457
x-ms-lease-status
unlocked
last-modified
Wed, 14 Dec 2022 14:52:58 GMT
server
cloudflare
etag
W/"0x8DADDE2E4532F74"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
f9ae2d66-d01e-0003-3464-0d0c42000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
827f2c4efe0f24c4-ZRH
d6a4e0be-dff8-41be-ba0e-a1e6185b7d2e.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame BB69 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/d6a4e0be-dff8-41be-ba0e-a1e6185b7d2e.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55cf3f05f0e211dd54b171882d3ec539b9e4ceb35757e6d24b453d34de6647d6

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:39 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
o8BlfxpL6pDvDJmSY4p8ew==
age
1457
x-ms-lease-status
unlocked
last-modified
Wed, 05 Oct 2022 10:56:08 GMT
server
cloudflare
etag
W/"0x8DAA6C03538AA86"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
09f81f85-401e-004c-0aa7-0c7d16000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
827f2c4efe1124c4-ZRH
9385cbed-00ad-4793-94f1-014c2e89e9b8.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 34FC 		217 B
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/9385cbed-00ad-4793-94f1-014c2e89e9b8.svg
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.3ffa494819a31ca28da5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58550bfbd57abaa8f64bf8a14889e10a3726eaea36bf0c08a9f613fc29916c17

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:39 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
jWK2YKDGtOC5ylmcMWhtkw==
age
1765
x-ms-lease-status
unlocked
last-modified
Thu, 22 Sep 2022 09:21:09 GMT
server
cloudflare
etag
W/"0x8DA9C7BC8F9699C"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
0e798492-101e-006e-6cf6-1180fc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
827f2c4efe1224c4-ZRH
064f98af-9ba7-4244-940f-43207ce3a2fb.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 34FC 		272 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/064f98af-9ba7-4244-940f-43207ce3a2fb.svg
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.3ffa494819a31ca28da5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e93769d2227f72b6ff0536b3f5ecfe10874f386201eade7c6753fb2ad5cd1041

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:39 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
C50rliIMDPE8SiFZGvsxQQ==
age
1457
x-ms-lease-status
unlocked
last-modified
Wed, 14 Dec 2022 14:52:58 GMT
server
cloudflare
etag
W/"0x8DADDE2E4532F74"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
f9ae2d66-d01e-0003-3464-0d0c42000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
827f2c4efe1324c4-ZRH
d6a4e0be-dff8-41be-ba0e-a1e6185b7d2e.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 34FC 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/d6a4e0be-dff8-41be-ba0e-a1e6185b7d2e.svg
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.3ffa494819a31ca28da5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55cf3f05f0e211dd54b171882d3ec539b9e4ceb35757e6d24b453d34de6647d6

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:39 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
o8BlfxpL6pDvDJmSY4p8ew==
age
1457
x-ms-lease-status
unlocked
last-modified
Wed, 05 Oct 2022 10:56:08 GMT
server
cloudflare
etag
W/"0x8DAA6C03538AA86"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
09f81f85-401e-004c-0aa7-0c7d16000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
827f2c4f1e4524c4-ZRH
c2f6d710-3a0d-40d3-a375-4220db4191bd.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 34FC 		151 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/c2f6d710-3a0d-40d3-a375-4220db4191bd.svg
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.3ffa494819a31ca28da5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42f3bf00b98db3a1546c6738ebebcc11ce41bffa2e1f24c022c2f9392938d597

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:39 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
w+egTtB742SWTpq1qkS5Mw==
age
1765
x-ms-lease-status
unlocked
last-modified
Tue, 13 Dec 2022 11:43:57 GMT
server
cloudflare
etag
W/"0x8DADCFF51C6E2BD"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
e7dc9cd2-701e-0025-1590-0c445a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
827f2c4f1e4624c4-ZRH
7d56cabf-5616-4f5c-98e3-0898795d6f2c.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 34FC 		361 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/7d56cabf-5616-4f5c-98e3-0898795d6f2c.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
148786284342af63df57c33534fa5940616d81a9d181b789016dfdc2c26f1da5

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:39 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
RUbP+sQxMgp/o5unKdEvSg==
age
1344
x-ms-lease-status
unlocked
last-modified
Tue, 13 Dec 2022 12:36:07 GMT
server
cloudflare
etag
W/"0x8DADD069B8C58B6"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
f1c0ed91-701e-009c-372f-0d4040000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
827f2c4f1e4a24c4-ZRH
9385cbed-00ad-4793-94f1-014c2e89e9b8.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 24DE 		217 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/9385cbed-00ad-4793-94f1-014c2e89e9b8.svg
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.0d17da23618f24b974cb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58550bfbd57abaa8f64bf8a14889e10a3726eaea36bf0c08a9f613fc29916c17

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:39 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
jWK2YKDGtOC5ylmcMWhtkw==
age
1765
x-ms-lease-status
unlocked
last-modified
Thu, 22 Sep 2022 09:21:09 GMT
server
cloudflare
etag
W/"0x8DA9C7BC8F9699C"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
0e798492-101e-006e-6cf6-1180fc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
827f2c4f2e7c24c4-ZRH
064f98af-9ba7-4244-940f-43207ce3a2fb.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 24DE 		272 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/064f98af-9ba7-4244-940f-43207ce3a2fb.svg
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.0d17da23618f24b974cb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e93769d2227f72b6ff0536b3f5ecfe10874f386201eade7c6753fb2ad5cd1041

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:39 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
C50rliIMDPE8SiFZGvsxQQ==
age
1457
x-ms-lease-status
unlocked
last-modified
Wed, 14 Dec 2022 14:52:58 GMT
server
cloudflare
etag
W/"0x8DADDE2E4532F74"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
f9ae2d66-d01e-0003-3464-0d0c42000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
827f2c4f2e8124c4-ZRH
d6a4e0be-dff8-41be-ba0e-a1e6185b7d2e.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 24DE 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/d6a4e0be-dff8-41be-ba0e-a1e6185b7d2e.svg
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.0d17da23618f24b974cb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55cf3f05f0e211dd54b171882d3ec539b9e4ceb35757e6d24b453d34de6647d6

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:39 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
o8BlfxpL6pDvDJmSY4p8ew==
age
1457
x-ms-lease-status
unlocked
last-modified
Wed, 05 Oct 2022 10:56:08 GMT
server
cloudflare
etag
W/"0x8DAA6C03538AA86"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
09f81f85-401e-004c-0aa7-0c7d16000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
827f2c4f2e8524c4-ZRH
c2f6d710-3a0d-40d3-a375-4220db4191bd.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 24DE 		151 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/c2f6d710-3a0d-40d3-a375-4220db4191bd.svg
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.0d17da23618f24b974cb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42f3bf00b98db3a1546c6738ebebcc11ce41bffa2e1f24c022c2f9392938d597

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:39 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
w+egTtB742SWTpq1qkS5Mw==
age
1765
x-ms-lease-status
unlocked
last-modified
Tue, 13 Dec 2022 11:43:57 GMT
server
cloudflare
etag
W/"0x8DADCFF51C6E2BD"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
e7dc9cd2-701e-0025-1590-0c445a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
827f2c4f2e8624c4-ZRH
font
c.bannerflow.net/fs/api/v2/ Frame F44B 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e55163690c3a51d28cd4986%2Fe08944b7-36a2-4020-a8ca-b77ea636c8e8.woff&t=%0A%20%25%2B0125CFHSbisuz%C2%A0
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a95fbcb656330c53db4bd4098df6d59904e80c7dd4e6764c262cd16b4a3f7ca0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
HIT
last-modified
Thu, 09 Nov 2023 01:34:31 GMT
server
cloudflare
age
805928
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=e08944b7-36a2-4020-a8ca-b77ea636c8e8-subset.woff
cf-ray
827f2c4f6f190204-ZRH
expires
Fri, 08 Nov 2024 01:34:31 GMT
9385cbed-00ad-4793-94f1-014c2e89e9b8.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 5543 		217 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/9385cbed-00ad-4793-94f1-014c2e89e9b8.svg
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.b105a4e6577fb08357fd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58550bfbd57abaa8f64bf8a14889e10a3726eaea36bf0c08a9f613fc29916c17

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:39 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
jWK2YKDGtOC5ylmcMWhtkw==
age
1765
x-ms-lease-status
unlocked
last-modified
Thu, 22 Sep 2022 09:21:09 GMT
server
cloudflare
etag
W/"0x8DA9C7BC8F9699C"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
0e798492-101e-006e-6cf6-1180fc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
827f2c4f6f0f24c4-ZRH
7d56cabf-5616-4f5c-98e3-0898795d6f2c.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 5543 		361 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/7d56cabf-5616-4f5c-98e3-0898795d6f2c.svg
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.b105a4e6577fb08357fd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
148786284342af63df57c33534fa5940616d81a9d181b789016dfdc2c26f1da5

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:39 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
RUbP+sQxMgp/o5unKdEvSg==
age
1344
x-ms-lease-status
unlocked
last-modified
Tue, 13 Dec 2022 12:36:07 GMT
server
cloudflare
etag
W/"0x8DADD069B8C58B6"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
f1c0ed91-701e-009c-372f-0d4040000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
827f2c4f8f4b24c4-ZRH
optimize
c.bannerflow.net/io/api/image/ Frame 5543 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsaxo-bank%2F5a0d3b1088665f7354f5da6c%2Fimages%2F9f0ed779-182e-4c28-adce-8e9c63d05cba.png&w=218&h=226&q=99&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d7b040cf2fefc51059b1ab5ae11b5a4c405b3ccd7f4b4e8c9d6d4a862b5cfb8

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
HIT
last-modified
Fri, 17 Nov 2023 23:05:29 GMT
api-supported-versions
2.0
server
cloudflare
age
37270
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
827f2c4f8f4e24c4-ZRH
content-length
1706
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
301871cb-4ee2-47fb-a505-d8a1e2677930.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 5543 		152 B
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/301871cb-4ee2-47fb-a505-d8a1e2677930.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
307279644d7cf64dc9ee86371da7a27bb581695aeef145df65476f1f0364b990

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:39 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
lx/tqoPhxe1djqV9/qEdwQ==
age
1326
x-ms-lease-status
unlocked
last-modified
Tue, 27 Sep 2022 13:23:17 GMT
server
cloudflare
etag
W/"0x8DAA08B70B1F9D9"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
8e0cfec6-801e-0088-1599-0c082f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
827f2c4f8f4f24c4-ZRH
optimize
c.bannerflow.net/io/api/image/ Frame 5543 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsaxo-bank%2F5a0d3b1088665f7354f5da6c%2Fimages%2Fd3bc406b-e9da-4faa-b2a9-03d21dd7d364.png&w=85&h=38&q=99&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1c7785fdc4ab8fa954fd4a715d66b9dd51874f282077751a224ce75573db8a8

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
HIT
last-modified
Fri, 17 Nov 2023 23:05:29 GMT
api-supported-versions
2.0
server
cloudflare
age
37270
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
827f2c4f8f5024c4-ZRH
content-length
1808
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:39 GMT
x-amzn-RequestId
dff8e820-1dcf-41a9-822a-6daf0819aea2
/
kinesis.us-east-1.amazonaws.com/ Frame B063 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
fc64ed146d4fd9d6acb7632e950a7cf296a9d108e601c4a5418dc60e1e6e18f1

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=0b798ddbc00ed5bd3c2c2306d8d0dd593131c1b5a1cbf40cfe5ab6d959a0bb33
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
cb4956a145b38bc4ff2c98a5fc2afc2cae40164420200d9719185baf1df6c391
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092639Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:39 GMT
x-amzn-RequestId
c092e42c-e20a-3cdb-9d40-61a3f7dcd3d0
Content-Length
133
x-amz-id-2
sOJKQCPmy5uLPdI9ELQUNRqisawVuwIFb6tUKvLbXaqkU8P5Ua9YwctLeUaz353FxLlnEqqE85Vw+kkuDs6IQC9esK3vSCsW
Content-Type
application/x-amz-json-1.1
lottie.min.js
shared.bannerflow.com/libs/lottie/ Frame 8549 		245 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shared.bannerflow.com/libs/lottie/lottie.min.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/widget.e41a0c4132970d505cc8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.80.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67a3b833bb6acc2b54e00118653dfe9a87b1caa15d7b9bd93646bf81c6a2c5ad

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:39 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
3jN+4HvsftV/jNd4P/RFbA==
age
573
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Tue, 03 Dec 2019 09:22:06 GMT
server
cloudflare
etag
W/"0x8D777D243C9FCFD"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9b9e65c1-b01e-0066-41e7-115d22000000
x-ms-version
2014-02-14
cf-ray
827f2c52480f020d-ZRH
lottie.min.js
shared.bannerflow.com/libs/lottie/ Frame B702 		245 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shared.bannerflow.com/libs/lottie/lottie.min.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/widget.e41a0c4132970d505cc8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.80.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67a3b833bb6acc2b54e00118653dfe9a87b1caa15d7b9bd93646bf81c6a2c5ad

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:39 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
3jN+4HvsftV/jNd4P/RFbA==
age
573
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Tue, 03 Dec 2019 09:22:06 GMT
server
cloudflare
etag
W/"0x8D777D243C9FCFD"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9b9e65c1-b01e-0066-41e7-115d22000000
x-ms-version
2014-02-14
cf-ray
827f2c52480c020d-ZRH
lottie.min.js
shared.bannerflow.com/libs/lottie/ Frame 01FC 		245 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shared.bannerflow.com/libs/lottie/lottie.min.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/widget.e41a0c4132970d505cc8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.80.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67a3b833bb6acc2b54e00118653dfe9a87b1caa15d7b9bd93646bf81c6a2c5ad

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:39 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
3jN+4HvsftV/jNd4P/RFbA==
age
573
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Tue, 03 Dec 2019 09:22:06 GMT
server
cloudflare
etag
W/"0x8D777D243C9FCFD"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9b9e65c1-b01e-0066-41e7-115d22000000
x-ms-version
2014-02-14
cf-ray
827f2c524810020d-ZRH
font
c.bannerflow.net/fs/api/v2/ Frame 408C 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e55163690c3a51d28cd4986%2Fe08944b7-36a2-4020-a8ca-b77ea636c8e8.woff&t=%0A%20%25%2B0125CFHSbisuz%C2%A0
Requested by
Host: fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
URL: https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a95fbcb656330c53db4bd4098df6d59904e80c7dd4e6764c262cd16b4a3f7ca0

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
HIT
last-modified
Thu, 09 Nov 2023 01:34:31 GMT
server
cloudflare
age
805928
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=e08944b7-36a2-4020-a8ca-b77ea636c8e8-subset.woff
cf-ray
827f2c50084e0204-ZRH
expires
Fri, 08 Nov 2024 01:34:31 GMT
9385cbed-00ad-4793-94f1-014c2e89e9b8.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 2762 		217 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/9385cbed-00ad-4793-94f1-014c2e89e9b8.svg
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.3ffa494819a31ca28da5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58550bfbd57abaa8f64bf8a14889e10a3726eaea36bf0c08a9f613fc29916c17

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:39 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
jWK2YKDGtOC5ylmcMWhtkw==
age
1765
x-ms-lease-status
unlocked
last-modified
Thu, 22 Sep 2022 09:21:09 GMT
server
cloudflare
etag
W/"0x8DA9C7BC8F9699C"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
0e798492-101e-006e-6cf6-1180fc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
827f2c50087924c4-ZRH
064f98af-9ba7-4244-940f-43207ce3a2fb.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 2762 		272 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/064f98af-9ba7-4244-940f-43207ce3a2fb.svg
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.3ffa494819a31ca28da5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e93769d2227f72b6ff0536b3f5ecfe10874f386201eade7c6753fb2ad5cd1041

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:39 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
C50rliIMDPE8SiFZGvsxQQ==
age
1457
x-ms-lease-status
unlocked
last-modified
Wed, 14 Dec 2022 14:52:58 GMT
server
cloudflare
etag
W/"0x8DADDE2E4532F74"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
f9ae2d66-d01e-0003-3464-0d0c42000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
827f2c5028a224c4-ZRH
7d56cabf-5616-4f5c-98e3-0898795d6f2c.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 2762 		361 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/7d56cabf-5616-4f5c-98e3-0898795d6f2c.svg
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.3ffa494819a31ca28da5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
148786284342af63df57c33534fa5940616d81a9d181b789016dfdc2c26f1da5

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:39 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
RUbP+sQxMgp/o5unKdEvSg==
age
1344
x-ms-lease-status
unlocked
last-modified
Tue, 13 Dec 2022 12:36:07 GMT
server
cloudflare
etag
W/"0x8DADD069B8C58B6"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
f1c0ed91-701e-009c-372f-0d4040000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
827f2c5028a624c4-ZRH
d6a4e0be-dff8-41be-ba0e-a1e6185b7d2e.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 2762 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/d6a4e0be-dff8-41be-ba0e-a1e6185b7d2e.svg
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.3ffa494819a31ca28da5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55cf3f05f0e211dd54b171882d3ec539b9e4ceb35757e6d24b453d34de6647d6

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:39 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
o8BlfxpL6pDvDJmSY4p8ew==
age
1457
x-ms-lease-status
unlocked
last-modified
Wed, 05 Oct 2022 10:56:08 GMT
server
cloudflare
etag
W/"0x8DAA6C03538AA86"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
09f81f85-401e-004c-0aa7-0c7d16000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
827f2c5028a824c4-ZRH
c2f6d710-3a0d-40d3-a375-4220db4191bd.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 2762 		151 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/c2f6d710-3a0d-40d3-a375-4220db4191bd.svg
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.3ffa494819a31ca28da5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42f3bf00b98db3a1546c6738ebebcc11ce41bffa2e1f24c022c2f9392938d597

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:39 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
w+egTtB742SWTpq1qkS5Mw==
age
1765
x-ms-lease-status
unlocked
last-modified
Tue, 13 Dec 2022 11:43:57 GMT
server
cloudflare
etag
W/"0x8DADCFF51C6E2BD"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
e7dc9cd2-701e-0025-1590-0c445a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
827f2c5028ab24c4-ZRH
optimize
c.bannerflow.net/io/api/image/ Frame AFAC 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsaxo-bank%2F5a0d3b1088665f7354f5da6c%2Fimages%2F9f0ed779-182e-4c28-adce-8e9c63d05cba.png&w=218&h=226&q=99&f=webp&rt=contain
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.b105a4e6577fb08357fd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d7b040cf2fefc51059b1ab5ae11b5a4c405b3ccd7f4b4e8c9d6d4a862b5cfb8

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
HIT
last-modified
Fri, 17 Nov 2023 23:05:29 GMT
api-supported-versions
2.0
server
cloudflare
age
37270
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
827f2c5038e024c4-ZRH
content-length
1706
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
301871cb-4ee2-47fb-a505-d8a1e2677930.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame AFAC 		152 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/301871cb-4ee2-47fb-a505-d8a1e2677930.svg
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.b105a4e6577fb08357fd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
307279644d7cf64dc9ee86371da7a27bb581695aeef145df65476f1f0364b990

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:39 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
lx/tqoPhxe1djqV9/qEdwQ==
age
1326
x-ms-lease-status
unlocked
last-modified
Tue, 27 Sep 2022 13:23:17 GMT
server
cloudflare
etag
W/"0x8DAA08B70B1F9D9"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
8e0cfec6-801e-0088-1599-0c082f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
827f2c5038e124c4-ZRH
optimize
c.bannerflow.net/io/api/image/ Frame AFAC 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsaxo-bank%2F5a0d3b1088665f7354f5da6c%2Fimages%2Fd3bc406b-e9da-4faa-b2a9-03d21dd7d364.png&w=85&h=38&q=99&f=webp&rt=contain
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.b105a4e6577fb08357fd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1c7785fdc4ab8fa954fd4a715d66b9dd51874f282077751a224ce75573db8a8

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
HIT
last-modified
Fri, 17 Nov 2023 23:05:29 GMT
api-supported-versions
2.0
server
cloudflare
age
37270
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
827f2c5038e324c4-ZRH
content-length
1808
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
7d56cabf-5616-4f5c-98e3-0898795d6f2c.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame AFAC 		361 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/7d56cabf-5616-4f5c-98e3-0898795d6f2c.svg
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.b105a4e6577fb08357fd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
148786284342af63df57c33534fa5940616d81a9d181b789016dfdc2c26f1da5

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:39 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
RUbP+sQxMgp/o5unKdEvSg==
age
1344
x-ms-lease-status
unlocked
last-modified
Tue, 13 Dec 2022 12:36:07 GMT
server
cloudflare
etag
W/"0x8DADD069B8C58B6"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
f1c0ed91-701e-009c-372f-0d4040000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
827f2c5038e424c4-ZRH
c7781a9a-8fca-42c4-b6c4-638f8d6b150e.svg
c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame AFAC 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/c7781a9a-8fca-42c4-b6c4-638f8d6b150e.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8c9d6fad56b5dd992e450f958e6466d452bde7b6fe58cd21aa83c65c49e52ee

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:39 GMT
content-encoding
br
cf-cache-status
REVALIDATED
content-md5
w6HfJNCQVE+3MWOUWEpPJw==
x-ms-lease-status
unlocked
last-modified
Mon, 14 Dec 2020 20:05:35 GMT
server
cloudflare
etag
W/"0x8D8A06B9EBD4DA5"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
dc916197-601e-0074-3048-0dd9d6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
827f2c5038e524c4-ZRH
Saxo_AO_FX_Mobile_6Screens_1-595dffe281e44ac59f6b6cbf6e90b15a.webm
c.bannerflow.net/bf-videos/6305e2467f19035908ad8e22/ Frame E4A5 		429 KB
430 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/bf-videos/6305e2467f19035908ad8e22/Saxo_AO_FX_Mobile_6Screens_1-595dffe281e44ac59f6b6cbf6e90b15a.webm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fcb443cc472a6b6913f37de8b9c8698249114cc46f2130f23531f360666d1f8

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
HIT
content-md5
YugJ1fUFyi7xa62/2W9Ocw==
age
1386
x-ms-server-encrypted
true
Content-Range
bytes 0-439142/439143
Content-Length
439143
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-creation-time
Tue, 14 Feb 2023 10:43:40 GMT
last-modified
Tue, 14 Feb 2023 10:43:40 GMT
server
cloudflare
etag
"0x8DB0E7855D6589C"
vary
Accept-Encoding
content-type
video/webm
access-control-allow-origin
*
x-ms-request-id
0d8490cf-f01e-0009-7dfc-110484000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-creation-time,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2020-06-12
cf-ray
827f2c50693224c4-ZRH
/
c.bannerflow.net/tr/v2/pixel/ Frame FB58 		0
81 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/tr/v2/pixel/
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652d25f2843eb9eeda767251?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsu0SfDSRm9QKTl3QIJtXssZusSkWj6_H7O6sSlQWQV8Vb5sJzGthOimRkEyuooQf3oRdBZnuZBXldTvMR5jK59oCeam5wwJEaFmHbx5JCpMohvWlomzBfQa5t7fE3FOU-kZuk7qfT1NNQTGnNYSHcZgqbnqPJ5RZZx5AZus8M-HPKGTTfFA3Y47D019zps9sR8gOjTijTE0WWwJXHXd12K3FfXEzmSUwVc6e9Y1jUdPh_l5TzBoND2E5hnbkFpMJnCBMvcX6S5WJYPBF58oxlcb_V2DaEdRqmBD1AioF2lr25xBgedPEqYu7Cw1_iKV9wHiwSn9wo5XxlkHYy5Fa0Fjg6tuKtGJxC7MwGLfdF6mwohnpEs5LoscoZ4J36P4pW6IfSZ3BoOhBPFe9_bf3oOZVh8bYDBpD2YCC0KrsKoj5g20YAeEzvoNNEEm8NEXReuVIOAWJCbuZJjfRBTSgPQiG8FPRQK3mZQzdmnVrwKobYFdLkIYe7IjJfxzMoNGhGR2eDx9N7q5mZegsbm8-4kkyU7xLFVGst_Y_Wj2pH3lsuiNWPVzWfmzI2NED-1KZ-P_XoWID1xK1w7V-_6PHeLGAQgV544Gpe5RF045hH45Nmz1n_G0OCvR42aiXCpkp0viMIIUPSax7zSHPFvEZTAe1WH_VP0iIoWZHejNRiqHL4QNz4NNEvDDFRDmAMdCxTKBr6OxKEtWDgNHQnk7mrYuxFDc43G9CJBvFYhFc90CFlsq_C3iXChNg4gAQa_acohKq-M1ljGqvljoDoDGAsa-uSzukDxqeFIDKvHm02NwvnvCh1oGqPA4q-0EL_fGK2O4et-agbtA3l5aKqNuXKlfHuGi7CsPou4mS362wVDZGQp5Ac7vcrghhXUoq2ytkn0P79F0IqSQsI5qKKMAbk02I4Ru1MOkNuTbAOSgd9LHC6erWKvOJJ1pAxwFLKYLkKB8sfjz4QZjRd4piL9B0adloYNCz2anKIkUuMjqxC7u6VZ3_r542fcPY15iCesCXdQbRXkg4tFHicyRLASLrLsL17IByz_BabhAwNESXKv94IxUpMtiRt1fZrY1L1fi2sOs32Fr2iJoOmY3T7wZ5XsGznzqbru9dF-yuyZCj6ntIYICc9GUMhqawO1iFSYgyU_s6pu6w27HkZsQlD6orHD1gpMLQlIt6eWeTsmhYGMPtAwSiJUOhZdnWnY1NbCCGkR19tgPpyvp_dw6dwAgeFt1pAumW8bF7Nti2LI2Y811SGWa4w_SaPq71idOJF5km6E87FZvCYtXhg6px_KVVnS39CGN4azxYQFQkSsb45gM4JSf0VZ0_PaHdyLkgJ4Wvd2fiNHlGrQ0d4UaFEU133svSBTLmnA-gTHw9j-A5DJVCSZn66ED-LNgzcyZN6EWUVQTkpvocRRnOoSYF2v6FnB6CxPnVLDTMlq8XH3boFjsJDX4gAloKODxoXsg9gRuql0k-qQqjaoyp5U%26sai%3DAMfl-YS3SXYB1GeofkiCIGQZK0RL9XB4KirW_zCpFP8m4e-0QmgjDxJKq1f5SbBMgx_bkK6FAflBDRXoE9l-Q9g1CKDCukZh-W7tDeSPOHv_V9RP8RCs5Hvv-wxOPkh-VqTqn3dwKzS2HyXx9v9jsMfQ8YoFjTxQVehg-TMhAUlXfKHU5WQ7w5T2JwqHQ-vHTIarmBgyZEyEWbfRzVX_F2S1sx8Ac36Cn7ptLkKKtrOl-zBOaAnlTwnhOLykcuMLYVkNSfhaOfRjwrlNmzUnlkaIXytw1F-WeplF%26sig%3DCg0ArKJSzI5O3KpS2tm6EAE%26pr%3D67%3A0.119843%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fen-ch%252Fcampaigns%252Ftrading-gold%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285515_525707621
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s0.2mdn.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
827f2c50693824c4-ZRH
content-length
0
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
optimize
c.bannerflow.net/io/api/image/ Frame D4B2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsoft2bet%2F63e10827ee6588a96cb203e2%2Fimages%2F99778680-4e27-4687-a836-22e7b38772e6.png&w=728&h=90&q=85&f=webp&rt=cover&x1=0&y1=512&x2=3164&y2=903
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0ad94df9c55774d3d2096266cf11876aebb5df34852bc36f08ef5e59cb40da8

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
HIT
last-modified
Sat, 18 Nov 2023 06:35:10 GMT
api-supported-versions
2.0
server
cloudflare
age
10289
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
827f2c50da8524c4-ZRH
content-length
1910
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame D4B2 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsoft2bet%2F63e10827ee6588a96cb203e2%2Fimages%2Fdb108e80-6970-43ef-9435-8c6e55f63825.png&w=728&h=90&q=85&f=webp&rt=cover&x1=0&y1=332&x2=1705&y2=543
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f061abc2ca47a134567ebd668f9560a40f652168d55db488c28e3109ee2f4ca1

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
HIT
last-modified
Sat, 18 Nov 2023 07:25:28 GMT
api-supported-versions
2.0
server
cloudflare
age
7271
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
827f2c50da8b24c4-ZRH
content-length
23404
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame D4B2 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsoft2bet%2F63e10827ee6588a96cb203e2%2Fimages%2Fceebb2e6-55a1-4847-9230-1690115833cc.png&w=327&h=122&q=85&f=webp&rt=cover&x1=0&y1=247&x2=1564&y2=831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2fdf05f4f671380c5d15f7e093d3695e10a0b4a668a640cecc8174ef3966548

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
HIT
last-modified
Sat, 18 Nov 2023 03:32:25 GMT
api-supported-versions
2.0
server
cloudflare
age
21254
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
827f2c50da8e24c4-ZRH
content-length
15772
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
718978cb-1bbe-46c8-84f6-ca71404c593b.svg
c.bannerflow.net/accounts/soft2bet/63e10827ee6588a96cb203e2/images/ Frame D4B2 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/soft2bet/63e10827ee6588a96cb203e2/images/718978cb-1bbe-46c8-84f6-ca71404c593b.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e425bf4d1c295fd075a6ebf444bfaeab7080a8339e4a7e47e62aee628b804481

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:39 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
Db0Tk7SBHMHJjRljvElfKA==
age
1254
x-ms-lease-status
unlocked
last-modified
Mon, 06 Feb 2023 14:10:12 GMT
server
cloudflare
etag
W/"0x8DB084BDCB079C6"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
ec3780df-101e-00a5-406d-0cbb5c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
827f2c50da9124c4-ZRH
Saxo_AO_FX_Mobile_6Screens_1-595dffe281e44ac59f6b6cbf6e90b15a.webm
c.bannerflow.net/bf-videos/6305e2467f19035908ad8e22/ Frame A5EF 		429 KB
429 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/bf-videos/6305e2467f19035908ad8e22/Saxo_AO_FX_Mobile_6Screens_1-595dffe281e44ac59f6b6cbf6e90b15a.webm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fcb443cc472a6b6913f37de8b9c8698249114cc46f2130f23531f360666d1f8

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
HIT
content-md5
YugJ1fUFyi7xa62/2W9Ocw==
age
1386
x-ms-server-encrypted
true
Content-Range
bytes 0-439142/439143
Content-Length
439143
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-creation-time
Tue, 14 Feb 2023 10:43:40 GMT
last-modified
Tue, 14 Feb 2023 10:43:40 GMT
server
cloudflare
etag
"0x8DB0E7855D6589C"
vary
Accept-Encoding
content-type
video/webm
access-control-allow-origin
*
x-ms-request-id
0d8490cf-f01e-0009-7dfc-110484000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-creation-time,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2020-06-12
cf-ray
827f2c516bb024c4-ZRH
csi
csi.gstatic.com/ Frame 6063 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=3~lp3uh9qy&chm=1&c=4076639824696142&ctx=2&qqid=COW14sedzYIDFQQV4Aod6Y8C9g&met.6=6.1_Cg0YrlMgPyoGCAQSAhAB
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:39 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame AFD5 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=3~lp3uha9h&chm=1&c=4076639824696142&ctx=2&qqid=CKf-msmdzYIDFX0DVQgdmIMBpA&met.6=6.1_Cg0YgTYgPyoGCAQSAhAB
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:39 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
c.bannerflow.net/tr/v2/pixel/ Frame F02C 		0
33 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/tr/v2/pixel/
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/65264552843eb9eeda76293a?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsstOsOMcO6K1CsOSo7oxLBgm7BOlbOLmq_HTdXjkgKvZAo7gXnjpcl6OZisao8yAQ1cwI2Z03xEexMgUCj_wUaeDsq4ZBnmRLczjnLuP1roOSVNvdWHYJlRBIkVoQlTy4mNK0PIrnC9QZJFAERNmFoyByuI0dyl36tKCEAlBsYIX325Mq_DjVytl3s8NlwLjtVTcTeDZ2hcTP6aJof7jU4Ei4_ZYp9Bjcg9Z6iPRX4XGiaCqOCc6w9EeRQnxeLNrjMgorlzlxadD2Dy6qWOl3UZzgfL0mwqyBQVHqnEtWMVzg2a19lr83j8KGbCBbQKrHFwzbxbX5Ko_8r6d5Eoew45j-t-3ma_SO0a5rWIcj4cfROF0OPnRGgWWKz-tXvtvMBUZI9mmFCN0UbyXpLBJ1ol33eySD-GiVTNl-vkVUap8VgYZU_yLKTkJHTmJgQ9r5xGaYATuXrsExZS8sUFsMnLLn8FZ6K1qXd-bNXE8x0VwPKK_lr1SgEQkQHz-9dbo-sZpt1NWrPumBhNP1AAfYfTmfIcFa6LK9TMk8stEguiBy2dhoWkdg5rNR19dEmm86IzcbY-RmMbB8B8rdRhIlgqDFjzFL3j-PNk7a6IAa1_bCqoC5ai9YRaEYvWvrfo2KnHq0Zv6x_ZexTeCM8VDU5MGBHJ4PZSOHGXAAuUOBPS2sMpWDbmQDqkeLsXFpmWAjK7j64J5g3ena8j6tXEuySarpgFiT9Hr036UqFaXE35m6B8BAqcWMyfvkyXD2cfZc5jZh_7FcUoWZykbA2bJy1ehvX3eSc6Ie-psV2OC5BuBx5suzdnOs1xEk-j5PTieRf1zoQUVjr8piFtfckyA-LZxn16C3e_bVt6vX1-w3bRmpaWHuT4a0xjJdjA2I7uUu2ZGxWvGCFMQBXBEFQFzbZ_QB9UNmhfJbN4UWjbN9UfV1R3NyMwvBbjiJON3YE5nVUZdz-KSoxT2ZMotqwpgVV4QkltmWzm1k39UUGB4Oyei5zMRniRM4dlQiQ1eiEo7SVN1fkFQH5RiuDaDqTPSE26ZhOzuGQgjm06KtuoOCKQCYbSzQse5ZFbWBbm9PClH1NS-DXhvX6EZdHTj3nOTtCohJNuUwTjl00WLiAXkDa373zsCXNJ1JIxTED2_pJRujOTSiQYJzh8NAwu8Kx83QlXTpt_qF6JyDtFlnax1LjghQx2Vkg2h7JLpApXiInE_8lQaALZ2iUTaakdmbPkR5OUY8ZfoCO1DjpjWMGoIAQ4fYX1oJkGciFcID9jxkASVOTCq1_w0QfelYYbn2-iXREjTTTRvtLlTQtMgHNnbB7oN9aDIJ-9AtMGNtwq1OALg9Tbyi_z5xAjqqNZsTk4qVeE5IUjgCrjJI8c7O8ju3NheeKLkSJ1uljFuCiVxMBtxamaAkZVzw1mOFGRXSK634_0jkyq6WD9rNHQUNo5sxLMtg1fieDnI8XcCWn5NgxpNpTjwO4XigbOrjNqg8loeAo%26sai%3DAMfl-YQdx_Z9ckfxvm269VUjbsgnfPP4ALmwMjTXww4GnB_KC_ulMN9Wb4gPKeSaqCKDKvMHaid9Ooxhx20GZ3hijuYeDTfS_XKu-_HGmBTTEk065dSLmhwOncmQaB8LZaseZEArPQTcjmhuxklwaLAX6VR8z5oI2H5cwK0gC_DhsRX7U8bgepJdHspuHKERVvcm0AxJONUbWiIWGtl5dIWDWVKpo50yTRaNXUqcygdaOskVDcyzJetQkzhHkPvqckPVQmrLm8Jx_1a-ELArz88BMLQ9NLO7ER_V%26sig%3DCg0ArKJSzEMlzCHiunrPEAE%26pr%3D8%3A489F9114CF8ACACE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fen-ch%252Fproducts%252Fcfds%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014735043_20642292212_524464410%2523platforms
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s0.2mdn.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
827f2c517bee24c4-ZRH
content-length
0
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
/
c.bannerflow.net/tr/v2/pixel/ Frame F44B 		0
33 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/tr/v2/pixel/
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6480988eb614435d92f82804?did=5ced02fe0fd60d000186f5ac&deeplink=off&domain=https%3a%2f%2ffbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
827f2c518c1124c4-ZRH
content-length
0
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
optimize
c.bannerflow.net/io/api/image/ Frame 10B3 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsoft2bet%2F63e10827ee6588a96cb203e2%2Fimages%2F99778680-4e27-4687-a836-22e7b38772e6.png&w=728&h=90&q=85&f=webp&rt=cover&x1=0&y1=512&x2=3164&y2=903
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.b105a4e6577fb08357fd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0ad94df9c55774d3d2096266cf11876aebb5df34852bc36f08ef5e59cb40da8

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
HIT
last-modified
Sat, 18 Nov 2023 06:35:10 GMT
api-supported-versions
2.0
server
cloudflare
age
10289
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
827f2c51ac4224c4-ZRH
content-length
1910
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame 10B3 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsoft2bet%2F63e10827ee6588a96cb203e2%2Fimages%2Fdb108e80-6970-43ef-9435-8c6e55f63825.png&w=728&h=90&q=85&f=webp&rt=cover&x1=0&y1=332&x2=1705&y2=543
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.b105a4e6577fb08357fd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f061abc2ca47a134567ebd668f9560a40f652168d55db488c28e3109ee2f4ca1

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
HIT
last-modified
Sat, 18 Nov 2023 07:25:28 GMT
api-supported-versions
2.0
server
cloudflare
age
7271
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
827f2c51ac4424c4-ZRH
content-length
23404
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame 10B3 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsoft2bet%2F63e10827ee6588a96cb203e2%2Fimages%2Fceebb2e6-55a1-4847-9230-1690115833cc.png&w=327&h=122&q=85&f=webp&rt=cover&x1=0&y1=247&x2=1564&y2=831
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.b105a4e6577fb08357fd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2fdf05f4f671380c5d15f7e093d3695e10a0b4a668a640cecc8174ef3966548

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
HIT
last-modified
Sat, 18 Nov 2023 03:32:25 GMT
api-supported-versions
2.0
server
cloudflare
age
21254
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
827f2c51ac4824c4-ZRH
content-length
15772
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
718978cb-1bbe-46c8-84f6-ca71404c593b.svg
c.bannerflow.net/accounts/soft2bet/63e10827ee6588a96cb203e2/images/ Frame 10B3 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/soft2bet/63e10827ee6588a96cb203e2/images/718978cb-1bbe-46c8-84f6-ca71404c593b.svg
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.b105a4e6577fb08357fd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e425bf4d1c295fd075a6ebf444bfaeab7080a8339e4a7e47e62aee628b804481

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 18 Nov 2023 09:26:39 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
Db0Tk7SBHMHJjRljvElfKA==
age
1254
x-ms-lease-status
unlocked
last-modified
Mon, 06 Feb 2023 14:10:12 GMT
server
cloudflare
etag
W/"0x8DB084BDCB079C6"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
ec3780df-101e-00a5-406d-0cbb5c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
827f2c51ac4c24c4-ZRH
generate_204
tpc.googlesyndication.com/ Frame 9F1B 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?klC5GQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
c.bannerflow.net/tr/v2/pixel/ Frame 5DA7 		0
33 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/tr/v2/pixel/
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652d261c843eb9eeda767266?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvsAZbv5UQ7YhbVeQdUUm2-2fc1FlSCeyw2rMsLF8aSj8h6ncA-zrll9f4DNN1DGziLuihtcs9E4WAKEhc3xvkrrhe3wJUtTMkCfHA9j5hU_UKBJRGHfI9hM6YX-XFbmyX_Ft2TqUrE-pQp27WaKVO3A-FZS-fLk951manRYxSIxyZUvb-ctpJXbae-nXqWo5r2fSybXcaPMzOI3_HrnrtoD68Z0ejnCAttSQeMod6Sz0Cm48hfUJeM4fa4aTwk_bFqop4T3PfFi-XNxMThWLiesq3vNXDvh2DNlp55_EE6hkdTHasOG7HC02iyNq8W19glbgBnNKYPEmgfWo7t796VdN31oSSCGw7L1altBP9zjWOzLNNqvZ-CQOnhuIxvQbmWUv5wRmbxh0naPmBWcB1u94XB9EaoYFbaAIputPPJ52RIHIDXoZz8u43ftq-rMChiZFBlOeVkccGAy0gQ4xHWNh_b_dgLGu3b0jdMhJi9A1tb46cziT7Hy_b5rXgLZvKOp7HdqJho8P3wHx2bP0VQ55lEkfmyA5Qo8Uy5g5eUoxdaemkvmsvZlzySVMtCUmm7PEtVzTBiUwOC_5Q3tJFw8OsAXqs_kkKCmPoIKg6QcG_T6qLMCtv7V2fxieBZUM00IwOUhXtn_H6Xhc_uy0yWGAyA4vxLqhUvTQgny6OnKjswfVxvED9HVnaBOztztqk0LwhFZi7hO_OjUonY4sDkDlBj45Um839CyFXTx06vF9owgJ4OPsEL3YdHAydalHBU5mDeDRvhVaLwY7FMJmhkLVGuRYaGr0YjelH5rmFiAby_ATVnMaIfeywcN6XBDfeaU8GOusBBQUJgguuzMyYG8dNxjfk1aXTx_viOJLN1kLZ_2urd1TvMQ9qRROdn8aujrhNLUXgIF9wqPggZRAWmxVCPKU2O3dIRZez5QW6yfVv3kCS0FS_SHdf-DvIxzcgFk72J6XLhF8TaaECyDMzTtj_hX3myEmPrqO4uyio6pDq65wfORHc3qcct0c1oOR66LcLC14qRdIiXYwLDfI0mnDhTm9Fub8_b4drbY8LxIeZikjhr_6tjw80i9IaI6bLLw0VkHj87QRPIHOt89dF7wmbS-G5wuKqeJC8ilCI5Rf__rG5MIOl8y7kcw7QaWiFX60yrDOJi9C9HCdSMFaHkssMcgA51qayzqB0ZxOeSXKk8KYAnKxMoM5TxM3cd2ighNnpldr4DOw4O8WDepOzOCP_mqV72s1r6eUCM4G8OZV_L7S-GfAp8AIdkcu8MlFmtaRRVZ1ScI82BKwAFYo7F4lwlLLxpLbt2mK-xV35cbsHKtoTWQKjweFfdWF85lfABz6nlLHl5GcRKR3Dw7x0jfwE6K2Hjohk-Eio3msn5Jv8kcTIt4ClGafwV3oJeFKSc1lh6_8M6i_RiuH1hhED5SCVU-Ell8q4gSg0-OtW5EXCuo0sTAuc20ZNECxGbmSkHsgSpu7QVUEFsBOaAmzptM0eWpg%26sai%3DAMfl-YRbhFBE322qcLLjTxF1KtyTySLA4Wl_sVAZ-30bCuo9Fk1LuBPaCPaHNvoglavRBb6TCuLGz9mHTrHohlTpNgX6DWuUGj1gKK9rbvc_Dot2tZB2miUFUDEWOY_wrcxZ6Qny0wr-AHwnhUWutiWE2qb2ngr4Mc1uYSGVVLAQKG7QLg0dtqrCmtXlH3bWgW5Y6bN8ntUpjzh2k-vfnFiZ7hcb-1qij-FYSg7IH-SVhNNV54HAOFtpY-_i88by1D-g357Y6tyoC7V3f-oPGC03NTapah-UBXVq%26sig%3DCg0ArKJSzGQY69rlVFb1EAE%26pr%3D67%3A0.136704%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fproducts%252Fforex%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285515_525707621
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s0.2mdn.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
827f2c521d7524c4-ZRH
content-length
0
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
/
c.bannerflow.net/tr/v2/pixel/ Frame 408C 		0
33 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/tr/v2/pixel/
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6480988eb614435d92f82804?did=5ced02fe0fd60d000186f5ac&deeplink=off&domain=https%3a%2f%2ffbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
827f2c525dec24c4-ZRH
content-length
0
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
/
c.bannerflow.net/tr/v2/pixel/ Frame 017E 		0
33 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/tr/v2/pixel/
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652d261c843eb9eeda767266?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssRxeFXxDyo3De2Pi3Vhm1Qr_UJfAiP7GKTCZB05kzdu20TXw4_maYS_a3u1hP3sibf-KCRMbnYmqK_HJ-mnUNV32v-dC8Yqwp1aSDG_p9ts6YwyImM3ArtWjcUP6agpBZrk8Q1g6Hgdt9wrVMog7PgNzBtglZb89sWxH1gZEUWXor_ADJziDm81pV59fzmbSp6PknHnWLtlOZsl6ykPxpdsF2bA5s1E6dlxzYBmzaLMF9L9cKge6FYgqT-6LDvpRtolmp4Cg0iuc7pePo5i-wj4zVfVCHPfJ9M95F8pr3rRMJc8bs6Hlb5JJtJrS8E2OPfzI77rklk1I52Xqt9DX1kl-tEDhOEjSN1unjP-FN7o6nw3gzmlqWSAlksMijJyRhau7FC59lAkY9UxBqXxHs9J2iiQfNe0YHxqjeC4enQMTa6XjMI_-CTI4EWg8z3CgttBd5dan7_k0JHKXXTOi30YuLdfGKcJ0gysyGkBc-G7VANGpeFuv0Ci5F9_DDlggQUVokz9ae-Q1jh-RHPJV7i-8NWRzEJNC9N5_bJQgxK0Z7jhZcGIIL0jEeMNp9Thz085Y8VeC_WtcjN849RH8emqViz5IrpV_AOEXSX6qMDW9DQCA3pYMnFmAP_W_xKqcozVErAknX3Nfe_2ktkmubvlVrkSOCM7uUX1nuOBTRFUheym_4IELoHSmH6CzmvlwcBU6EpQC1LB61igG0TaQzzJ2r1WKEj6idEZn5oEdBvlrWvAX-JW9UdqRifH2jx-3941WwVjiNLHvEC13zISyebbSO1Bf18FdiRBS-vzvomP2V98aDu4WzwSAWSP_fSjNPoyTm0hkPvGWH5Cq2Oq1cN7dfOSHzIOKXptNALyVvuSA0fiXdi0-ZRAA7CaOj_3JJyOv4tUPhHtLNPNKvnLD6TbjDrrWxRFryQRDxacDvfxssq_tYl25NBkpykU4HivIEBLhTZYIJSmKeZ98NipnSHYsMqcXeuFuGTrjwQcRBQuksZjHnHGroZRheTpMeyIMLqDzu26InhPw_Xhpz-AbONFhmRGxmdW04cNKG8db50Lb19DyOWm1wMj5BJ4AkX7A1YNBH5C3IBltuUceWffKiFadj2yMIC7Tykv8dFoF2TSGaOJd6X24bIya4ynv_djADoqIN2zU2ML5K0mrsadcjoh8iVO5kwKf76PLGRzkgFKik4hhE9AG6XvzovQhII4DkRnMPdb1g8vMv3s4oLsIBJHisNI72WVDR7syQ8n3eKXHHLUQIXHotYvMgPLvfmIcr5_0Bt23Hlg4g2k2iRAj5XBwHABNEVRXqlEVpR8YO7N9ul9-MGbuF3nEtjPKI6KcEI1QbBSbZnx97NOy-Nmn7zU-NBiMlQD2zqBAgXigfpzClUprr6CfOUbhtJCI1JVLN6KidrSS4XgfgT5-CjL9tZzeHO6Njk63MtxtCPISxMIHmHVa2rgp4KNj0G__uuLokDEgXJ1Z50RcFNdsV2iNGTzmO6%26sai%3DAMfl-YQaMX6XqXq8u_L9uNOvhNT4JyOl7SDxiVlHckkl5rFBaUntrYBV8x_UA81y_9815_6lK67U-lv8jHv2eSmsxjNkWQ73dppv5EHtwYFlJOVY09WWx6icNNFp9HYmLI7KjYDlublOkqX0LPbIGZKCQnAw9ygzSpxm0tPrcv3kKCPelmY5YiFCZa_q23tBJoMApi1_5kkx6esI33_k63s_-VdlptM3-NtyBBGHC6Hf1DxC8uy5Vjpe2FMCB9ioaZGCUBA1-5nXB5L-atPoLcGtoWOr_LO9Ov48%26sig%3DCg0ArKJSzDG4mMaS8ptpEAE%26pr%3D67%3A0.136704%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fproducts%252Fforex%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285515_525707621
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s0.2mdn.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
827f2c525def24c4-ZRH
content-length
0
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
/
c.bannerflow.net/tr/v2/pixel/ Frame 0461 		0
33 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/tr/v2/pixel/
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/65255d77843eb9eeda7622f0?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvL57_Beye50btDr0uxhLnmg0A6h6mqCwqtO_7UUdRkoXG7jzGiqtA_fihEKtlRjLjXBP_sqx7J-I7Iwru9dXlGyuREXfZAKQTCUKqyVeMu-zQSXmX6d0V343KiUaXFIucAggkhIgeLX3TmQ7ynGMdOXC9fLJjjCkzy5IJNggcQ24C8WYm6Pofpau36MnGLfkGNrfs023lYdOQJqJS7Z8mda1j7RkdVxdYErX_i5ogHxS4wsY0TLan8BhVYapcjIJmWUZMOQ-Dmgvy8zZN-6QI2W97boQhf_cMronbt8Dce34FRng535LqGPabWXfbjPPG2njRbU8Qq1xoQzdiECTOG_g_4dCUrsZRjZUwZaRxarauwNYPN5OTkxytPOozRKI6ARIt9tU5ELwhvzVZvvhTw4CKoWtVcBLqqSxStILxgkM-_TBTK_oacsTquxU0dpekfQXbmB-J0zUEUGsFUOmZLqA4-8xX2izRFsvHH5MTlSBLJYj9jTaD4UJB704pk6C5YGk7fhB8L0r58DHH783Qgi8V_Qa4RY2mWH7ofwtFRIW8wqEEP7k19kH8TsWxVOXp2qq5xmEot1xf0h_NV4_BnH9CCY6Duqwe7d1QgelpIeUIxtM8orh2h8TtceIc79WIBl8R69qiKKMWwfTxua4wdL7QBoSAz_86TVGSSQU6zcT6OkEIIgeBjLAeJ_qNExq21mcwb-Z05T9VXqnVnZ4Z3UYWi3XB_W4Ede8BuRbry_z3LLZKLnk_nxmfL0001n4JOmOIyegtl6DVtJaTZbdEu8R9whU_EIb9kfqTbH-w8NV0Lvmo0Ymb2dIJVexBXFNTv70ZQGfP7v5BgmKIwSRVDBTSXIdcc7PpkspzojnxHYtxb6VF_QwqT7iVS_sMjhLju_PMxcWLm15ufoqHX21lcPWXJMOlX0oO2vZga_1-sb9fM2E1s0tMi5lVb2spldLPXC48OfCPUvXUpzD7dDbJUQt3JCBk8KInTcEysoviquHpA3523gTlm5PHdkbtakCJltki80xZ7AhqsRmUvP3G0GXa3HsTObChjknmU3xgWpmrwYOsKSveaaSEMQX4kIAjrTod7rh03TubhYZbVy-oH0aUcCDvMXZiE5cE7hO1_3axWxrTgp1MRHSSOj6H8Mt77WDMtp_HrNHexyBWlHt4ZajumtFNTq52LQvLsGAyNxsall4mWYipSzY_lOcUJFOYmvtaeRl3O9o6DVd0-E3f0ujQmiiWAWXr9nIr06gE-HCDkSxL3wQ2l82bsn3YSCGww-0k5F39odaYHwbfeyVfVhgLpbzs8KuI4Yw94I_1Xk5yhzFZRrbKXCXPrZpMISNI417n5htnJv0wAq3LESMxxoxPuJKF8CBuC2IPt9kzMxYZr0UGfVHRpMQiNxJcgEfX0h3oG_gUqy35c5GvejavR130pFMshHhra0ikKuvmtYCOFxPtdvazQCvgibZhXM9lKQ4QHSC_UYON1SvKKrpM8fQ%26sai%3DAMfl-YR4URjTGZnAEnd0sgkcJljPe_KU4y35AACKdLKLJdKsJyM0mFRqnr2lvhO_mCtQEfUi02foyeWHs5YGJO2_yAjSd3hXbxAIt-B_b2nnYL7NsdUKF4bXzgAKvIFTn6kLZjI_ysItZl2StmIuPEtF3lya3WJgp7KYa9Etgn4-B0limmLaSHDTM-a_gL2BMKwvMuusaSk79nSllNXN85Yt0BXFTJnRxpHIQiwF06QwD_H-QL9YGfaXAIHQcVRNG2T4yfYYBV5nsX3LPafVV_rYXbo5df5GLBIo%26sig%3DCg0ArKJSzD6qVA7nYnPQEAE%26pr%3D8%3A414555A0233F1638%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fen-ch%252Fproducts%252Flisted-options%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014735043_20642292212_524464410
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s0.2mdn.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
827f2c53684524c4-ZRH
content-length
0
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
/
track.adform.net/Serving/Event/ Frame B063 		35 B
626 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=67903448&event=178&time=7&baid=59331496&name=Viewable%20impressions&imprid=3661739783862091832&icid=3216836833839915637&eData=nVns1X7T6pkNLh_RhDUzwRg7ILX0-QTMYaJU2uM20Nk5BVLVjATkLamwX8iIyHzAgoJ91ReZ5AbjMkndTnGQPjjCY57AADHK0&rtbdata=qv9ejJzjOeY0mZ6kelq-8rCsK4l_2OrbyrWNLVyijSev9q7VT4QsEn8WJY_TAOcRKottOvZdx2gcEiFQAXk0L81D5ldv-icmD7TriWI_HNKXcAwlMqKl9b_M7cVgQJceqq8HGtFeB_QK6FpHMkg1aJ9nofLwBviHe9hsTx5gWIzfHjlKoWIM7bxm-9bbr7k1GEbEH4l0xcnxR4cnqKPElcgoE-BgNjqVlLBmWJ6IOjRftqkaem0r5Z9rX14qzbssOf6xLZNG6FPuXFK4uqwgo614bYjQ2y0BC9fw_n_QWtVctNMQfXi_9jaQopJ01OkwOuaDf_o-wm4gKQoJeufOeKIGF5b3gnf93_xcUB520rDSSFdHB1pKgTnba820HxKTWPwCPzq_Z3WKpjMRdn3So8N4iOtIBxgX0&rtbwp=806C8143FF24DF89&rnd=912201990
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame B063 		35 B
626 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=3216836833839915637@@67903448,3661739783862091832,100|1098|0|0|0|0|0|0|0||37|1|||||1|0|0|Aq_-tJYpCVUKkl2cBovbO6-xvRJNZxIN8QBAlX3kYVUe0NyHtcJeEMvBv3gbrIiJkyXi4fDbv2XFowHsTcizlQ2|||11||0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
c.bannerflow.net/tr/v2/pixel/ Frame F0B8 		0
33 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/tr/v2/pixel/
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652d26b6843eb9eeda76728d?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssZ-UFH0pfFNAsY-ikl_lPYXIVNJ5iNo_hIkmS0m3Uc_7axWjw-RCv3WHVlq-i3P_gNDwFXWbpVtWf8rudvWSOBViCJeM48teykOwy-3XtI7PvBBZ5IMTgmOwSSZeKVqcReDW-a2mv5I3wuVf_pyRgXaYEkEH6ZR_2NwTicakh5lLz_o0HX98bzxJTWQI7H1GwfcXZjskG1teoExmySMWkY6jnbRowGQZPqrI8CbtF8RT0YItDtEkp989gbZYkHhFLzuuD7_OfQUEDJRIHmsSVmUBDwRr-K1pq-umLRWjg0TaMMtrID98UkxfoVjfYUNLJysgpkPbtsGckHsJaZsew4YrawbwLavZfQmKRhgifKBy4rFVNQFNY0s8hq9BhiiPR2HEDs2rJSvSAYtbjYU8WuDLKSDi6K_uhMCTW9EX2e4M5shG129ZJ-ljAL8d0Rp1kuwNr0mkt7JCo8SD44ZfeFZNm-BawJ6wRYpyOk0yPqxccWTX9pMK60fuCGAhl_ZWo4fY6miyLeQh4B6uxaTd_bR0ytLysCih6rupjr3sHAHIR6FdWAxXO8W6QrABdNE10LvgNybYH3okct7idVwNwK64LvSLfaFw55xEMhNzjqEjgGA61tvLdfQ-33to9ua4knN1U2w-sck_wrVdUiRDb4AoSO40hQqxn6Pv4htwDdVylPpVapUin6PZLAhRQW1mIgm3fC0_D0SVLcs6XBt3ZuCQ7PkqRymeT8go6kNlCWW7EhHAffIYKirpAzriNo77YGxqyjBXNWGlP9SdJsW9QqtTnkzxhzmAw3-Bl2hwexYoZaMK3UQ4EP0dJckzTyfBsQvOR5kZiOYSDu-Dwj54ovETLFAoKCfcWEtaikyNX0zR21E_toBe8UI3ptLM2aF3wiRSwb4ukfzgV_Z7BUrtxU2XbCJvKbIXFijxcKRmkwWYgwHYi6Fq4BEWlZzkwAR55btkyHb78NmM-idgVs2Yv53n0a7Uj_fTkysPsjrVcyv1SN5U2vQ8UeEsO0elqABuio57r8hdfS5DibLgA-PnqAVDgeibzHk6K06uCGzC2vEQ0_8_veg2ljkVw1pOLgvziKgfamTJsKgnKFH-Rl0JtLyDYbtKN0bihVr4Uavp0E-h8LhKQyqtJvZfdMQIiWgR160oEZ-7TA0NNhxBwq0dxk0iCLNWdFZjoKrMdKHSLnCg3guUR8gYR_osd7q2GifK1e3V-yMNAE55NLcsSnyhUxQx-y7BCh61qNwwyq6VeYDjd4ntFanZRzDFeOX_XdqrHE5yy9BMuJIHtKScm031zUzvbi_drx_YxRKkTn9r4UNhNP581aS8AeYJHJ8ypA4a_GlzWkEjzBra0L5NylCVJCswLSTKae0cCO43gqwGC6oFKJv_Msv9Q42ssPuDbRqeNu89aW6pZT4bAjxzvyGj-kYR-XPZDrJZz8gPtWM2eMBsZBkMYtQI7CtCWAX03NB5HUWdCQnp2WP9Ud6t5YKQzjqm9A%26sai%3DAMfl-YTu_t8jc2IDS7vxwEo_DSWKfAW_SInzO6mxxwp8U0aa0BPyLJQk4DqsQL2W9Q8tZalsHswBMphdL3fHiMcFbG9AnvUIvophjtPViWGUEg3g9FWgZnt12Z8KgVjZGZ-ayiRhMUzase-sBFmxa1BZ08DeUAYLiUplNbwVbpmV75FHCPpmkg4YB4AWxF_KVBhFpjMbPS4VAUepyPDgcx90quAfMxxqYeHXVM0Bg5VUS_Zes7fcyqwWjm82_Acg2buYblA_G4N0fBzrPJ1q3G4OuaOINAk-n049%26sig%3DCg0ArKJSzJUTEQDyRaaeEAE%26pr%3D67%3A0.119843%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fproducts%252Flisted-options%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285515_525707621
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s0.2mdn.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 18 Nov 2023 09:26:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
827f2c53a8ce24c4-ZRH
content-length
0
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
/
c.bannerflow.net/tr/v2/pixel/ Frame 20F0 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/tr/v2/pixel/
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/652d26b6843eb9eeda76728d?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuPfAsaWFTKZqJYAQYNqd8Du6f8XchFRyoyIeSPD5DqN4F3tfRQQeqQ0_HwDYWkzRWmvVLt4s-JX28UW1RQBKddJ0nZAd6xL2fZQkZv36BSZa7kiv1eU2Y1lCW5KJ3yy-DTQQ2u8gt6YuzG9sTOHbnwh3Mtus2-NrW3CsGxFCB2-ScO7B0_eeuVQvBWp6gDQ9JDv_6wRV0dM0J2wsRCrpBPjXGSw26PzpMD2CD9_SATRaLcez-9r2V4j910LCH6dKAGVyKwa6XCsrDp0Wdgmc6T9UITd4ofD8JyKMAg79epBhfP67DoirFa1xzalR6fKCHuHt7Tgs_k3H6NZqD2bRlSPqSTXAtNCnReCBSkNHGtiSoIBW5IoR8hmXuJ7Z6J41sDU_xiU475VfmOpqZWVGMkMieYMjYcAdj1aviU7p3F-aMJADNw9yzGnwDFgyzcCzRHDIENe2lqJylRfAzcyCf-f3Tb5Z2dZLVeh0eiwUl3oxmKLVRi_5vW1fr7YowVztcq5j-G0SWBc-LAny3Xsp_mMoaMEhJ6P66uHCtmklKsbv-bsirZ8WVysiPBFPYUf023ZYgWhxi6V0FHzinp7C-c9i2pR6AU5jw8xYyA9GdkBLdsg0Acq8WPbpAt7akVNi1sTtjlGbwrV5ejCWPtIdqgUutr-GJrfISU8_DVnZBYjVWtWOfqMHX3sd8N5kEref0ASzEBeDCvurX-rsrVMn6xdLBwkRmTazIsBkZMkTVLAhds275WiA9vTTlLS3_rDYjZX7ePh8wIoVqWckHevXLy5clBg_adl-8Iy5xqIKWRJHxTaOCbM56WjpKUG16h9DIiELmtCAvpwgkkOUW4CpJ7d2jWgZ1oC7R7-NJ104hIO1MmXV-uWuIOqS5Y1uyUduADDBLKKcrc6V2UzI5JPec33ib6nhpldqglwY5PI2jgfjLMZfzUrQj1E9pCcBohL09yTk8mDdYxdxdsNJfSDAGViqPGGO_YlWPOFgcGsZNalqyxl1uqeRDkRCcD8tskLdWYlf9iOMzdZ_An0DXhM6X1LuLBWsZGcpJrmcRfD7SdSUclZcHpv7doBkx4ziuZ1NgUlreaQPe-WnYi2QYKkSlWVfBald4xtN1ZIGPFNSc4Z6R1yJT1VBAJkV20b8meAjL3ciL2cqrNwXgNh8ry3Okr-4rvRcK_lFUGYHzqwvA6DuAfqA2qDe8VLnMwbNtzSxw_K88wx71FyDZkwbszo69xUwnCP6g1YcnFU-wOAEbec-AEa6mXzSlnhyr65sTh6xRGTDK1BpocLLif2CSlY4VOlO-qyrGGnjrxoQdgancBxB14Az8biMRifAviq79IrEUigrCbff8EPUXYRUjuWO3q67v1ktAuKkp717yNMUEtRrusX9wMcCs-OdRlM25EHQcLp23h_fETGE7jsNy8b0DZj33DVVKzTOr7DcDxbiSH78ZUodr_QA81w81Qao9Cu1pnnxcFGbDwrV1quWVGyWXQmVz7Qw%26sai%3DAMfl-YS0HQC0tIMZB6Z-xdS2_YWdFcpdKfSRM7BBEc_yooU6B81rxHJanlRmlnBHm7VPvwbmohzceerVVMQTc1Uyw2YE1q_Fw90FagDg5oFsBHKt-VJeHFn-v7g15aiaWVFcgLDpARNFOqkgLX0n1JbsDseR9MoHAXt7xUrPQqhOfzzgXx1auky4F7MYincEOm3iUjpzD76_Vi3HPZ9weVqyXeTyWfTnDcAUPfBCBFJDmyaZkhzOjL_1GgeZENTbrsk9t5Pv2p5429Hiux4bKl61fzPuQ9WkBQz1%26sig%3DCg0ArKJSzF4xJJ5wL9QWEAE%26pr%3D67%3A0.119843%26cry%3D1%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fde-ch%252Fproducts%252Flisted-options%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014485535_20667285515_525707621
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s0.2mdn.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 18 Nov 2023 09:26:40 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
827f2c53d95824c4-ZRH
content-length
0
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
collect
u.clarity.ms/ 		0
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://u.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.227.249.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://folkd.com
Date
Sat, 18 Nov 2023 09:26:40 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311090101&jk=4076639824696142&bg=!n5ylnNPNAAZxrfrxUa07ADQBe5WfONr9RxdC4I-CD9rFCZf-6U0ossRogy_pK7DsV09615RUI6ESpFZUkSRMcHc3BZghAgAAAmFSAAAABGgBB5kCtSRGo2RVhcjxV3KM0jYof59s8M6R8BiayS8RsF6iTMQ3-mskImaCPO2YTheMttDirJxLvsAomLBkh4_qZxQpBrxPjZjaHrmDr4kAYPKJyxQQMFo-_mTGqVSumusaI0GyJr9wr6TL_h0BujUacQy2A4V10XU_H5hgOy3NvjiBakUqSm6s3EDUSIPXazyLkRmGWP5bct0C_ZVTeTJto_4hISGDKBVa5ABCFpzu_XyS4RZVso9M0L1OZVUKV9gTx8RrBJ21LRVsmlsTI4exLwdIJarPLSKnJda6J__FDS_v75B_JwKr97jq338df6FDWVuvb9SeywfOIsI_dQaMDvuAGDrrG39n3gPL7aJdQzVamgbQbMrogaDoIm1ztZJyy21PXbnzVjiylOCWAO1nYlK9LJqfWwdgt263-QPl5QELtl95C4kdG8SQhqyLH44t9HzKFxTsEHNa2GgH4CDBfDBNq3-z2tggye88lCvIhHlE4jgafGSz_08ifAb2ddnqI4agICbhaD8iU9XMLYlHL7H8gq22VKyv9Uvj67LCLU0IFKIuFdOP5n_FA_WaoMCT2NnHGkPiUtGMysEGWTfgu5OI8iouVtf6V3Q2LOTboVVWuyrTxxzd6q7kcJMpjpGrJ-q0M39SAhXQ5lV2e5h9gsQXr06ZJfFw7HseMO4ozULtLN3CzclBY-Kkc0Ly33wwAGOh71ySftsJzEaF6a4gycf73Z3uMbElWeEzeKh6gQtOL2RFoQTV-WyIhOdWWnxLnQg--JSH5stF6Ei4TfH5X1dZRZsi-Wt8CYx8YuJDwMECdfJEGymJB7cqBtFO78MuTKwrgxqojsSF1vOvwWBR8JlAJNYHDgZnXQNiEmPRBdh-bXIm3Yu69IZ3wlTFQUwcEbmzJkQU8f-aiaKwEg5BYjfiuq090Fzh9Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
track.adform.net/serving/unload/ Frame B063 		35 B
626 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=3216836833839915637@@67903448,3661739783862091832,100|1725|0|0|0|0|0|0|0||59|1|||||1|0|0|Aq_-tJYpCVUKkl2cBovbO6-xvRJNZxIN8QBAlX3kYVUe0NyHtcJeEMvBv3gbrIiJkyXi4fDbv2XFowHsTcizlQ2|||01||0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:40 GMT
x-amzn-RequestId
eb596c80-66b6-1752-b68b-e9107360f859
/
kinesis.us-east-1.amazonaws.com/ Frame B063 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
308dc61e01609ee9bd8cdd1c87ced1ad0c4caacb1d62c7fa4f6b5748b054c1c4

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=b2254222711fcd9813d59d63275be04214df3424efb019aaad859991935b97bc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
9728ecd19e46d3f4cadc347f43284518e36ea8be328a85cc1b1fe1ad31fa9f58
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092640Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:40 GMT
x-amzn-RequestId
c2230a0d-9c5e-91b5-9ff1-8f9d89887ebe
Content-Length
133
x-amz-id-2
nuDZbmc252Jx+SCuracuLqQq5ftMH6i662+1MIrf677MCREu5Y+PhKL1z1A7pOMkRRDe/AmEbjdoGGnPl6ph+uYi5Aj+3Ko0
Content-Type
application/x-amz-json-1.1
/
track.adform.net/serving/unload/ Frame 6063 		35 B
617 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=3216836833839915637@@67903448,6219634219645411232,0|0|0|0|0|0|0|0|0||0|1|||||1|0|0|Aq_-tJYpCVUKkl2cBovbO6-xvRJNZxIN8QBAlX3kYVUVwEbzDQL7Z8vBv3gbrIiJkyXi4fDbv2XFowHsTcizlQ2|||11||0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:42 GMT
x-amzn-RequestId
cf30d68c-e1fb-e9ef-92e2-531ef42d06e4
/
kinesis.us-east-1.amazonaws.com/ Frame AFD5 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
1d327636ad299ffae068059342ba5cb440f7771592249a62d02f03920fdd981b

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=c59ec0ddf62920abe258f52014bdf60e68e5f80eee97399bf3ba31e6b4fba663
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
33f3edfc4d178d9737a531285a9a09e852db95dd5218283c2cffc5af59d38f4c
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092642Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:42 GMT
x-amzn-RequestId
e848b69d-21a6-0241-b59a-330f3470ed4a
Content-Length
133
x-amz-id-2
FdHPDyOKqZV4WQF044jgE04dahzRwqxDcQh2dxUZ6i1PAKWokTmsDQ+tPxnGSTNz5nZddJrOoKZKUmELu7hjwHcDa6iB84Bh
Content-Type
application/x-amz-json-1.1
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:43 GMT
x-amzn-RequestId
f5efb77f-7071-c5df-a83d-32ec65a72ad4
/
kinesis.us-east-1.amazonaws.com/ Frame AFD5 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
e3a3b86a5fe0df11085b00384737b64ed640b762adaeebcf55bb79bf3d0be2b2

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=9ccf07a626132df6698faeac4441ead9870a3e89d81ae12f89af57ec8f181db6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
e8297dfceb8df5f6bd8fdb0a6aef8a6970187de2c4b1e9ce49d44377c066dc80
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092643Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:43 GMT
x-amzn-RequestId
e038dd64-bc73-fa79-bdea-58f7a9a51572
Content-Length
133
x-amz-id-2
diMXNzJmLZPQQV2++sqlohk+rz7FvUKLeRX5KbDR2dV0/MK7Loug8R2g8/MGADsEgXCT/J6XR7WeZyBUUm588I7lHRrgws/S
Content-Type
application/x-amz-json-1.1
collect
u.clarity.ms/ 		0
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://u.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.227.249.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://folkd.com
Date
Sat, 18 Nov 2023 09:26:43 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:44 GMT
x-amzn-RequestId
c2f31855-2781-0fd5-9f21-9dc13257e0de
/
kinesis.us-east-1.amazonaws.com/ Frame AFD5 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
0e489f90da1ddbd3ce5990f1cf15e60bf66c903a7e7d9211420ddd1d7dea7d2a

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=30e5900ebf0c229b1e7db9b49046fec474e28d3317775e4ed864902ef868fb64
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
bce98f3fba260e06211e4128c8cfd7364581c32585d444ce1cec1203467b8680
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092644Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:45 GMT
x-amzn-RequestId
fde39c78-d680-5055-a031-19edc356bf5e
Content-Length
133
x-amz-id-2
3AEBgutUBpqfZk37IlpMO6prQHqOlsvKcgiuO54jsqvpWPNWqXhHsMGnURZnNR0uA2UuxJF10EJIfFTy7XXYwcc47GTDE1Am
Content-Type
application/x-amz-json-1.1
dc_oe=ChMIktfVyZ3NggMVBJL9Bx08NgyiEAAYACCr37NgQhMIycjnx53NggMVE6JxCh0cPAX0;met=1;&timestamp=1700299605627;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame FD3A 		42 B
207 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIktfVyZ3NggMVBJL9Bx08NgyiEAAYACCr37NgQhMIycjnx53NggMVE6JxCh0cPAX0;met=1;&timestamp=1700299605627;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
kinesis.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Sat, 18 Nov 2023 09:26:45 GMT
x-amzn-RequestId
c226c722-ac44-a2c2-9ff4-42b7b9924dc9
/
kinesis.us-east-1.amazonaws.com/ Frame B063 		133 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.us-east-1.amazonaws.com/
Requested by
Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.91.171.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-91-171-235.compute-1.amazonaws.com
Software
/
Resource Hash
48c013cc2935b340b9db558dbad7b1836e42b87d38112987d8b4a795f527a044

Request headers

Pragma
no-cache
accept-language
de-CH,de;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231118/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=4a12c2774e7e1b38400cf32af98d2c7aa9735bb32eaff7ca0d25e44ef5c9956d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
4200710e8b7250cd853a7e6b4307e9e691642a9d4706d68be968227227dc8f58
Cache-Control
no-cache
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-Date
20231118T092645Z
X-Amz-User-Agent
aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date
Sat, 18 Nov 2023 09:26:46 GMT
x-amzn-RequestId
f6f962b9-db0b-9d14-ab2b-e72fcedd721f
Content-Length
133
x-amz-id-2
4s1lXOCi/kEOGCOV2bLOlNDcevAhK333KmNB/pKKeTU5bZZ8EqJVm82HTZSzYuIj9jyq+xnLj4cIqVv6+sFWB04QmbZ2oM+4
Content-Type
application/x-amz-json-1.1
dc_oe=ChMIkqDZyZ3NggMVmZ79Bx1WRQbaEAAYACCh8M9gQhMIh_nnx53NggMV6VsVCB32kgEl;met=1;&timestamp=1700299605840;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame F7F0 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIkqDZyZ3NggMVmZ79Bx1WRQbaEAAYACCh8M9gQhMIh_nnx53NggMV6VsVCB32kgEl;met=1;&timestamp=1700299605840;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI4MfeyZ3NggMVzoL9Bx3_SgRzEAAYACDCkdBgQhMIqsLnx53NggMVjtXtCh0JlwSY;met=1;&timestamp=1700299605875;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame C9B3 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI4MfeyZ3NggMVzoL9Bx3_SgRzEAAYACDCkdBgQhMIqsLnx53NggMVjtXtCh0JlwSY;met=1;&timestamp=1700299605875;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI7ObSyZ3NggMVj5_9Bx3U1AJ5EAAYACCr37NgQhMIzLPnx53NggMV-F0VCB1AeAw1;met=1;&timestamp=1700299605938;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame DEB4 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI7ObSyZ3NggMVj5_9Bx3U1AJ5EAAYACCr37NgQhMIzLPnx53NggMV-F0VCB1AeAw1;met=1;&timestamp=1700299605938;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI8ZqIyp3NggMVj6D9Bx3irQUUEAAYACDCkdBgQhMIqd3ox53NggMVhYJQBh2aQAsa;met=1;&timestamp=1700299606006;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 6391 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI8ZqIyp3NggMVj6D9Bx3irQUUEAAYACDCkdBgQhMIqd3ox53NggMVhYJQBh2aQAsa;met=1;&timestamp=1700299606006;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI8_eQyp3NggMVzoL9Bx3_SgRzEAAYACDyh7FgQhMI9bjpx53NggMVQgvgCh3nIAyr;met=1;&timestamp=1700299606262;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame A740 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI8_eQyp3NggMVzoL9Bx3_SgRzEAAYACDyh7FgQhMI9bjpx53NggMVQgvgCh3nIAyr;met=1;&timestamp=1700299606262;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 09:26:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
oajs.openx.net
URL
https://oajs.openx.net/esp?url=https%3A%2F%2Ffolkd.com%2F&rid=esp
Domain
protected-by.clarium.io
URL
https://protected-by.clarium.io/log
Domain
protected-by.clarium.io
URL
https://protected-by.clarium.io/log
Domain
sync-dmp.aura-dsp.com
URL
https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESENP9YORRfZNqM6YO7ywqPB0&google_cver=1&google_push=AXcoOmQ4DfZcBvJqZhnDkgq-ERO5hdQnTO8KXexYoEiOKrweqUeN9oAset9trT9BwimX8SOWe9v-ANBc-b5MQbBTvf68S3h3cM246A

Verdicts & Comments Add Verdict or Comment

266 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| documentPictureInPicture undefined| coalias_debug undefined| e undefined| t undefined| r undefined| o undefined| a undefined| n object| script string| target_url_hostname string| REQUEST_HOSTNAME_ORIGINAL string| route_jwt function| xhr_coalias_open string| basePath function| addBasePathToRelativeUrls string| bubble_session_uid object| headers_source_maps object| load_error_log object| _bubble_page_load_data object| webfont object| WebFont function| FontFaceObserver string| gm_key boolean| glrl_key_status string| bubble_page_load_id string| bubble_plp_token string| _p string| bubble_page_name function| $ function| jQuery string| bubble_bundle_name object| safe_require object| Base64 object| BrowserDetect function| highlight_dom_changes function| local_storage_fallback object| u function| appquery function| google_web_fonts_active_cb function| fontface_webfonts_loaded_cb function| setImmediate function| clearImmediate object| element_performance_counts function| kill_notifier_socket function| restore_notifier_socket object| client_db number| server_time_offset object| testing function| authenticate_as object| document_ready_key function| display_page function| switch_page object| preloaded object| _bubble_watcher_cache number| bubble_version object| __code__ object| optional_modules object| plugins object| bubble_run_derived object| app object| b object| d function| Picker object| translation_data object| language_data string| application_language function| Lib function| everything_ready function| wait_for_everything object| iziToast function| XanoBaseStorage function| XanoClient function| XanoCookieStorage function| XanoLocalStorage function| XanoObjectStorage function| XanoSessionStorage object| $MMT string| c function| gtag object| dataLayer object| webpackChunkStripeJSouter function| noop function| Stripe function| clarity number| render_end_timestamp function| bubble_fn_nav function| bubble_fn_cookieSet boolean| google_web_fonts_active object| fontface_loaded boolean| all_fontface_loaded function| xDomainCookie function| moment object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data function| confiantWrap object| pbjsChunk object| pbjs object| _pbjsGlobals object| mnet object| apstag object| ifvisible object| googletag object| gaGlobal object| recaptcha object| ggeac object| google_js_reporting_queue object| confiant boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_rum_config number| google_unique_id object| regeneratorRuntime object| ox_esp function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| signal_decrypted undefined| google_timing_params object| plObj number| google_srt object| _google_rum_ns_ object| __uid2SecureSignalProvider object| __uid2 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_144 object| Criteo object| Criteo_identitytag_144 object| closure_lm_90439 undefined| google_rum_values object| google_image_requests object| GoogleGcLKhOms

177 Cookies

Domain/Path Name / Value
folkd.com/ Name: folkd0612_live_u2main
Value: 1700299583041x594448178381219800
folkd.com/ Name: folkd0612_live_u2main.sig
Value: qgRW66DTmuXMdzoSi4Pd3YAll2g
folkd.com/ Name: folkd0612_u1main
Value: 1700299583031x839404436071980500
www.clarity.ms/ Name: CLID
Value: 66aea6ffb4b24235b9684f263dd6663a.20231118.20241117
.folkd.com/ Name: _ga
Value: GA1.1.1211143656.1700299585
.folkd.com/ Name: _clck
Value: tu4vqi%7C2%7Cfgt%7C0%7C1417
folkd.com/ Name: session
Value: e634ceb0-a884-47c5-9981-592178c50d0d
.folkd.com/ Name: _clsk
Value: 9k3cjx%7C1700299586060%7C1%7C1%7Cu.clarity.ms%2Fcollect
m.stripe.com/ Name: m
Value: 7dc0ebf0-52dc-47df-aa14-7df21db9fe25fb2557
.folkd.com/ Name: __gads
Value: ID=f6676ae0cc69b546:T=1700299586:RT=1700299586:S=ALNI_Mb_8Yh8MnZHce-l5TVMb7fI6XRqOQ
.folkd.com/ Name: __gpi
Value: UID=00000ccb8be8a1b0:T=1700299586:RT=1700299586:S=ALNI_Mb_FBPpqCanBhi_O_G1TpevmZthKQ
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 8da69046482e342407c32ced6593d15e
.doubleclick.net/ Name: IDE
Value: AHWqTUntWo4pu2mhE02qtczP3_tj-HqTq0mTVeiPjacQiNIXz0tY4DmDKMidAd70OuM
.folkd.com/ Name: __stripe_mid
Value: 1d39c257-2ad7-4c38-877f-c585cfc4f22d0c9aa6
.folkd.com/ Name: __stripe_sid
Value: f6c56f07-fefc-44a9-b9d2-078751563470e8bbfd
.folkd.com/ Name: _cc_id
Value: 8da69046482e342407c32ced6593d15e
.folkd.com/ Name: panoramaId_expiry
Value: 1700385987011
.openx.net/ Name: i
Value: 9800fdff-58db-086c-157c-8f4015c1ad95|1700299588
.openx.net/ Name: pd
Value: v2|1700299588|n0vNvQiygu
.adform.net/ Name: C
Value: 1
.criteo.com/ Name: uid
Value: 3f3b5356-533f-4497-a176-93f407a9c77d
.adform.net/ Name: uid
Value: 3216836833839915637
.amazon-adsystem.com/ Name: ad-id
Value: A3uoIgrTskJ3kV8LS6wRmpE
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.rubiconproject.com/ Name: khaos
Value: LP3UH1V1-21-638U
.yieldmo.com/ Name: yieldmo_id
Value: 3F7MnYYKKoY4yLG5eaIH%7C1700265600000%7C0
.ads.yieldmo.com/ Name: re_sync
Value: pp%3D1181603%7Cbsw%3D1181603%7Cadfm%3D1181603%7Cgoogle_supply%3D1181603%7Ciqzone%3D1181603%7Ctapad%3D1181603%7Cyahoo_supply%3D1181603%7Cmf%3D1181603%7Cbeeswax%3D1181603%7Cneustar%3D1181603%7Caa%3D1181603%7Cb%3D1181603%7Cc%3D1181603%7Ccriteo%3D1181603%7Cloopme%3D1181603%7Ceps%3D1181603%7Cstk%3D1181603%7Cdv360%3D1181603%7Ceq%3D1181603%7Can%3D1181603%7Crc%3D1181603%7Cunl%3D1181603%7Cmnt%3D1181603%7Cliveramp%3D1181603%7Ct%3D1181603%7Cadtrt%3D1181603%7Cbluekai%3D1181603%7Camazon_supply%3D1181603%7Cz%3D1181603%7Cpub%3D1181603%7Copenx%3D1181603
ads.smartstream.tv/ Name: DID
Value: 70c99497079bc5780b34933ab779e2bb
ads.smartstream.tv/ Name: idt
Value: 100
ads.smartstream.tv/ Name: permanent
Value: 1
.sxp.smartclip.net/ Name: uuid
Value: d91a9eec-4783-5865-503b-31686693dcc2
.sxp.smartclip.net/ Name: dspuuid
Value: 10.CAESEEo6ERVL2ClrvEeYd1EMHV4
.sxp.smartclip.net/ Name: psyn
Value: 19679.10
cm.adsafety.net/ Name: UID
Value: CM1202311180971ef8ea428694d7c8b3
.adsafety.net/ Name: cm_uid
Value: CM1202311180971ef8ea428694d7c8b3
cm.adsafety.net/ Name: cache0
Value: L2UzeGVJMkNTL0pzMlRFUXR5b1cvbmo0WGkrUEF5VGxQY3d1MGhYbDhpM1N2ZG1aREZFVjlNUXhJNXc5dmxkVGFqMW1PU1MrbFJKWWIyakRubGR1K3drUEtYcytPa0wrSlZtSHBwdGN5RnZNbGl3bjE1dzdHNXE3OWJadnM3YndOOTBmUkJpVDZFdXZGV0tscHB0RXQ1UVFwbnk0NmROb2ZETmJqMTZjbTlMRWJQTS80eHZQVk4rQUJjT2I1a1BneXhSdFZBQmkveUpkaS9BTFdSekxmeW43anlRbERpdjRCcUlUZThXWjY3OU92SEppa3pFK3FzSHFLTUpaa2MwTDVZTkY2YWpsM2VHQjAzMENPQW1vM0NJYWUxU0xIMjdNV0VkbUlUS3pwTXZtYVMzNWJudzM2bVJQUzVVVTNvVlRjMkVSU2dyYjZwOVFIOUtXZjlLb3B3PT0%3D
.adnxs.com/ Name: uuid2
Value: 7815611394653132251
.bidswitch.net/ Name: tuuid
Value: c6bdb680-a140-4ff6-91da-0f9909356df6
.bidswitch.net/ Name: c
Value: 1700299592
.bidswitch.net/ Name: tuuid_lu
Value: 1700299592
.contextweb.com/ Name: V
Value: FJM5RlkxxPgD
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1o24|7TZ.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 26f68e80abb1b490
.ads.yieldmo.com/ Name: ptrpp
Value: FJM5RlkxxPgD
.ads.yieldmo.com/ Name: ptran
Value: 7815611394653132251
.casalemedia.com/ Name: CMID
Value: ZViDSBAZuaAbVWgtJXAc-QAA
.casalemedia.com/ Name: CMPS
Value: 3260
.casalemedia.com/ Name: CMPRO
Value: 3260
.adform.net/ Name: TPC
Value: 1700299592709
.teads.tv/ Name: tt_viewer
Value: c40bbf0e-625b-43c1-aff2-952608cd164d
.folkd.com/ Name: _ga_7BR5TDFFPC
Value: GS1.1.1700299585.1.0.1700299592.0.0.0
.lkqd.net/ Name: lkqdidts
Value: 1700299592
.lkqd.net/ Name: sr59
Value: 1||1700299592
.lkqd.net/ Name: lkqdid
Value: o_cmc-MsANw
.tapad.com/ Name: TapAd_TS
Value: 1700299592882
.tapad.com/ Name: TapAd_DID
Value: ac66829b-7555-42b0-acf4-a6f8633d8b74
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: SyncRTB3
Value: 1701475200%3A220
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 37931690-AFED-4972-8E95-0357432DF403
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.ads.yieldmo.com/ Name: ptrc
Value: CAESEFCO-CToApRkAG5HCqeWnZo
.ads.yieldmo.com/ Name: ptrcriteo
Value: 3f3b5356-533f-4497-a176-93f407a9c77d
.ads.yieldmo.com/ Name: ptrrc
Value: LP3UH1V1-21-638U
.ads.yieldmo.com/ Name: ptradfm
Value: 3216836833839915637
.ads.yieldmo.com/ Name: ptropenx
Value: 2fa751bb-6358-0dba-12cf-5bc68d0d8bf6
.yahoo.com/ Name: A3
Value: d=AQABBEmDWGUCECSyEOJj4g4c53Db4klnWwoFEgEBAQHUWWViZQAAAAAA_eMAAA&S=AQAAAhW16230H55MR7_SX_QQUHs
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_90256bb1-85f4-11ee-81af-12fa6b58ae11
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-20253dad-069c-5c52-7f08-1e5f8b7c9037.8SGqLj2RQXc%2FALSyKKLJd9iMQWUm94ctI1vOEpZmKEE
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-20253dad-069c-5c52-7f08-1e5f8b7c9037.8SGqLj2RQXc%2FALSyKKLJd9iMQWUm94ctI1vOEpZmKEE
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AICU9rQacXFJ_CB5fi3yQN1LFoQQ.ooCq4MCjzmvKx78VynQ1lXxsfdALaaCL7wKr8Jt33Lk
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AICU9rQacXFJ_CB5fi3yQN1LFoQQ.ooCq4MCjzmvKx78VynQ1lXxsfdALaaCL7wKr8Jt33Lk
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIBvtTawBVVLr0I82ZBk9544lTOQKCLeFfvKnNU-x6VcPEHwYBCDJhuKqBjABOgTwi70wQgQ6ZLrq.Tx4sdbBfnCTlQY8%2B63bdvs%2BHnZun6Z1il9vDrm%2BbYaM
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIBvtTawBVVLr0I82ZBk9544lTOQKCLeFfvKnNU-x6VcPEHwYBCDJhuKqBjABOgTwi70wQgQ6ZLrq.Tx4sdbBfnCTlQY8%2B63bdvs%2BHnZun6Z1il9vDrm%2BbYaM
.ads.yieldmo.com/ Name: ptrstk
Value: ICU9rQacXFJ_CB5fi3yQN1LFoQQ
.ads.yieldmo.com/ Name: ptrbsw
Value: c6bdb680-a140-4ff6-91da-0f9909356df6
.pubmatic.com/ Name: pi
Value: 160648:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.bidr.io/ Name: bito
Value: AABcLU7KsQcAABQNiJcdwQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.bluekai.com/ Name: bku
Value: jsA99WZeVsPOd4XO
.bluekai.com/ Name: bkpa
Value: KJy9vyeDd02pSUHknp/tmEQywthoqVk6wE9ZSVx216RlEV8jVD+nqNA6KDhcBVPCuDQe9Yw8ePX=
.ads.yieldmo.com/ Name: ptreps
Value: AAAH_a2zdIOBtgMm6UK2AAAAAAA
.folkd.com/ Name: cto_bundle
Value: Asa4I196MXBnNEQ3STI5RU5CWDVZSmpFWXg3UkJOYUlKdVR3MjVsVWtDZ2g4SFJWVmhHdzZKeVFYTmZieDc0c3ZyTlg4JTJGS2JlOFNaUkRqUHpQM3d0UzdrZzBXaXA5JTJGRnBXU3p4NFc3dkdWQjBJcHhaTFZ4ZUxHYkdJYzNIMHMza2dRSU9FNmhiVXNNZ1lya0JrRkMxNkVKaTJnJTNEJTNE
.turn.com/ Name: uid
Value: 7427790401613152250
.mfadsrvr.com/ Name: tuuid
Value: f8528bcd-c48c-4b08-b45f-da71def8b187
.mfadsrvr.com/ Name: c
Value: 1700299593
.mfadsrvr.com/ Name: tuuid_lu
Value: 1700299593
.mfadsrvr.com/ Name: ssh
Value: !yieldmo,1700299593
.csync.loopme.me/ Name: viewer_token
Value: 8da16270-01e1-4ae9-a9ef-e6d3929feadd
.ads.yieldmo.com/ Name: ptrbeeswax
Value: AABcLU7KsQcAABQNiJcdwQ
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEPQI7RhhaJHuf_tinkwX-uw&KRTB&23025-CAESEPQI7RhhaJHuf_tinkwX-uw&KRTB&23386-CAESEPQI7RhhaJHuf_tinkwX-uw
.pubmatic.com/ Name: PugT
Value: 1700299592
.agkn.com/ Name: ab
Value: 0001%3AQXOHitFumDF4SbJqwgIUeu0HjA1LWSkZ
.ads.yieldmo.com/ Name: ptrloopme
Value: 8da16270-01e1-4ae9-a9ef-e6d3929feadd
.ads.yieldmo.com/ Name: ptrmf
Value: f8528bcd-c48c-4b08-b45f-da71def8b187
.ads.yieldmo.com/ Name: ptrpub
Value: 37931690-AFED-4972-8E95-0357432DF403
.doubleclick.net/ Name: ar_debug
Value: 1
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-906d15be-1972-4e9d-bd7d-18ae1ca45bb1-003%22%7D
.ads.yieldmo.com/ Name: ptrunl
Value: RX-906d15be-1972-4e9d-bd7d-18ae1ca45bb1-003
.ads.yieldmo.com/ Name: ptrmnt
Value: 0000EEA
.smartadserver.com/ Name: pid
Value: 1294189168542668504
.ads.yieldmo.com/ Name: ptriqzone
Value: 67f036af-1246-4bd1-8134-e3f3f56ed685
.ads.yieldmo.com/ Name: ptreq
Value: 1294189168542668504
.zemanta.com/ Name: zuid
Value: 9psMZyZgWRBqhL64z9lh
.de17a.com/ Name: guid
Value: 1.3657541155867478280
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22E695C3A9-E541-461E-1619-026B2E3A9E52%22%7D
.3lift.com/ Name: tluid
Value: 1788061721650807874254
.adfarm1.adition.com/ Name: UserID1
Value: 7302731153930909840
.simpli.fi/ Name: suid
Value: 8C18D828AD01465CA9B4276E35A499E0
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 6d41539503ba9ffa
.360yield.com/ Name: tuuid_lu
Value: 1700299595
.360yield.com/ Name: tuuid
Value: 7e30ff5a-2c2c-461d-9bb4-b0f4f9c4c374
.tremorhub.com/ Name: tvid
Value: bb03f4953a9b41b6bc1f4d5ea8bc39b9
.tremorhub.com/ Name: tv_UIDF
Value: CAESEJDbE3YlkLvv7PmQpmwKBXY
.tremorhub.com/ Name: tvssa
Value: 1700299595227
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_-OSMXR2dA129Uny9Sz298usNDXPCivKN8oO9bKMSg7iNTQ3MDCytDS1NDUyN3rFiMoHAI9oI4o9AAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MStrA0sTQ3sjQ1NzO3sLQwMjG3NBHiM9Q1qgxN9Q8oDspOCi8EAA7RGrYlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MStrA0sTQ3sjQ1NzO3sLQwMjG3NBHiM9Q1qgxN9Q8oDspOCi8EAA7RGrYlAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_-OSMXR2dA129Uny9Sz298usNDXPCivKN8oO9bKMSgYAaxrzaB4AAAA
.mediago.io/ Name: __mguid_
Value: f34e969978f0b1271k9hgw00lp3uh87v
.adx.opera.com/ Name: UID
Value: OPU6931a47b35cb40fdab7f3622393ec93e
.yandex.ru/ Name: yuidss
Value: 3310811711700299595
.yandex.ru/ Name: yandexuid
Value: 3310811711700299595
.w55c.net/ Name: wfivefivec
Value: U6cfIlFF1R4hB15
.quantserve.com/ Name: d
Value: EAgBCQG6KoEA
.quantserve.com/ Name: mc
Value: 6558834b-86d8a-00105-18c46
.w55c.net/ Name: matchgoogle
Value: 5
fksnk.com/ Name: AWSALBCORS
Value: G5rhcnYnvT1z11ihwW/xurYcopnvPoB81sGw4jPmlkoFxKSdq+bFQkuiIZ8Ky1SUmxEGEpM8tK+iqSSB1uiNTDRvgpQx2wH5CZzLKe/kFdqk86SQ4329eybirWyt
.fksnk.com/ Name: f_001
Value: 7BF9978BBB00509A
.fksnk.com/ Name: g_001
Value: 1
.tribalfusion.com/ Name: ANON_ID
Value: a1ntmIMwTkE6XlypqpMS03Mj2CTDbdTCqqi1tU0YOlI5OhbMjuZbqDCTciCW2H16AHYlu9VSAPZaRfGG4pfnR77uZbu
.c.appier.net/ Name: _auid
Value: VvcWVGVvBtq1tfYUTINYZQ
.c.appier.net/ Name: _gu
Value: CAESEF7-SG7CLoSet3-m9XqLLsU
.sitescout.com/ Name: ssi
Value: 649816e3-acbd-454b-bc2b-add3b219c3f3#1700299596262
.analytics.yahoo.com/ Name: IDSYNC
Value: "195t~2f49:19e0~2f49:18vk~2f49"
.sitescout.com/ Name: _ssuma
Value: eyIxNSI6MTcwMDI5OTU5NjMxMX0
.t23.intelliad.de/ Name: iact
Value: 0001D00124CBF04A22412C55BFE8DA68AE29
.t23.intelliad.de/ Name: iaimp_42842
Value: 1700299596:42842:100:137:101:248:101:202311180926364034823b32800a84
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.awin1.com/ Name: awpv11467
Value: 414915|1700299596|920ddac0-85f4-11ee-819e-22341370d01f
.awin1.com/ Name: awpv15168
Value: 414915|1700299596|921024b0-85f4-11ee-bbbe-22643cd2ee20
.adnxs.com/ Name: anj
Value: dTM7k!M40]D>6NRF']wIg2C%1u[0BY!A#Ez.TOKKnyW<U1`VROYQM-:=7[=_<VEu+Cg)q_M(QwqD@hApa$`@%`V`GR/X%W#.wLP*6:R^]a013aR)ke>d`P`M'!FlV2SF[i8m%O(@'s>TG#xf-
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxQM1VIMVYxLTIxLTYzOFUiLCJleHBpcmVzIjoiMjAyNC0wMi0xNlQwOToyNjozNloifX0sImJpcnRoZGF5IjoiMjAyMy0xMS0xOFQwOToyNjozNloifQ==
.acuityplatform.com/ Name: auid
Value: 853692979260
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRXg4DhWMmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUV4OA4VjI90aGlyZFBhcnR5VXNlcklkWkNBRVNFTHlhM3dVS1JET0hwd2o1VGdhUXdyOPv7hnZlcnNpb27C+w=="
.dotomi.com/ Name: DotomiTest
Value: 79f2dbbd7f0a18d4
.connatix.com/ Name: cnx_userId
Value: db1cc10976424915a461d0cc1a69b90c
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-906d15be-1972-4e9d-bd7d-18ae1ca45bb1-003%22%2C%22nxtrdr%22%3Afalse%7D
.blismedia.com/ Name: b
Value: 6558834CC9874D3D721C3E7CBLIS
.awin1.com/ Name: AWSESS
Value: 346432:2246412
s2s.t13.io/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsicnViaWNvbiI6eyJ1aWQiOiJMUDNVSDFWMS0yMS02MzhVIiwiZXhwaXJlcyI6IjIwMjMtMTItMDJUMDk6MjY6MzYuNjM1OTMwMDY5WiJ9fX0=
.ipredictive.com/ Name: cu
Value: f6b8bdba-2eaf-4914-82cf-9030d4a5ff98|1700299596604
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZViDTAAAhugB2ABU
.linkedin.com/ Name: bcookie
Value: "v=2&d36b89e4-6cb1-4aca-80e6-74b9e5f22d77"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDAyOTk1OTY7MjswMjEAMPwZ6nL8joWQ7hCuzA2PNkhJjfsniKGi0ZSXZPYOlA==
.linkedin.com/ Name: lidc
Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2639:u=1:x=1:i=1700299596:t=1700385996:v=2:sig=AQHBJA-xClVQ27Usyp7BZjXrFdtM9Umu"
.lijit.com/ Name: ljt_reader
Value: HrRWqQZHIY778zB1T1OVMcYz
.omnitagjs.com/ Name: ayl_visitor
Value: b3c2285665514ca3436584f72c4770f7
.lijit.com/ Name: _ljtrtb_80
Value: LP3UH1V1-21-638U
.primis.tech/ Name: csuuid
Value: 6558834cba9fe
.rubiconproject.com/ Name: audit
Value: 1|00STQQAk7N+pNwnqfBcW1X5Ln1brdXkmkOvROtab9LI9CtRIgcUWfPau3iWZfkBeIW2Wemg8UfBTPoTeSkk3C3gfueBqVrcao/tlRvXUbEGgGqWuFjEEMKQv3WQme+lo
www.conrad.ch/ Name: HTLP_timestamp
Value: 1700299596885
www.conrad.ch/ Name: CEAffHA
Value: AW
.www.conrad.ch/ Name: __cf_bm
Value: 7lGQffi9l2GPLixzsgJZbYztLwUaIFYjjqiNHUwgNz0-1700299596-0-AQ88a6NIzRVQsGdI1LSOXarG/KlKZ6YusOPoV6CxftJxLTcSl9hBYxIsTf5l6zEtB3C0XRzgGBg7kX0EBtztRRI=
.undertone.com/ Name: UID_EXT_47
Value: LP3UH1V1-21-638U
.smartadserver.com/ Name: csync
Value: 104:LP3UH1V1-21-638U
.conrad.ch/ Name: __cf_bm
Value: L4jUeQEqVIdOML5UvJdO6Dpxm4v2bMD2uZ4Q83LWUOw-1700299597-0-AQZkE3OymyOkYWNmwXmq5N3v6gMvTMeaF31NsZALDh7J4J/GbpCTLpjd7ltZdQSy3FHtwRs35sfcHCcavzamGRc=
.aniview.com/ Name: 1_C_5
Value: LP3UH1V1-21-638U
sync.aniview.com/ Name: 1_C_5
Value: LP3UH1V1-21-638U
.bing.com/ Name: MUID
Value: 36669896F0C06FFE1AB98B5BF1CB6E21
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 36669896F0C06FFE1AB98B5BF1CB6E21
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 36669896F0C06FFE1AB98B5BF1CB6E21
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

6 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
javascript error URL: https://folkd.com/
Message:
Access to fetch at 'https://oajs.openx.net/esp?url=https%3A%2F%2Ffolkd.com%2F&rid=esp' from origin 'https://folkd.com' has been blocked by CORS policy: Request header field x-coalias-route is not allowed by Access-Control-Allow-Headers in preflight response.
network error URL: https://oajs.openx.net/esp?url=https%3A%2F%2Ffolkd.com%2F&rid=esp
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://idsync.rlcdn.com/397286.gif?partner_uid=3F7MnYYKKoY4yLG5eaIH
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESENP9YORRfZNqM6YO7ywqPB0&google_cver=1&google_push=AXcoOmQ4DfZcBvJqZhnDkgq-ERO5hdQnTO8KXexYoEiOKrweqUeN9oAset9trT9BwimX8SOWe9v-ANBc-b5MQbBTvf68S3h3cM246A
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://id.rlcdn.com/709414.gif?gdpr=0
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=63072000
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io
a.c.appier.net
a.rfihub.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.doubleclick.net
ad.sxp.smartclip.net
ad.turn.com
ad.yieldlab.net
ade.googlesyndication.com
ads.smartstream.tv
ads.travelaudience.com
ads.yieldmo.com
alliance-11536.kxcdn.com
an.yandex.ru
analytics.pangle-ads.com
ap.lijit.com
apkainterior.s3.amazonaws.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon-ams3.rubiconproject.com
beacon-fra2.rubiconproject.com
bh.contextweb.com
bttrack.com
c.bannerflow.net
c.bing.com
c.clarity.ms
c1.adform.net
capi.connatix.com
cdn.confiant-integrations.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
ce.lijit.com
cm.adgrx.com
cm.adsafety.net
cm.g.doubleclick.net
cms.quantserve.com
contextual.media.net
cs.admanmedia.com
cs.lkqd.net
cs.minutemedia-prebid.com
cs.yellowblue.io
csi.gstatic.com
csync.loopme.me
ct.conrad.ch
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
esp.rtbhouse.com
eu-u.openx.net
eus.rubiconproject.com
everlighten.com
exchange.mediavine.com
fallandfallow.com
fbd94d18e111058971afd34c43aff6e0.safeframe.googlesyndication.com
fksnk.com
folkd.com
folkd0612.bubbleapps.io
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
google.partners.tremorhub.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal90005.redintelligence.net
hb.yahoo.net
ib.adnxs.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imps.monu.delivery
indotoursadventures.com
invstatic101.creativecdn.com
js.stripe.com
kinesis.us-east-1.amazonaws.com
live.primis.tech
m.stripe.com
m.stripe.network
match.360yield.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matchadsrvr.yieldmo.com
monu.delivery
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
partners.tremorhub.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
protected-by.clarium.io
px.ads.linkedin.com
q.stripe.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.mfadsrvr.com
rtb.openx.net
rubicon-match.dotomi.com
s.amazon-adsystem.com
s.seedtag.com
s.tribalfusion.com
s0.2mdn.net
s1.adform.net
s2s.t13.io
secure.adnxs.com
securepubads.g.doubleclick.net
shared.bannerflow.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
static.yieldmo.com
storage.googleapis.com
substackcdn.com
sync-adform.ads.yieldmo.com
sync-beeswax.ads.yieldmo.com
sync-dmp.aura-dsp.com
sync-eq.ads.yieldmo.com
sync-iqzone.ads.yieldmo.com
sync-openx.ads.yieldmo.com
sync-pm.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.aniview.com
sync.inmobi.com
sync.ipredictive.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.adx.opera.com
t23.intelliad.de
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trace.mediago.io
track.adform.net
turkeyyachtrentals.com
u.clarity.ms
u.openx.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
usr.undertone.com
visitor.omnitagjs.com
www.awin1.com
www.bigacrylic.com
www.clarity.ms
www.conrad.ch
www.folkd.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.novalabcardiac.com
x.bidswitch.net
xeqe-t3lw-i7hv.n7.xano.io
xsync.iqzone.com
yieldmo-match.dotomi.com
oajs.openx.net
protected-by.clarium.io
sync-dmp.aura-dsp.com
104.16.137.79
104.16.203.66
104.16.80.126
104.16.89.20
104.17.201.110
104.17.25.14
104.18.187.224
104.18.24.173
104.18.36.155
104.19.241.24
107.180.41.157
13.107.21.200
13.107.213.44
13.107.42.14
13.32.121.122
13.49.34.168
138.201.63.150
138.201.63.165
142.234.204.77
142.250.181.227
142.250.184.226
142.250.184.251
142.250.185.138
142.250.185.162
142.250.185.164
142.250.185.226
142.250.185.230
142.250.185.98
142.250.186.104
142.250.186.162
142.250.186.35
142.250.186.66
142.250.186.97
142.250.74.193
142.251.167.120
147.75.84.158
148.72.215.239
151.101.0.176
151.101.130.49
154.59.122.79
162.19.138.82
172.105.220.23
172.217.18.6
172.64.144.166
172.64.146.152
172.67.221.51
172.67.38.106
178.250.1.11
178.250.1.3
178.250.1.9
18.245.60.65
18.66.122.80
18.66.129.71
18.66.97.81
185.172.148.132
185.3.92.76
185.64.190.81
185.86.138.153
192.132.33.68
193.0.160.131
193.108.153.6
193.135.9.130
193.135.9.133
198.47.127.18
198.47.127.19
198.47.127.205
2.22.242.10
2.23.197.190
20.127.253.7
208.78.227.195
208.93.169.131
213.155.156.184
213.19.162.67
216.239.34.36
216.52.2.6
23.227.38.65
23.32.185.192
23.35.229.251
23.35.237.56
23.56.205.163
3.122.5.52
3.122.6.226
3.124.138.165
3.124.81.102
3.221.35.16
3.73.198.115
3.75.62.37
3.91.171.235
34.102.146.192
34.107.140.113
34.111.113.62
34.120.107.143
34.149.50.64
34.250.128.111
34.252.83.133
34.255.45.246
34.91.62.186
34.96.105.8
34.96.70.87
34.98.64.218
35.186.194.101
35.186.236.140
35.186.253.211
35.190.0.66
35.190.39.111
35.193.186.65
35.208.249.213
35.214.182.220
35.244.174.68
35.71.131.137
37.157.3.20
37.157.5.73
37.157.6.243
37.252.173.215
4.227.249.197
44.195.95.27
46.228.164.11
46.228.174.117
51.38.120.206
52.10.73.64
52.213.192.203
52.219.62.108
52.29.13.21
52.30.78.43
52.46.143.56
52.49.140.195
52.70.105.17
52.87.37.157
52.94.222.140
54.171.40.33
54.186.23.98
54.194.65.19
54.228.90.72
54.229.22.54
54.82.239.169
63.215.202.169
63.251.14.3
64.202.112.223
65.9.66.122
65.9.66.123
65.9.66.30
67.202.105.23
68.219.88.97
68.66.226.83
69.173.144.138
69.173.144.139
69.173.144.152
69.20.43.192
70.42.32.191
72.251.245.179
76.223.111.18
76.76.21.21
8.18.47.7
80.77.87.163
82.145.213.8
85.114.159.118
87.250.250.90
89.149.192.74
91.228.74.168
95.101.148.20
96.46.186.182
98.98.134.242
013cca5b5676b815201b3271ab86133383cba9435c42577efbf97733673c7f14
020ac78f7f1ff25d10232c164747af7577310f15b678fa42cb72ff9a66ced18e
0227847b36c05f5f0b26af8ed48a6e114319dd955c1ef531bb1fc1a92d2ee200
02d94faca3d14702a218b665b80e959d6e1ff1855af8e19f18828b28a176572c
03d545202ded079b782dd3003825ccaade849837a71c704904e5c9535d91c7b3
0655eb765e4ca1907a3a264e8623001bac8a3bac2db2f464cac829cf82724df4
06d4ed528b2668b4a7b7cf6504168965a4865f5a1194944d1aa421a25023a771
073d91268a1870e23cbe6d36d477e5f28d291ebd4fee55837fc2d1294bc657cc
07a10e3912e7a681e810c7cc0cfb13868b18acd4feb6ba57c90598a22fdc9d11
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
096b029c8f65acc4691e0f6c4c6d1d3a049e3dab8754d2c2444a1e9612c8ff6b
09d37d5154f46e118abb3adead8557c6094198e959b823fdd29aa224aa90ab87
09fa48367ecdb31ccbb365e0428d3d7bd7f32f48890b84d2e6c6ab9d2b12e3f2
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b26090b7c2ddac21b5731cd0dc5ada44fd88d3b7ee421dd8ddc0a7db2b12c70
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c42c23a0a15b19aa34fbf250c2ef3717f98169f8f123875936de604ca03070a
0d577c4e3322bde16705cadba354e3ed55b73d42522801c8f510d6a175f7c2c6
0e489f90da1ddbd3ce5990f1cf15e60bf66c903a7e7d9211420ddd1d7dea7d2a
0ee9e911116d9c87ebf25b8d22119d94618cbe958de58d405af3b58226eb3932
0f704d05dfe66a5578584fa0e057739e66bd0a9ad820f2efa7ccded63d459518
11d4664d0d48c3423c1eceb34ae5195d8edd83095ecaae3473aad0be154affac
1226b33d464b11a65c26bd6670be3cf1d1ff966b2a4df1d76a11ad5573e07038
12f803faa28a1090ee2ab1b5af6bcd94f810a929de20032ced4b2554343f2a22
13a98b9416e587b6aac281b68031fbc9fdfcc4e6870925efcf7416251f0ea912
147efdcd30700ea8ee1850b95753da19994ed750cf14bfc5ce2e6d9ad8510b30
148786284342af63df57c33534fa5940616d81a9d181b789016dfdc2c26f1da5
14f58d534c595bf9b24e8f67fbfba7a9213884866ed47888cc10ec5525b41777
151404956e95c45f664fa64aed55fecf36bd2ec62d827e88a9041c982fa4978a
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
17a676d0e8889ed344c64917a3a57efe9e39250df9742350d989a9844212a84c
18a847f8474bbd62b4a8e5d7fc404c2d3863b05bd4e940750f7bf3fb31c78430
18ae936e604734bfd85ff6326793899e161dcbcc0d77a2965f8c0987d3a92276
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
19cbeb05baac849fb316f19a755fc1da294c6a4f0b37f409c11e4679508425b2
1a87985707fa8a2cd12b5d3879626eccd92c19372ed032b91a7c6f9ea00b6ea8
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bb97dd60016de95a8169a1c84586724bebe58a03649b506aba1987a932a4466
1d327636ad299ffae068059342ba5cb440f7771592249a62d02f03920fdd981b
1d866e48ac9d2656bddf3141b162149b3189273e25966d8faf6acbb39a6b84d2
1dd86cb37e04b9e124ad93294217f54f1cf35b72d2bae1ed4846d9177a05c74c
1f0921a5c3540ef04de89142791e9b85306579df18e65d2767f41b37959966ed
1f40994eab15b92af5183f9acf338e0354771054c65024e0aa679b6506f9eb87
1fc2252c5da3649f63a8e90116a19c1c634e6c2215317095d63b49b524a4d73f
200dc7bef742f1444cb61f8815c670559515190e8c26b22d2321d97f0b9f772b
208d9ab59856c960e751717d6bf40cd27694e5e8757564dfa3e4c6c2c0f7f2e1
20ae5dc783ffb374c29d7c2ef693b1a9c7284563c0c5ad71ad77c7c910c0ba89
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0
223ec4eac02d22c26be2659a29c69fac16b134c2a66196987cff4432b247646a
25679e64b105c0acb0da7fe3cf9f7988027e9511a28c536f5ea322ac08e642dc
267f1354fe7b08e720a91d3ca48cf802087db8f658d26ca558e54880ce3059fa
2ab1ded33d18a89f96ce577f9372e79ee2022f2313647a09161a8bae80dc8e42
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f927ce89e494920f20f9c0d4c8929e2ac47fdc14cc07e6a070b68ea8403fb2d
307279644d7cf64dc9ee86371da7a27bb581695aeef145df65476f1f0364b990
308dc61e01609ee9bd8cdd1c87ced1ad0c4caacb1d62c7fa4f6b5748b054c1c4
30bafe40ccf71cd8cdafc5581e7890fda5a546f99a2da47796cb0bdb5b8b7b95
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31ff461e2c4e5ccfbe47646d347d16534653bf97f27d77cec25d7a01c69e03e1
3241e80b7b99491ba2cc7fa20c6e4949041dad7c3c88e17f8dffb8ae98fd4f42
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33d5b396bdd7a6afc2e6376da1b5f586e259279936eedb812544d06af90e63ad
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
3633901d9d73355d7ba291d8bb97b3a246ba6401ae6f43c9eb1b00e62a690adc
363ece8c816f666dd2bf617134a1c8ef30537e73ebb32c5effd97936ef25099e
36511258467f9290c3b117b3a57a491310f6de44add47faad5f84188583e948f
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
391745d698a9b473b2246c5c425b2c0eefd8afeddb702284646be40f6f70d57c
3aba039046e512852b23c8803ecbd8a1655f73e9b59dee90cc290efe8d96db3c
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3d3bbcce6345215d799c1e611f7eb94807ec546399b323776989a2757ce4f311
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f1434713cc9a02f37a27819793d64f704cea094f8fd400044d75b0c2ed12094
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3ff82dec40aa2466d0c7a0ebf77cdc40c2d938ac6a32f36d825834513d2252fc
4118cacf914cb83c6e62f65bd76d189c4a9110f58027377465c40450d4808e89
416cc84a616af23a376fdbde89ab232ee577e14730465b2d50ccae0aa0be6499
416d585830fab35b1a584df727b30e059cf56efee8bc0d95f90e40f9859209e4
41b53deb6e49a3e64b6e150e7fc0b4be3dd5766d8ff7b25f4a25b10bd3ad7003
42f3bf00b98db3a1546c6738ebebcc11ce41bffa2e1f24c022c2f9392938d597
432501d7bf47b128295c61f72eeee2e5c2d33755f85db43ba89188408ab9389d
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43b147daf166de9a545ad7477e74776d5e51ce152dd970a7edda8d0dfa65ad4e
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
44ecc66f68a78f1b410c9ea65e7fe807bce38569356a51b1557c6a274d6dc410
450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b
453b9181fc79425a085b4b893c52831e09deec9346bf79e92a8c2c187986a431
45e41aa5f55540e62316758edc0560f43737cc69804263b30c8a2f557cc3aaed
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48c013cc2935b340b9db558dbad7b1836e42b87d38112987d8b4a795f527a044
49fd2920b43a2de02ced9a47027f47fbfd495a129a40718a737c4179e60dd98f
4b04f31bb1731eaf9401a6633c37f2f33959383fc0e08bfbae6476a693ac82e8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cbc677a111c2e1fe5f84b45e6f8fa13eb6cf56d64e0ca23e12ef126f4f6ed1c
4dfa6580a31cb84d795125a78177f0d300e99eb3fecd99eabc47a354b651e653
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e302f8884baa257417fe26034562b90c6465e48828ec275e5271ab34b90ab19
512bd35e41436af9a61145ade5729184acda48c2be02a1365f3942720b0ab1d9
520d2e0c92f833cee907083d9adf998a97b6af5df0ee65b3ef4680896a3118d8
53997c9f85e994b7f2c9d877724d7c3146215b2a71bca991dc9c9e80617ce4ad
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
549750530a92f022fa97ea084c8c567b8e64f53c4a61585e8acdf59942869b32
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55cf3f05f0e211dd54b171882d3ec539b9e4ceb35757e6d24b453d34de6647d6
55ed173209f7ec86b28240d8c2ecebe894742cffefed38a4de734d35bbf8d9f2
58550bfbd57abaa8f64bf8a14889e10a3726eaea36bf0c08a9f613fc29916c17
58691537f5b8ea9dbac282289e57581dc2593cb5a21d551f1d67bf0be6fd995b
59f08142a11e8c95a3410d3e2eb278ccfbb96522658fd1e51b6e5109f1adf536
5c2e3d2e8d09e0ba77d54f73668be73765b97df06209c0fd0bdd92cf1811ac87
5ccbc19aee4d008d9c3c70a74c2f51937bd927db8e572db4a406b4368180a7d2
5dd2933630b679eccd953acfabd5bf163c48bcf173680c3962315af19a3802f1
5dd6869cd5c5617dd2d16d966a95ab76178ab37e129250dab0d9ce9dbb30f98a
5e700835ec05293a3d0f9e354e7d038319d34521cd279e782198dff6d1dd58f2
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
5fa8401ed118fbb119282f02964c88b75f94376250abab0e186dc8ce97693bc0
602755e28bc168e7f5a6929830e2520444884bd89b45876954e6cd1168608e5d
60e18ffe8d8758ff4e0e66d907766c3b02a4ace528ef09abec8b4cc6d5b8bca7
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61d2c60a6a7a8e49cd24b5dd5d1bf0af369dea6e2056f3a9957ee604982b46df
63048d3da9b8ef24703db0cb353c4bec041d9acc3575b407755a5affda7eb9db
65fa365e0f8b9839c5933a2cd3552a00769d83f00ea7f78de4bc95c6a14056c7
671420dc598786680012065f82e83d76374f22ae2dda80a2747726a4d623db81
67a3b833bb6acc2b54e00118653dfe9a87b1caa15d7b9bd93646bf81c6a2c5ad
686e328bb99a6f1cb897023e1cf2bb20907efc895069fe086005a84fb80fe1c9
68e12a98552e1d10d74c35c38a6324b2ffc6e1b552ca386894875ee9b60ea169
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e90ce9f36bdb6893c0adf22eb844062cf9966f1c9d1bc2a209fa1a193548972
6f5f67c7b2bc45acd339ab8a39009ee0e49f7914b90177b6561fb491277ac11e
6fcb443cc472a6b6913f37de8b9c8698249114cc46f2130f23531f360666d1f8
6fcbee980e745d60a339bae632746b8c28da2eccb95afb4e4ce2b98ed1015a2a
6ff4dc588a37d8b57ff1ca89386d5c0f43a55661555ac14e8251682928f593a8
7005ea1af5dc9e891dbefa07e9f26a2f4ea1eafc2f7bf5e18808abbba73a681f
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
741ccca2299b5025bd8aa5e0d79e267ec8b543b23a294f2ee2d054e67bf1ed33
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
745097fdeb0ffd3d61c322f951065a79ea6cde580a5746b312028d2ab4995dd3
76621d3b2561de39d3266e42c194d7e0265989a375a2e234be586fa227573e8c
77882812956b4fa5e7fbee0491c6f732c9b61012e843a61d88d45332c63bb876
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
79279097afd1b8895450cdd6b54654852622d309ece138d4fed87f0fe5ab9f92
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac
7bdcaf0ea3548e1276a0f200bada6b8f08cfa8a6f7580a609204216e9eeb1085
7fa7d6e3b4039b59b4d4721ea7e523a42a4dc0b56405829df9f8696f8550fa01
7fe686d98f9082ebd917492c9b1faf52494e8a56c575dcc402430155e63508b5
80958b705988fc97f2179c7a83acfc7353d1145e50ffd2680bbe3e08254708c2
80c1a71b0825d5c2a91d238da77ede821f8df46b20974aa774f5bc03aefe6a45
81e4ef1f48ace427c6c0c1d2163dc5199e0c6e61fabafc20290daca301bbb24d
81f4fc44df20e94813212c50d444db1a0cd067f080dd6f5da9b3076d03664328
8201b5c040cc1a6478e5738920ca0b8458705c85e7a8adfc149f225aae121f0e
8232c972bc1862b2d36987930a1a882a2150cedae28cb920c943834b2b6edeb2
82cdf6256a99f6ad20720f85809e640d20fd45dcb474d1e6a230b90961121f80
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83468c563af63d83ee93ca292a1b82870c18e21b4a4b9d8e35bc966a983c21b9
84221e6c0c5f950b44d38a40bc19ffa9a340b2a5d207cb6f6461b84d474f2555
84880c4ea9a3a1bba298d8ffeb4f8475ec6d06b934786e1125fc943ba71865d0
84d20d6d9646eac4d68b2ef87e2ba5ef7131c4f7831be173c4fc2819074da6e0
84d5a19c33c97c3c9f15c06922e09fc158b5888195afafd4d7461ec6edead15b
87fd954d30a35512f1f8a39e7dd1217259283769d03253d48205017cf9322102
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
891662eefdc7e00791f5c3ea2ffd20f8ff597d6cd4ccfa5c3e539219560f1dcb
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa32b246bf265aa153692960b6f7825275d97c8bc33df4957c1020166c7582d
8b6e88cad582b90c8a2b96b27bfd31501118856fe08346ec86ec4f9e24033018
8bdb773cc106f613774d2d67d669a1328d3a2eccee2ebae9d548b9dbe2b925ff
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d78cd221109dc7d9d47e6da003ae19ddbe16eec1b920aa89d14315ffce597da
8d7b040cf2fefc51059b1ab5ae11b5a4c405b3ccd7f4b4e8c9d6d4a862b5cfb8
8e6e6907d263851c3ac40a80f9f764e325ad44ffc17ca3f9b3839777cba161fa
8f1412b596f1427cda3da117b1e97398b69f0ca969a9e953c9b174b4e76132b8
902f47bc9eeb026da8cbcef8c7ec51aaa1f73bf7ca587c8694cceb36ff91a92e
908ee4e8be9d2335eeccd1de048cc36aa6ef2a7998e06618f8c68c4759626a60
90deaa6ce62764135079beba976e8df57220a817e759914adf09626153f38c16
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
929a8778efb23891b66c2d9c86b2ee1c65b3352b3fa115f7123e0b35f6bca7e0
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905
96cfca84d103bace221aa5de8286adf52d69cb0a81e61efde4e6322bc4e860e6
97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813
97d540b74750a8d5afe4ad131efa7bf7fbbce86f8bc8fc02a169c540732763da
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b8e43e8a8b2029c0398f8d807eb7f41a8a0130e801ab47ab44247d828f795e1
9c7446a8d736c678fbe101311e91becfd7087ee25c7ff33137cddbf625e4d93d
9ebdca8d12ecd966a87e3ea10f97022f0fdb6d6301343bd966cad1800f9d8d3f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0ad94df9c55774d3d2096266cf11876aebb5df34852bc36f08ef5e59cb40da8
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0f95dcad4811c2b85289326687f5e63764a1a24b5f8bd2d4ad59da3858f7992
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a12214c7152fa53989558a11655c0baa1d8e9661a7212f496cd69d634cc99384
a137f2dfc6b798320f0ad590149faa424ef840f2559cbc5117ebdf6d4452a1c3
a147a96bdbacfb14e6f26165ecac2bb4ab9931ebbe1f7bb9d0dee972f3d70faa
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a1aca13a5b24687b2213a2a9d87cbd7f140a6eb4d4db480d4867a81a433813b2
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a2d0f6ddb61cf9ca595257ef522206f6a7d882396576373f1e222f5391fef812
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5abe8089bdb91d82085c366c3de689cfc28c55926c0e87890bf631dd91d42af
a95fbcb656330c53db4bd4098df6d59904e80c7dd4e6764c262cd16b4a3f7ca0
aab233cc3772e54f5dfc66356403103a47d84d9f0f7034e7fbb2c9ceed6e5e75
af1616f03e1a76410339d17afa4d0089529489a909ceddd37f4731ef5347d7ba
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14aaa0cc98596c6b62f6e1be95c8b41f722d66a9a8eb4e2e10cf0eecb862766
b19b4686e33b355a3ae3b97fff7d7f349e922ee1f28816899f69b9d55578ba89
b1f161759ee7e4cbf96a778543d7dd0bbfff7714f6ce413e60b18d16bc407181
b20bc5329149e6637212eaf6266a9c94caf7656ba8cb4c95578fa6b11b43f9ad
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757
b428e9530ad078976c75304caeb75aeadadb4e21a0dddfca40689fd5e2e38382
b5f40e82dfbc8bfe6af96a333e046cfb5f8ba76d2b063710b53a1d091efe1c30
b6487030482a22af463d7ead397df639e9a4adee52a8671a6b2ca9416398875a
b665e5be543fddecc7656aa3ad9d413555226c9bb83756abbc4f73d2569eb956
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b72b152262183a46bdf29f00817d35dd88fef330c888814bcffed7ccde27b1b6
b74c866527da6378db65dcb32dd57c5c5cf9fbf8e9875de8a258aa84c218a2f9
b76e63b9195ee247c97ed104aa7dd4e83a8afafc2dddf252e8bc91b5cbaa5f21
b789af77407dfb04fde7284c83ec497e103143c17e861ff09d810463d30d7dda
b89cb45bf7db7e853ada26a94b1d10bacf0db8d4fbaaf2ad1e6c5f10ee225466
b924c0f3cca5409ff9a2c9641e5610cee45e81ae4d315dc6bfa594dd0d5ca663
b9b14e67d6abdf2b3978726bbced8dc6504afff35bc37a9c1f4663e717097403
b9c77b52464985c96557e8d7c3030b01e75ca95174764105a9251401f74e08d6
ba649491cb85513b1174a8900ea9b065eff06af7ccfa6ea0aca182ced503ad7d
bb10b5a2cb6055872cb8130282367a591dd1dc5ed296d69398582d6034870a95
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8
bc187ff58c2db6d1da1c1d9f539a9e83500aba09af5b784ce33d08a43fc52147
be0c4f4a45da32a72b5a1497fdd99289390c11ae901d825768544a575bcc3b81
be1d882665dbe8315c44ea23b1ef040acee463dbc2df107f77909afa4ec72142
be31990c11dfd4ab4f14544d71ba2443bf2ee0149f3493c995261dcfd6802d35
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
bf425165b6951afcf5f4b417135f6ec8bc2f19b4a615523f556c07810d7da77b
bf5987ccde0ba234cfbce4da9283d2b94372a2e1cc2d8dbb72405da644298680
bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c257238860257a413e21387c206c3f9875c8d5cb02323cc076d57825a5a1aeed
c277fc413821b7ad289719a7b94ad1c7b3026c95f3a24b2a805cf759c69fe6ec
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c47b5a01db671339098d535f5e4ba9b1aea4e8f6a587115f3c5fb1c5f536c026
c5358760da2cf42ae62c22a703d2f7d019a5ec91b95942aa75a960dabee6d9d1
c7df1c0cea976db6673466cea716d877c872a26baa32b9d3803f2368ab4d40d5
c8e197368871cd4061fa33bf5b1aef8a02b73575144963e6e930d35b7186190d
c9b3df2175f6b51e8c7ca74de67d096dad198f28de115078f9332fa3fb379ab5
c9eb978002bae2394b1dc55bd5d7c008fe063b54a2fef9d464fc2ab09c87c02c
caf76903fe30709f8e4c8f5946ab96c863bcefc4da8ab64dea54c883ea1d3e84
cc47a405898fe824aca19264cd21ffffd9238bf9b9c1de712f35758025c826f0
cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
ce658fec86c1f9a68dfdfcd3a26f13e51f5e6002c96fbfe1010b72810aa6bea8
cfe833003517ee3a70850150b7b3f9d7d21c4b5720c1f5e646690a7c964da4b9
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
d0d5fdba2d7a0ee4d7830489b4aa75ef643de12761a646b048f7cb1fb358db69
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d124bd043766509cef9f2a01ea70c2aba566ff4774dc18ef519ce4223e705ee3
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d31f6098b638965bc04f8c34cebfb88d8accd958e74ced030a3ecb68e0c5b82b
d35be51918e9d559881a704e6bcf60f95f14f5fbfb826b2be9216e754d23b832
d4172543fee747f16fc31ca9f7e2506a4e561fc2d6a0260e1564da4245207759
dbcc509a0c32d41e1827b8accd1ea8df3e53f7a3068ae8900271769805c6c688
dbcf47c2d346359a718d2cf488a4dca30c53ec9f96002e6e1ecd734e0d3d4cfc
df6d4fc52f8f3af6ef59c215a1165e4667f7daaedf4c5409db56d7c133564446
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e1f78818020ea1a0cb385514ae409a5b0ede82f9881c2354e651889693e40a3c
e2b8ac88e9e144030a94b93e3e215ad4fd6031efa6ac8504375f3021b3ba3b90
e329117bbdc12ee0649ed6654138a9ba8e600eaddf9138752631a50d236d135a
e3a3b86a5fe0df11085b00384737b64ed640b762adaeebcf55bb79bf3d0be2b2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e425bf4d1c295fd075a6ebf444bfaeab7080a8339e4a7e47e62aee628b804481
e48a63110f0df8c1b2cf588844afa848d8ea61738fccd2e2925dc32dfc3f896b
e4bea54ec45f1938d4686e74e804a2b19adc7b220d4712331d01dc7ba5c27350
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
e576a60d6fd181f2b0ab7a07c0fc8d2f31ee43fad9cc4678ee3ea5117e719bb6
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e626286c5e914523ae2f9ca2d5a015f33783fd2a9243cc94feaef6a6d30d1fcd
e734e7fa48fa0f104d9af196b4fcbf0ae9c2c9bc3d22b9be5093e0a0e31d434e
e764af89635e0f26e1f0c02115a879bac9a0cbdc83dad944b84b34ce4e842842
e7a84782fd15bc793210b48cdc7a4b44c79dee0332d237b711c4850e7025b5a5
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e93769d2227f72b6ff0536b3f5ecfe10874f386201eade7c6753fb2ad5cd1041
eac1c452640075d4117728d46684df2cf9e92d0558be5d81bc5b3edb014cf7df
eb5a0c3f279524a8dd12e8abf5c95be423b17940fd33698aebbc5d3f7ac2e8e5
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
edfba6505429028d5a2cfba8da6c7173996f0e0debdd996b02bcbf23016ffa12
ee89a1ed030ed2aba51498702726f0a7251da11229681c4eb6dc84558c39751b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7b7161ce4bc7a075f56c2508f955ab0f5a8d3df483c4adede3465b74f4d8e7
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f061abc2ca47a134567ebd668f9560a40f652168d55db488c28e3109ee2f4ca1
f1c7785fdc4ab8fa954fd4a715d66b9dd51874f282077751a224ce75573db8a8
f2556e71b6d8647337da7d3841b8b6a137eda68e509e8e41c8761474c167404e
f2fdf05f4f671380c5d15f7e093d3695e10a0b4a668a640cecc8174ef3966548
f4e16c137bfcf443839c20e1038b9ee2dec570f047ae3b1c8f9378e9176750dd
f4e321b188b9070939392700406a44cea39450b56a921c408fc71010652899af
f6b9d81e54a20796a7441b1eed0741d5f9c4c338761556981da51f5c02a4f191
f7968fcb271b6ab80dcbd0ab70188c3bd5940168a622da5fa9cb8a9464d1c87c
f8c9d6fad56b5dd992e450f958e6466d452bde7b6fe58cd21aa83c65c49e52ee
fa27c226f5eceab25cfffdf9a508044be7c9cbc7df91a3beea7d2dd9bb53140a
fb6cef3eb76ec26c8bb8cb59e1ccf16d2facd9a1c387978948ce98664d2ca71f
fc64ed146d4fd9d6acb7632e950a7cf296a9d108e601c4a5418dc60e1e6e18f1
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
ffe4a5420562d83b96d0098fdfc95c5e4d31f9bd74cbd3415a39bf78da65d3d3